A voir également:
- Dossier catch me sur sur bureau insupprimable
- Dossier appdata - Guide
- Mettre un mot de e sur un dossier - Guide
- Bureau virtuel windows 10 - Guide
- Mettre icone sur bureau - Guide
- Impossible de supprimer un dossier - Guide
6 réponses
Bonjour,
Alors tu as deux antivirus qui tournent sur ton PC :
Si tu n'as pas acheté Norton supprime le stp en utilisant ce lien : http://service1.symantec.com//INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
Sinon supprime Antivir.
Ensuite,
> Bon il te faut un pare feu :
- Je te conseille Kerio : http://commentcamarche.telechargertorrent.org/telecharger/telecharger 206 kerio . Si problème, tuto : https://kerio.probb.fr/
- Si tu as des difficultés avec les configuration de Kerio, alors installe Zone Alarme : /telecharger/telecharger-157-zonealarm, en cas de problème : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/zonealarm-tutorial-sujet_169658_1.htm
- Installe le nouveau pare-feu, puis désactive le pare-feu windows.
Après,
> Télécharge, puis installe MSNFix (de !aur3n7) : http://sosvirus.changelog.fr/MSNFix.zip , tuto de Malekal : https://commentcamarche.telechargertorrent.org/supprimer-virus-desinfecter-pc/ (si tu as besion).
- Décompresse donc le dossier zip MSNFix et lance le fichier "MSNFix.bat". Une fenêtre bleue doit apparaitre.
- Mets l'interface en français en appuyant sur la touche F puis sur Entrée.
- Lance la recherche de virus en appuyant sur la touche R puis sur Entrée.
Si un virus est détecté, il te sera alors demandé de nettoyer l'ordinateur.
Un message d'erreur concernant la suppression impossible d'un fichier sera résolu par un redémarrage.
Après le nettoyage, la barre "Démarrer" s'efface puis réapparait, cela fait partie de la procédure de nettoyage.
- Poste le rapport qui s'ouvre en fin de nettoyage sur le forum stp.
Si ta barre "Démarrer" ne s'affiche toujours pas, il suffit de faire :
Ctrl + Alt + Suppr (sous Windows XP), ou Ctrl + Maj + Echap (sous Windows Vista) pour ouvrir le Gestionnaire de tâches Windows.
- Fais ensuite "Fichier", puis "Nouvelle tâche" et entre explorer.exe dans la fenêtre qui apparait et finis par "OK".
- redémarre ton ordinateur pour achever le nettoyage !
Bon courage.
A+
Alors tu as deux antivirus qui tournent sur ton PC :
Si tu n'as pas acheté Norton supprime le stp en utilisant ce lien : http://service1.symantec.com//INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
Sinon supprime Antivir.
Ensuite,
> Bon il te faut un pare feu :
- Je te conseille Kerio : http://commentcamarche.telechargertorrent.org/telecharger/telecharger 206 kerio . Si problème, tuto : https://kerio.probb.fr/
- Si tu as des difficultés avec les configuration de Kerio, alors installe Zone Alarme : /telecharger/telecharger-157-zonealarm, en cas de problème : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/zonealarm-tutorial-sujet_169658_1.htm
- Installe le nouveau pare-feu, puis désactive le pare-feu windows.
Après,
> Télécharge, puis installe MSNFix (de !aur3n7) : http://sosvirus.changelog.fr/MSNFix.zip , tuto de Malekal : https://commentcamarche.telechargertorrent.org/supprimer-virus-desinfecter-pc/ (si tu as besion).
- Décompresse donc le dossier zip MSNFix et lance le fichier "MSNFix.bat". Une fenêtre bleue doit apparaitre.
- Mets l'interface en français en appuyant sur la touche F puis sur Entrée.
- Lance la recherche de virus en appuyant sur la touche R puis sur Entrée.
Si un virus est détecté, il te sera alors demandé de nettoyer l'ordinateur.
Un message d'erreur concernant la suppression impossible d'un fichier sera résolu par un redémarrage.
Après le nettoyage, la barre "Démarrer" s'efface puis réapparait, cela fait partie de la procédure de nettoyage.
- Poste le rapport qui s'ouvre en fin de nettoyage sur le forum stp.
Si ta barre "Démarrer" ne s'affiche toujours pas, il suffit de faire :
Ctrl + Alt + Suppr (sous Windows XP), ou Ctrl + Maj + Echap (sous Windows Vista) pour ouvrir le Gestionnaire de tâches Windows.
- Fais ensuite "Fichier", puis "Nouvelle tâche" et entre explorer.exe dans la fenêtre qui apparait et finis par "OK".
- redémarre ton ordinateur pour achever le nettoyage !
Bon courage.
A+
Bonjour,
Alors,
> Télécharge DSS (Deckard's System Scanner de Deckard) sur ton Bureau : http://www.techforum.com/sectools/Deckard/dss.exe
- Choisis <enregistrer> et <Bureau> pour l'emplacement.
- Ferme toutes les applications en cours (même internet). C'est important car sinon le PC peut planter.
- Double-clique sur dss.exe pour lancer l'outil.
- S'il ne trouve pas HijackThis, clique sur Oui.
- Clique sur OK à chaque fois que cela te sera demandé.
- Une fois l'analyse finie un rapport s'affichera. Poste son contenu dans ta réponse.
NB : Le rapport se trouve aussi ici : C:\Deckard\System Scanner\main.txt
Bon courage,
A+
Alors,
> Télécharge DSS (Deckard's System Scanner de Deckard) sur ton Bureau : http://www.techforum.com/sectools/Deckard/dss.exe
- Choisis <enregistrer> et <Bureau> pour l'emplacement.
- Ferme toutes les applications en cours (même internet). C'est important car sinon le PC peut planter.
- Double-clique sur dss.exe pour lancer l'outil.
- S'il ne trouve pas HijackThis, clique sur Oui.
- Clique sur OK à chaque fois que cela te sera demandé.
- Une fois l'analyse finie un rapport s'affichera. Poste son contenu dans ta réponse.
NB : Le rapport se trouve aussi ici : C:\Deckard\System Scanner\main.txt
Bon courage,
A+
Coucou,
Merci de la réponse alors je me suis executée et voici les 2 rapports :
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French
U 0: Intel(R) Pentium(R) M processor 1.70GHz
Percentage of Memory in Use: 52%
Physical Memory (total/avail): 1014.42 MiB / 485.11 MiB
Pagefile Memory (total/avail): 2444.68 MiB / 1991.82 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1941.06 MiB
C: is Fixed (NTFS) - 46.58 GiB total, 21.62 GiB free.
D: is Fixed (NTFS) - 46.58 GiB total, 46.53 GiB free.
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - TOSHIBA MK1032GSX - 93.16 GiB - 2 partitions
\PARTITION0 (bootable) - Système de fichiers installable - 46.58 GiB - C:
\PARTITION1 - Étendu avec Inter. 13 étendue - 46.58 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
FW: Norton Internet Worm Protection v2006 (Symantec) [COLOR=RED]Disabled/COLOR
AV: Avira AntiVir PersonalEdition v 7.0.3.143
(Avira GmbH) [COLOR=RED]Disabled/COLOR
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\DOCUME~1\\cricri\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\cricri\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\cricri\\Bureau\\catchme\\services.exe"="C:\\Documents and Settings\\cricri\\Bureau\\catchme\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
-- Environment Variables -------------------------------------------------------
ALLSPROFILE=C:\Documents and Settings\All s
APPDATA=C:\Documents and Settings\cricri\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=CHRISTELLE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\cricri
LOGONSERVER=\\CHRISTELLE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\PC Connectivity Solution\;C:\Program Files\QuickTime\QTSystem\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\DESKJET
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\cricri\LOCALS~1\Temp
TMP=C:\DOCUME~1\cricri\LOCALS~1\Temp
DOMAIN=CHRISTELLE
NAME=cricri
PROFILE=C:\Documents and Settings\cricri
windir=C:\WINDOWS
-- Profiles ---------------------------------------------------------------
cricri [I]()/I
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
a-squared Free 3.0 --> "C:\Program Files\a-squared Free\unins000.exe"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.9 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
Adobe® Photoshop® Album Edition Découverte 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
ALPS Touch Pad Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
Apple Mobile Device --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Assist TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x040c -removeonly
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AVS DVDMenu Editor 1.2.1.19 --> "C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS iDevice Explorer 1.4 --> "C:\Program Files\AVS4YOU\AVSiDeviceExplorer\unins000.exe"
AVS Video Converter 5.6 --> "C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS4YOU Software Navigator 1.2 --> "C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Calculatrice (CalcCF) Standart 1.01 --> "C:\Program Files\CalcCF_Standart\unins000.exe"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Commandes TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL
Corel Paint Shop Pro Photo XI --> MsiExec.exe /X{93A1B09E-BAFA-4628-A5B6-921CB026955A}
Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Debut --> C:\Program Files\NCH Software\Debut\uninst.exe
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
Extension de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Firebird SQL Server - MAGIX Edition (F) --> C:\MAGIX\Common\Database\uninstall.exe
FLV Player 1.3.3 --> "C:\Program Files\FLVPlayer\uninstall.exe"
FLV Player 2.0, build 23 --> C:\Program Files\FLV Player\uninst.exe
Formatage de carte mémoire SD TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\setup.exe"
Gestion d'énergie TOSHIBA --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
Google Earth --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Documents and Settings\cricri\Mes documents\Mes fichiers reçus\HijackThis.exe" /uninstall
Intel(R) Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD for TOSHIBA --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logiciel QuickCam de Logitech --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C191BE7C-8542-4A61-973A-714EF76C5995}\setup.exe" -l0x40c
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Macromedia Flash Player --> MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
MAGIX Audio Cleanic 2007 deluxe (F) --> C:\MAGIX\Audio_Cleanic_2007_deluxe\instslct.exe
MAGIX Music Manager 2006 (F) --> C:\MAGIX\Music_Manager_2006\instslct.exe
MAGIX Photo Manager 2006 (F) --> C:\MAGIX\Photo_Manager_2006\instslct.exe
Manuels TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EB6332B-AF02-457C-A31C-835458C5B48B}\setup.exe" -l0x40c -removeonly
Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Calculatrice Plus --> MsiExec.exe /I{13922F10-BD74-4912-AB11-E34B35062700}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Motorola Driver Installation --> MsiExec.exe /I{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}
Motorola Phone Tools --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x40c -removeonly
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSNFix 1.693 --> "C:\Program Files\MSNFix\unins000.exe"
Navigation par onglets (Windows Live Toolbar) --> MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A}
OpenOffice.org 2.3 --> MsiExec.exe /I{331DFBF7-734D-4545-8A9D-48CB5D73AF07}
Outil de diagnostic PC TOSHIBA --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
PC Connectivity Solution --> MsiExec.exe /I{6094AB91-4CC8-498E-9DFF-134CC0B159DE}
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
Prism Video Converter --> C:\Program Files\NCH Software\Prism\uninst.exe
Programme de gestion Camera de Logitech® --> "C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Quick Help --> C:\Program Files\Bluewin\Quick Help\unQuickHelp.exe
QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
RealPlayer --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
Réducteur de bruit lect. CD/DVD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c
S500/S600 USB Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{514DF7BB-D192-417C-BB60-58BF1FD34253}\Setup.exe" anything
SD Secure Module --> MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shareaza 2.3.1.0 --> "C:\CreativesFiles\Uninstall\unins000.exe"
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Son virtuel TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\setup.exe" /uninstall
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SRS Audio Sandbox --> MsiExec.exe /I{4877CCD5-6B0B-4B3A-8EF1-911D946B8B94}
Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E18E644D-4FC1-4E7F-87B7-A0288A14A322} /l1036
TOSHIBA Accessibility --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3A57482F-BEBC-47E4-ADA1-6302403C7E50} /l1036
TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL
TOSHIBA Hardware Setup --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1036
TOSHIBA Mot de e responsable --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1036
TOSHIBA Software Modem --> Tosmreg -U
Touch and Launch --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\setup.exe"
Utilitaire de zoom TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe" -l0x40c
Utilitaire Hotkey TOSHIBA --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7900D3A6-A9E8-4954-ACCB-AB15867978BF} /l1036
Utilitaire TouchPad ON/OFF --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{80977342-27E8-4FF7-8B6A-D8D89461DA7F} /l1036
Version 2 --> "C:\Program Files\deo\unins000.exe"
VideoEgg Publisher --> C:\Documents and Settings\cricri\Application Data\VideoEgg\Uninstall.exe
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
VSTax 2006 --> "C:\Program Files\VSTax 2006\Uninstall_VSTax 2006\Deinstallation_VSTax 2006.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
XnView 1.93.4 --> "C:\Program Files\XnView\unins000.exe"
YouTUBE (TM) movie er --> MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}
Zattoo 3.0.5 beta --> C:\Program Files\Zattoo\uninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type2750 / Warning
Event Submitted/Written: 04/10/2008 10:05:28 AM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\Documents and Settings\cricri\Bureau\catchme\services.exe
Event Record #/Type2744 / Error
Event Submitted/Written: 04/10/2008 10:03:16 AM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante , version 0.0.0.0, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000.
Traitement de l'événement propre au pour [!ws!]
Event Record #/Type2743 / Warning
Event Submitted/Written: 04/10/2008 10:03:15 AM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\Documents and Settings\cricri\Bureau\catchme\services.exe
Event Record #/Type2729 / Warning
Event Submitted/Written: 04/10/2008 09:40:53 AM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\Documents and Settings\cricri\Bureau\catchme\services.exe
Event Record #/Type2728 / Warning
Event Submitted/Written: 04/10/2008 09:40:47 AM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\Documents and Settings\cricri\Bureau\catchme\services.exe
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type4940 / Error
Event Submitted/Written: 04/10/2008 05:39:39 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Délai (30000 millisecondes) d'attente pour une réponse du service stisvc à une transaction.
Event Record #/Type4845 / Warning
Event Submitted/Written: 04/09/2008 09:42:00 PM
Event ID/Source: 36 / W32Time
Event Description:
Le service de temps n'a pas pu synchroniser l'heure système de 49152
secondes car aucun fournisseur de temps n'a pu fournir de datage
utilisable. L'horloge système n'est pas synchronisée.
Event Record #/Type4715 / Warning
Event Submitted/Written: 04/08/2008 09:07:38 PM
Event ID/Source: 36 / W32Time
Event Description:
Le service de temps n'a pas pu synchroniser l'heure système de 49152
secondes car aucun fournisseur de temps n'a pu fournir de datage
utilisable. L'horloge système n'est pas synchronisée.
Event Record #/Type4714 / Warning
Event Submitted/Written: 04/08/2008 08:33:46 PM
Event ID/Source: 4226 / Tip
Event Description:
T/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion T simultanées.
Event Record #/Type4681 / Warning
Event Submitted/Written: 04/08/2008 07:22:49 AM
Event ID/Source: 4226 / Tip
Event Description:
T/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion T simultanées.
-- End of Deckard's System Scanner: finished at 2008-04-10 17:41:14 ------------
Et voici le deuxième:
Deckard's System Scanner v20071014.68
Run by cricri on 2008-04-10 17:38:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
65: 2008-04-10 15:39:05 UTC - RP65 - Deckard's System Scanner Restore Point
64: 2008-04-09 06:00:25 UTC - RP64 - Software Distribution Service 3.0
63: 2008-04-09 05:00:51 UTC - RP63 - Software Distribution Service 3.0
62: 2008-04-04 06:00:20 UTC - RP62 - Software Distribution Service 3.0
61: 2008-04-03 12:25:02 UTC - RP61 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-03-20 10:47:17 UTC - RP1 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as cricri.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:39:55, on 10.04.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device \bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\cricri\Bureau\dss.exe
C:\DOCUME~1\cricri\MESDOC~1\MESFIC~1\cricri.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: Init=C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLive.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Photo er] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Flash Media] C:\Documents and Settings\cricri\Bureau\catchme\services.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'Default ')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Quick Help.lnk = C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/229?185c63c6c6294bed8cab32e35a2e96f4
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/230?185c63c6c6294bed8cab32e35a2e96f4
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.01net.com/telecharger/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://.microsoft.com//E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device \bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Merci de la réponse alors je me suis executée et voici les 2 rapports :
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French
U 0: Intel(R) Pentium(R) M processor 1.70GHz
Percentage of Memory in Use: 52%
Physical Memory (total/avail): 1014.42 MiB / 485.11 MiB
Pagefile Memory (total/avail): 2444.68 MiB / 1991.82 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1941.06 MiB
C: is Fixed (NTFS) - 46.58 GiB total, 21.62 GiB free.
D: is Fixed (NTFS) - 46.58 GiB total, 46.53 GiB free.
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - TOSHIBA MK1032GSX - 93.16 GiB - 2 partitions
\PARTITION0 (bootable) - Système de fichiers installable - 46.58 GiB - C:
\PARTITION1 - Étendu avec Inter. 13 étendue - 46.58 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
FW: Norton Internet Worm Protection v2006 (Symantec) [COLOR=RED]Disabled/COLOR
AV: Avira AntiVir PersonalEdition v 7.0.3.143
(Avira GmbH) [COLOR=RED]Disabled/COLOR
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\DOCUME~1\\cricri\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\cricri\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\cricri\\Bureau\\catchme\\services.exe"="C:\\Documents and Settings\\cricri\\Bureau\\catchme\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
-- Environment Variables -------------------------------------------------------
ALLSPROFILE=C:\Documents and Settings\All s
APPDATA=C:\Documents and Settings\cricri\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=CHRISTELLE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\cricri
LOGONSERVER=\\CHRISTELLE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\PC Connectivity Solution\;C:\Program Files\QuickTime\QTSystem\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\DESKJET
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\cricri\LOCALS~1\Temp
TMP=C:\DOCUME~1\cricri\LOCALS~1\Temp
DOMAIN=CHRISTELLE
NAME=cricri
PROFILE=C:\Documents and Settings\cricri
windir=C:\WINDOWS
-- Profiles ---------------------------------------------------------------
cricri [I]()/I
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
a-squared Free 3.0 --> "C:\Program Files\a-squared Free\unins000.exe"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.9 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
Adobe® Photoshop® Album Edition Découverte 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
ALPS Touch Pad Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
Apple Mobile Device --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Assist TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x040c -removeonly
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AVS DVDMenu Editor 1.2.1.19 --> "C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS iDevice Explorer 1.4 --> "C:\Program Files\AVS4YOU\AVSiDeviceExplorer\unins000.exe"
AVS Video Converter 5.6 --> "C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS4YOU Software Navigator 1.2 --> "C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Calculatrice (CalcCF) Standart 1.01 --> "C:\Program Files\CalcCF_Standart\unins000.exe"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Commandes TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL
Corel Paint Shop Pro Photo XI --> MsiExec.exe /X{93A1B09E-BAFA-4628-A5B6-921CB026955A}
Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Debut --> C:\Program Files\NCH Software\Debut\uninst.exe
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
Extension de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Firebird SQL Server - MAGIX Edition (F) --> C:\MAGIX\Common\Database\uninstall.exe
FLV Player 1.3.3 --> "C:\Program Files\FLVPlayer\uninstall.exe"
FLV Player 2.0, build 23 --> C:\Program Files\FLV Player\uninst.exe
Formatage de carte mémoire SD TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\setup.exe"
Gestion d'énergie TOSHIBA --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
Google Earth --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Documents and Settings\cricri\Mes documents\Mes fichiers reçus\HijackThis.exe" /uninstall
Intel(R) Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD for TOSHIBA --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logiciel QuickCam de Logitech --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C191BE7C-8542-4A61-973A-714EF76C5995}\setup.exe" -l0x40c
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Macromedia Flash Player --> MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
MAGIX Audio Cleanic 2007 deluxe (F) --> C:\MAGIX\Audio_Cleanic_2007_deluxe\instslct.exe
MAGIX Music Manager 2006 (F) --> C:\MAGIX\Music_Manager_2006\instslct.exe
MAGIX Photo Manager 2006 (F) --> C:\MAGIX\Photo_Manager_2006\instslct.exe
Manuels TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EB6332B-AF02-457C-A31C-835458C5B48B}\setup.exe" -l0x40c -removeonly
Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Calculatrice Plus --> MsiExec.exe /I{13922F10-BD74-4912-AB11-E34B35062700}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Motorola Driver Installation --> MsiExec.exe /I{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}
Motorola Phone Tools --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x40c -removeonly
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSNFix 1.693 --> "C:\Program Files\MSNFix\unins000.exe"
Navigation par onglets (Windows Live Toolbar) --> MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A}
OpenOffice.org 2.3 --> MsiExec.exe /I{331DFBF7-734D-4545-8A9D-48CB5D73AF07}
Outil de diagnostic PC TOSHIBA --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
PC Connectivity Solution --> MsiExec.exe /I{6094AB91-4CC8-498E-9DFF-134CC0B159DE}
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
Prism Video Converter --> C:\Program Files\NCH Software\Prism\uninst.exe
Programme de gestion Camera de Logitech® --> "C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Quick Help --> C:\Program Files\Bluewin\Quick Help\unQuickHelp.exe
QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
RealPlayer --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
Réducteur de bruit lect. CD/DVD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c
S500/S600 USB Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{514DF7BB-D192-417C-BB60-58BF1FD34253}\Setup.exe" anything
SD Secure Module --> MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shareaza 2.3.1.0 --> "C:\CreativesFiles\Uninstall\unins000.exe"
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Son virtuel TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\setup.exe" /uninstall
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SRS Audio Sandbox --> MsiExec.exe /I{4877CCD5-6B0B-4B3A-8EF1-911D946B8B94}
Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E18E644D-4FC1-4E7F-87B7-A0288A14A322} /l1036
TOSHIBA Accessibility --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3A57482F-BEBC-47E4-ADA1-6302403C7E50} /l1036
TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL
TOSHIBA Hardware Setup --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1036
TOSHIBA Mot de e responsable --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1036
TOSHIBA Software Modem --> Tosmreg -U
Touch and Launch --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\setup.exe"
Utilitaire de zoom TOSHIBA --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe" -l0x40c
Utilitaire Hotkey TOSHIBA --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7900D3A6-A9E8-4954-ACCB-AB15867978BF} /l1036
Utilitaire TouchPad ON/OFF --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{80977342-27E8-4FF7-8B6A-D8D89461DA7F} /l1036
Version 2 --> "C:\Program Files\deo\unins000.exe"
VideoEgg Publisher --> C:\Documents and Settings\cricri\Application Data\VideoEgg\Uninstall.exe
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
VSTax 2006 --> "C:\Program Files\VSTax 2006\Uninstall_VSTax 2006\Deinstallation_VSTax 2006.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
XnView 1.93.4 --> "C:\Program Files\XnView\unins000.exe"
YouTUBE (TM) movie er --> MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}
Zattoo 3.0.5 beta --> C:\Program Files\Zattoo\uninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type2750 / Warning
Event Submitted/Written: 04/10/2008 10:05:28 AM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\Documents and Settings\cricri\Bureau\catchme\services.exe
Event Record #/Type2744 / Error
Event Submitted/Written: 04/10/2008 10:03:16 AM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante , version 0.0.0.0, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000.
Traitement de l'événement propre au pour [!ws!]
Event Record #/Type2743 / Warning
Event Submitted/Written: 04/10/2008 10:03:15 AM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\Documents and Settings\cricri\Bureau\catchme\services.exe
Event Record #/Type2729 / Warning
Event Submitted/Written: 04/10/2008 09:40:53 AM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\Documents and Settings\cricri\Bureau\catchme\services.exe
Event Record #/Type2728 / Warning
Event Submitted/Written: 04/10/2008 09:40:47 AM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\Documents and Settings\cricri\Bureau\catchme\services.exe
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type4940 / Error
Event Submitted/Written: 04/10/2008 05:39:39 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Délai (30000 millisecondes) d'attente pour une réponse du service stisvc à une transaction.
Event Record #/Type4845 / Warning
Event Submitted/Written: 04/09/2008 09:42:00 PM
Event ID/Source: 36 / W32Time
Event Description:
Le service de temps n'a pas pu synchroniser l'heure système de 49152
secondes car aucun fournisseur de temps n'a pu fournir de datage
utilisable. L'horloge système n'est pas synchronisée.
Event Record #/Type4715 / Warning
Event Submitted/Written: 04/08/2008 09:07:38 PM
Event ID/Source: 36 / W32Time
Event Description:
Le service de temps n'a pas pu synchroniser l'heure système de 49152
secondes car aucun fournisseur de temps n'a pu fournir de datage
utilisable. L'horloge système n'est pas synchronisée.
Event Record #/Type4714 / Warning
Event Submitted/Written: 04/08/2008 08:33:46 PM
Event ID/Source: 4226 / Tip
Event Description:
T/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion T simultanées.
Event Record #/Type4681 / Warning
Event Submitted/Written: 04/08/2008 07:22:49 AM
Event ID/Source: 4226 / Tip
Event Description:
T/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion T simultanées.
-- End of Deckard's System Scanner: finished at 2008-04-10 17:41:14 ------------
Et voici le deuxième:
Deckard's System Scanner v20071014.68
Run by cricri on 2008-04-10 17:38:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
65: 2008-04-10 15:39:05 UTC - RP65 - Deckard's System Scanner Restore Point
64: 2008-04-09 06:00:25 UTC - RP64 - Software Distribution Service 3.0
63: 2008-04-09 05:00:51 UTC - RP63 - Software Distribution Service 3.0
62: 2008-04-04 06:00:20 UTC - RP62 - Software Distribution Service 3.0
61: 2008-04-03 12:25:02 UTC - RP61 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-03-20 10:47:17 UTC - RP1 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as cricri.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:39:55, on 10.04.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device \bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\cricri\Bureau\dss.exe
C:\DOCUME~1\cricri\MESDOC~1\MESFIC~1\cricri.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: Init=C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLive.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Photo er] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Flash Media] C:\Documents and Settings\cricri\Bureau\catchme\services.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'Default ')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Quick Help.lnk = C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/229?185c63c6c6294bed8cab32e35a2e96f4
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/230?185c63c6c6294bed8cab32e35a2e96f4
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.01net.com/telecharger/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://.microsoft.com//E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device \bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [06.09.2003 19:16]
"AGRSMMSG"="AGRSMMSG.exe" [22.12.2004 10:10 C:\WINDOWS\agrsmmsg.exe]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [24.03.2004 07:40]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [06.09.2005 14:04]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [25.08.2005 19:11]
"HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [01.05.2004 13:45]
"SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [01.05.2004 13:45]
"Zooming"="ZoomingHook.exe" [06.06.2005 09:58 C:\WINDOWS\system32\ZoomingHook.exe]
"TCtryIOHook"="TCtrlIOHook.exe" [22.08.2005 16:49 C:\WINDOWS\system32\TCtrlIOHook.exe]
"TPSMain"="TPSMain.exe" [12.08.2005 11:14 C:\WINDOWS\system32\TPSMain.exe]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [17.05.2005 09:24]
"TFncKy"="TFncKy.exe" []
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [30.08.2005 12:31]
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [05.04.2005 16:25]
"NDSTray.exe"="NDSTray.exe" []
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [31.05.2005 05:33]
"Adobe Photo er"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [07.12.2005 10:26]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [07.12.2005 11:33]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [01.11.2004 17:22]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [15.11.2007 00:43]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [05.08.2004 12:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" []
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"Motive SmartBridge"="C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe" [13.09.2005 10:57]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [19.07.2005 20:09]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [19.07.2005 20:06]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [19.07.2005 20:10]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [09.12.2005 15:32]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11.06.2007 11:25]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [31.03.2008 10:24]
"Flash Media"="C:\Documents and Settings\cricri\Bureau\catchme\services.exe" [27.03.2008 18:53]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [08.04.2008 17:19]
[HKEY_CURRENT_\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [05.08.2004 14:00]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [11.04.2005 16:08]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [01.02.2008 18:22]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18.10.2007 12:34]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [30.10.2007 10:14]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28.01.2008 11:43]
[HKEY_S\.default\software\microsoft\windows\currentversion\run]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
C:\Documents and Settings\cricri\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [17.08.2007 22:57:56]
C:\Documents and Settings\All s\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23.09.2005 23:05:26]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [30.10.2007 10:14:55]
Quick Help.lnk - C:\Program Files\Bluewin\Quick Help\bin\matcli.exe [18.03.2008 13:34:01]
[HKEY_CURRENT_\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"init"="C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli scecli scecli scecli
-- End of Deckard's System Scanner: finished at 2008-04-10 17:41:14 ------------
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [06.09.2003 19:16]
"AGRSMMSG"="AGRSMMSG.exe" [22.12.2004 10:10 C:\WINDOWS\agrsmmsg.exe]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [24.03.2004 07:40]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [06.09.2005 14:04]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [25.08.2005 19:11]
"HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [01.05.2004 13:45]
"SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [01.05.2004 13:45]
"Zooming"="ZoomingHook.exe" [06.06.2005 09:58 C:\WINDOWS\system32\ZoomingHook.exe]
"TCtryIOHook"="TCtrlIOHook.exe" [22.08.2005 16:49 C:\WINDOWS\system32\TCtrlIOHook.exe]
"TPSMain"="TPSMain.exe" [12.08.2005 11:14 C:\WINDOWS\system32\TPSMain.exe]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [17.05.2005 09:24]
"TFncKy"="TFncKy.exe" []
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [30.08.2005 12:31]
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [05.04.2005 16:25]
"NDSTray.exe"="NDSTray.exe" []
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [31.05.2005 05:33]
"Adobe Photo er"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [07.12.2005 10:26]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [07.12.2005 11:33]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [01.11.2004 17:22]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [15.11.2007 00:43]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [05.08.2004 12:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" []
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"Motive SmartBridge"="C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe" [13.09.2005 10:57]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [19.07.2005 20:09]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [19.07.2005 20:06]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [19.07.2005 20:10]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [09.12.2005 15:32]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11.06.2007 11:25]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [31.03.2008 10:24]
"Flash Media"="C:\Documents and Settings\cricri\Bureau\catchme\services.exe" [27.03.2008 18:53]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [08.04.2008 17:19]
[HKEY_CURRENT_\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [05.08.2004 14:00]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [11.04.2005 16:08]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [01.02.2008 18:22]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18.10.2007 12:34]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [30.10.2007 10:14]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28.01.2008 11:43]
[HKEY_S\.default\software\microsoft\windows\currentversion\run]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
C:\Documents and Settings\cricri\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [17.08.2007 22:57:56]
C:\Documents and Settings\All s\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23.09.2005 23:05:26]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [30.10.2007 10:14:55]
Quick Help.lnk - C:\Program Files\Bluewin\Quick Help\bin\matcli.exe [18.03.2008 13:34:01]
[HKEY_CURRENT_\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"init"="C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli scecli scecli scecli
-- End of Deckard's System Scanner: finished at 2008-04-10 17:41:14 ------------
Re,
Ok,
très bien : on continue le nettoyage :
> Les logiciels suivants (MalwareByte's Anti-Malware et Ccleaner) te seront utiles par la suite - ils sont à conserver...
> Télécharge MalwareByte's Anti-Malware :
- Installe le programme puis lance le stp.
NB : S'il te manque COMCTL32.OCX alors télécharge le ici
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour") puis ferme le programme.
NB : Si tu as besoin : Tuto
> Télécharge et installe Ccleaner :
- Fais les mises à jour puis ferme le programme.
Si besoin est tu trouveras des Tutoriaux : ici, ici et là.
> Télécharge Clean (de Malekal Morte) (différent de Ccleaner)
> Télécharge SDFix (de AndyManchesta) sur ton bureau :
- Double clique sur l'archive SDFix qui à été créé sur le Bureau et installe le programme (l'installation va créer un dossier (à la racine du disque dur par défaut) nommé SDFix. Ferme ensuite le programme.
> Commence par faire un copier/coller de ce poste (cette manip.): (conseillé)
Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" => "Programmes" =>"Accessoires" => "Bloc notes"),
puis fait un copier/coller de tout le contenu de la fenêtre de ce poste dans le fichier texte.
Sauvegarde le sur le bureau, tu pourras alors y avoir accès même déconnecté ou en mode sans échec.
> Démarre en mode sans échec : (image). Si problème : tuto ici
> Lance MalwareByte's Anti-Malware,
- Clique sur "Executer un examen complet" puis "Rechercher" et sélectionne tous tes disques durs => le scan débute....patiente...
- A la fin clique sur clique "supprimer" (Si des éléments très difficiles à supprimer, un message te demandera de redémarrer : clique sur "Oui" alors)
- Un rapport va être généré : sauvegarde le et poste le sur forum stp.
> Lance Ccleaner,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
> Pour Clean (encore en mode sans échec) :
- Double-clic sur clean.cmd
- Une fenêtre va apparaître, choisis l'option 2, suis les consignes et poste le rapport clean (Le rapport clean se trouve ici : C:\rapport_clean.txt)
NB : Si besoin : Tuto
> Pour SDFix (toujours en mode sans échec) :
- Vas dans c:/SDFix et double-clique sur RunThis.bat
- Appuie sur < Y > puis < Entrée >....Le nettoyage commence....patience...
- Le programme va te demander de relancer le PC, frappe une touche...
- Le nettoyage se termine...un rapport apparait...
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse
> Relance ton PC en mode normal
> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,
Et envoie moi, par collier/coller, ton log Hijackthis stp,
Bon courage,
Après on termine.
:)
NB : N'oublie pas de poster TOUS les rapports stp ( MalwareByte's Anti-Malware, Clean (différent de Ccleaner), SDFix puis HiJAckT).
A+
Ok,
très bien : on continue le nettoyage :
> Les logiciels suivants (MalwareByte's Anti-Malware et Ccleaner) te seront utiles par la suite - ils sont à conserver...
> Télécharge MalwareByte's Anti-Malware :
- Installe le programme puis lance le stp.
NB : S'il te manque COMCTL32.OCX alors télécharge le ici
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour") puis ferme le programme.
NB : Si tu as besoin : Tuto
> Télécharge et installe Ccleaner :
- Fais les mises à jour puis ferme le programme.
Si besoin est tu trouveras des Tutoriaux : ici, ici et là.
> Télécharge Clean (de Malekal Morte) (différent de Ccleaner)
> Télécharge SDFix (de AndyManchesta) sur ton bureau :
- Double clique sur l'archive SDFix qui à été créé sur le Bureau et installe le programme (l'installation va créer un dossier (à la racine du disque dur par défaut) nommé SDFix. Ferme ensuite le programme.
> Commence par faire un copier/coller de ce poste (cette manip.): (conseillé)
Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" => "Programmes" =>"Accessoires" => "Bloc notes"),
puis fait un copier/coller de tout le contenu de la fenêtre de ce poste dans le fichier texte.
Sauvegarde le sur le bureau, tu pourras alors y avoir accès même déconnecté ou en mode sans échec.
> Démarre en mode sans échec : (image). Si problème : tuto ici
> Lance MalwareByte's Anti-Malware,
- Clique sur "Executer un examen complet" puis "Rechercher" et sélectionne tous tes disques durs => le scan débute....patiente...
- A la fin clique sur clique "supprimer" (Si des éléments très difficiles à supprimer, un message te demandera de redémarrer : clique sur "Oui" alors)
- Un rapport va être généré : sauvegarde le et poste le sur forum stp.
> Lance Ccleaner,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
> Pour Clean (encore en mode sans échec) :
- Double-clic sur clean.cmd
- Une fenêtre va apparaître, choisis l'option 2, suis les consignes et poste le rapport clean (Le rapport clean se trouve ici : C:\rapport_clean.txt)
NB : Si besoin : Tuto
> Pour SDFix (toujours en mode sans échec) :
- Vas dans c:/SDFix et double-clique sur RunThis.bat
- Appuie sur < Y > puis < Entrée >....Le nettoyage commence....patience...
- Le programme va te demander de relancer le PC, frappe une touche...
- Le nettoyage se termine...un rapport apparait...
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse
> Relance ton PC en mode normal
> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,
Et envoie moi, par collier/coller, ton log Hijackthis stp,
Bon courage,
Après on termine.
:)
NB : N'oublie pas de poster TOUS les rapports stp ( MalwareByte's Anti-Malware, Clean (différent de Ccleaner), SDFix puis HiJAckT).
A+
Re,
alors voilà ce que tu m'as demandé en espérant que tout y soit:
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 614
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 105593
Temps écoulé: 2 hour(s), 11 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 30
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 154
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_\Software\VideoEgg (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoEgg.ActiveXLoader (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoEgg.ActiveXLoader.1 (Adware.VideoEgg) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\cricri\Application Data\VideoEgg (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Data (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> No action taken.
Fichier(s) infecté(s):
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_fill.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_high.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_low.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_medium.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_thumbnail.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\_from.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> No action taken.
[b]SDFix: Version 1.169 /b
Run by cricri on 11.04.2008 at 21:02
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\cricri\Bureau\SDFix
[b]Checking Services /b:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files /b:
Trojan Files Found:
C:\Documents and Settings\cricri\real.txt - Deleted
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-11 21:11:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\Documents and Settings\cricri\Bureau\catchme\services.exe [784] 0x8667CDA0
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000ae
"Truccessful"=dword:00000003
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 130
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\DOCUME~1\\cricri\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\cricri\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\cricri\\Bureau\\catchme\\services.exe"="C:\\Documents and Settings\\cricri\\Bureau\\catchme\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files /b:
File Backups: - C:\DOCUME~1\cricri\Bureau\SDFix\backups\backups.zip
[b]Files with Hidden Attributes /b:
Thu 11 Oct 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Tue 8 Apr 2008 168 ..SHR --- "C:\WINDOWS\system32\123DAD79B6.sys"
Tue 8 Apr 2008 3,036 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Thu 3 Apr 2008 0 A.SH. --- "C:\Documents and Settings\All s\DRM\Cache\Indiv01.tmp"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Fichiers communs\Motorola Shared\MotPCSDrivers\difxapi.dll"
[b]Finished!/b
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://commentcamarche.telechargertorrent.org
Script execute en mode sans echec 11.04.2008 a 21:43:31.28
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
*** Suppression des clefs du registre effectuee..
catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-11 22:04:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\Documents and Settings\cricri\Bureau\catchme\services.exe [496] 0x868EF4F0
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000a4
"Truccessful"=dword:00000006
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 130
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:20:26, on 11.04.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device \bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\cricri\Mes documents\Mes fichiers reçus\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: Init=C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLive.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Photo er] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'Default ')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Quick Help.lnk = C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/229?185c63c6c6294bed8cab32e35a2e96f4
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/230?185c63c6c6294bed8cab32e35a2e96f4
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.01net.com/telecharger/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://.microsoft.com//E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device \bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
alors voilà ce que tu m'as demandé en espérant que tout y soit:
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 614
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 105593
Temps écoulé: 2 hour(s), 11 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 30
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 154
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_\Software\VideoEgg (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoEgg.ActiveXLoader (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoEgg.ActiveXLoader.1 (Adware.VideoEgg) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\cricri\Application Data\VideoEgg (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Data (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> No action taken.
Fichier(s) infecté(s):
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_fill.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_high.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_low.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_medium.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ing_thumbnail.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\_from.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> No action taken.
[b]SDFix: Version 1.169 /b
Run by cricri on 11.04.2008 at 21:02
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\cricri\Bureau\SDFix
[b]Checking Services /b:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files /b:
Trojan Files Found:
C:\Documents and Settings\cricri\real.txt - Deleted
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-11 21:11:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\Documents and Settings\cricri\Bureau\catchme\services.exe [784] 0x8667CDA0
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000ae
"Truccessful"=dword:00000003
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 130
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\DOCUME~1\\cricri\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\cricri\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\cricri\\Bureau\\catchme\\services.exe"="C:\\Documents and Settings\\cricri\\Bureau\\catchme\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files /b:
File Backups: - C:\DOCUME~1\cricri\Bureau\SDFix\backups\backups.zip
[b]Files with Hidden Attributes /b:
Thu 11 Oct 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Tue 8 Apr 2008 168 ..SHR --- "C:\WINDOWS\system32\123DAD79B6.sys"
Tue 8 Apr 2008 3,036 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Thu 3 Apr 2008 0 A.SH. --- "C:\Documents and Settings\All s\DRM\Cache\Indiv01.tmp"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Fichiers communs\Motorola Shared\MotPCSDrivers\difxapi.dll"
[b]Finished!/b
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://commentcamarche.telechargertorrent.org
Script execute en mode sans echec 11.04.2008 a 21:43:31.28
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
*** Suppression des clefs du registre effectuee..
catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-11 22:04:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\Documents and Settings\cricri\Bureau\catchme\services.exe [496] 0x868EF4F0
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000a4
"Truccessful"=dword:00000006
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 130
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:20:26, on 11.04.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device \bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\cricri\Mes documents\Mes fichiers reçus\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: Init=C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLive.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Photo er] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\QuickHelpAlert.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE ( 'Default ')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Quick Help.lnk = C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/229?185c63c6c6294bed8cab32e35a2e96f4
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/230?185c63c6c6294bed8cab32e35a2e96f4
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.01net.com/telecharger/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://.microsoft.com//E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device \bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Bonjour cricri,
Pour ces fichier ne t'en charge pas :
- cc_20080411_2050.reg
- cc_20080411_2053.reg
- cc_20080411_2053.reg1.reg
Il s'agit de sauvegarde registres.
Je ne t'ai pas dit mais le fichier catchme et un rapport de fix que tu avais du utiliser avant notre discussion (MSNFix je présume...).
Par contre pour MalwareByte's Anti-Malware, tu n'as pas supprimé les éléments infectés :
Fichier(s) infecté(s):
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> No action taken.
Il faut donc le refaire ! Puis reposte le rapport ensuite stp.
Après,
> Lance Hijackthis :
- Puis sélectionne < Do a system scan only >
- Coche les cases des lignes suivantes :
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: Init=C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} -
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
Ensuite,
- Ferme toutes les autres fenêtres et applications (même internet)
- Clic sur < fixe checked >
> e un coup de Ccleaner en mode sans échec stp
> Relance ton PC en mode normal puis Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,
Et envoie, par collier/coller, ton log Hijackthis stp,
> Rends toi ensuite sur ce site virustotal et fais analyser le fichier suivant stp :
(Si problème : http://pageperso.aol.fr/loraline60/virus_total.htm )
C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
et poste le résultat par copier/coller stp (ou le lien http).
Puis on termine.
A+
Pour ces fichier ne t'en charge pas :
- cc_20080411_2050.reg
- cc_20080411_2053.reg
- cc_20080411_2053.reg1.reg
Il s'agit de sauvegarde registres.
Je ne t'ai pas dit mais le fichier catchme et un rapport de fix que tu avais du utiliser avant notre discussion (MSNFix je présume...).
Par contre pour MalwareByte's Anti-Malware, tu n'as pas supprimé les éléments infectés :
Fichier(s) infecté(s):
C:\Documents and Settings\cricri\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\cricri\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> No action taken.
Il faut donc le refaire ! Puis reposte le rapport ensuite stp.
Après,
> Lance Hijackthis :
- Puis sélectionne < Do a system scan only >
- Coche les cases des lignes suivantes :
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: Init=C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} -
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
Ensuite,
- Ferme toutes les autres fenêtres et applications (même internet)
- Clic sur < fixe checked >
> e un coup de Ccleaner en mode sans échec stp
> Relance ton PC en mode normal puis Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,
Et envoie, par collier/coller, ton log Hijackthis stp,
> Rends toi ensuite sur ce site virustotal et fais analyser le fichier suivant stp :
(Si problème : http://pageperso.aol.fr/loraline60/virus_total.htm )
C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
et poste le résultat par copier/coller stp (ou le lien http).
Puis on termine.
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question Re,
Alors voici:
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 614
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 104152
Temps écoulé: 2 hour(s), 9 minute(s), 42 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089391.dll (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089392.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089393.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089394.old (Adware.VideoEgg) -> No action taken.
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 614
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 104152
Temps écoulé: 2 hour(s), 9 minute(s), 42 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089391.dll (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089392.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089393.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089394.old (Adware.VideoEgg) -> No action taken.
Fichier QuickHelp.exe reçu le 2008.04.12 22:40:19 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/32 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 2.
L'heure estimée de démarrage est entre 42 et 60 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.12.0 2008.04.11 -
AntiVir 7.6.0.85 2008.04.11 -
Authentium 4.93.8 2008.04.11 -
Avast 4.8.1169.0 2008.04.12 -
AVG 7.5.0.516 2008.04.12 -
BitDefender 7.2 2008.04.12 -
CAT-QuickHeal 9.50 2008.04.12 -
ClamAV 0.92.1 2008.04.12 -
DrWeb 4.44.0.09170 2008.04.12 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5692 2008.04.11 -
Ewido 4.0 2008.04.12 -
F-Prot 4.4.2.54 2008.04.12 -
F-Secure 6.70.13260.0 2008.04.11 -
FileAdvisor 1 2008.04.12 -
Fortinet 3.14.0.0 2008.04.12 -
Ikarus T3.1.1.26 2008.04.12 -
Kaspersky 7.0.0.125 2008.04.12 -
McAfee 5272 2008.04.11 -
Microsoft 1.3408 2008.04.12 -
NOD32v2 3021 2008.04.12 -
Norman 5.80.02 2008.04.12 -
Panda 9.0.0.4 2008.04.12 -
Prevx1 V2 2008.04.12 -
Rising 20.39.52.00 2008.04.12 -
Sophos 4.28.0 2008.04.12 -
Sunbelt 3.0.1041.0 2008.04.12 -
Symantec 10 2008.04.12 -
TheHacker 6.2.92.276 2008.04.12 -
VBA32 3.12.6.4 2008.04.06 -
VirusBuster 4.3.26:9 2008.04.12 -
Webwasher-Gateway 6.6.2 2008.04.11 -
Information additionnelle
File size: 2396160 bytes
MD5...: be3307a090ed15cd25652a4f6d8f8c51
SHA1..: 466a6cc045e1217cb6ad49f917bfa7edccf4d439
SHA256: dc6b44c60fe3c251445562c57ca482ace6702859b6b3a2514cc1ac68d56ab983
SHA512: e7207dd37891c324c5a4e32c54dc3d2270d4ff61136a4678a533348988ab2e83
b6c13956a143876224db0afa817899ced5a0e3870392a5a302a2d6bd62628e35
PEiD..: Armadillo v1.71
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x5713a7
timedatestamp.....: 0x42a06549 (Fri Jun 03 14:12:25 2005)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1bfa3c 0x1c0000 6.21 e906d650ee1e844b50ed25ad17a71a4f
.rdata 0x1c1000 0x3c526 0x3d000 4.29 31fea5e32cf0cc146341dc68af1a0f9b
.data 0x1fe000 0x505c5 0x49000 5.09 32e16a33aaa37b9bc3dc0b5c501ac44c
.rsrc 0x24f000 0x185c 0x2000 4.79 0d9f04a8c26fe8aa089394d0790a30ff
( 15 imports )
> ADVAPI32.dll: ControlService, InitializeSecurityDescriptor, RegQueryValueExA, RegCloseKey, RegOpenKeyExA, StartServiceCtrlDispatcherA, ServiceCtrlHandlerA, SetServiceStatus, DeEventSource, ReportEventA, EventSourceA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, DeleteService, QueryServiceStatus, CreateProcessAsA, OpenServiceA, SetSecurityDescriptorDacl, GetNameA, RegQueryValueExW, RegOpenKeyExW, RegEnumKeyExA, RegSetValueExA, RegCreateKeyExA, RegEnumValueA, RegQueryInfoKeyA, LookupSidA, GetTokenInformation, ImpersonateLoggedOn, RevertToSelf
> ole32.dll: CLSIDFromProgID, CoTaskMemFree, StringFromCLSID, ProgIDFromCLSID, CoCreateInstance, CoInitializeEx, CoUninitialize, CoInitializeSecurity
> 32.dll: GetClassNameA, IsIconic, SetActiveWindow, EnumWindows, CreateDialogParamA, DialogBoxParamW, CreateDialogParamW, LoadCursorA, LoenuW, DialogBoxParamA, LoadIconA, IntersectRect, LoenuA, InflateRect, SubtractRect, ValidateRect, ReleaseCapture, GetCapture, UnionRect, CopyRect, SetCapture, PtInRect, IsRectEmpty, GetDC, RedrawWindow, DestroyCursor, SetRectEmpty, ReleaseDC, InvalidateRect, SetFocus, OffsetRect, GetDlgCtrlID, GetClassInfoExA, GetDlgItem, CallWindowProcW, CallWindowProcA, ClassExA, LoadImageA, SetWindowLongW, SetCursor, GetParent, SetWindowTextW, GetClassLongA, GetUpdateRect, BeginPaint, SetWindowTextA, SetWindowPos, KillTimer, EndPaint, SetTimer, PostMessageA, IsWindowVisible, SetClassLongA, GetClientRect, CreateWindowExW, MessageBeep, EndDialog, ShowWindow, GetSystemMetrics, MoveWindow, GetWindowRect, SetDlgItemTextW, SetDlgItemTextA, IsWindowUnicode, PeekMessageA, OpenWindowStationA, MsgWaitForMultipleObjects, CloseWindowStation, OpenDesktopA, SetProcessWindowStation, GetMessageA, TranslateMessage, GetWindowTextA, IsWindow, GetObjectInformationA, DefWindowProcA, CharNextA, CreateWindowExA, MessageBoxA, SendMessageA, FindWindowA, GetDesktopWindow, LoadStringA, GetTopWindow, GetWindow, GetThreadDesktop, GetProcessWindowStation, FindWindowExA, EnumChildWindows, AttachThreadInput, CharUpperBuffA, wsprintfA, GetForegroundWindow, MessageBoxW, GetWindowThreadProcessId, PostQuitMessage, DestroyWindow, ClassA, DispatchMessageA, SetThreadDesktop, CloseDesktop, IsWindowEnabled, WaitForInputIdle, SetForegroundWindow, SetWindowLongA, GetWindowLongA, SendMessageW
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> httpclient52.dll: _getRemoteAddress@Socket@@QAE_AVInetAddr@@XZ, __0ShutdownException@@QAE@KPBD@Z, __1ShutdownException@@UAE@XZ, _vsnexceptionf@@YAPADPADIPBDHK10@Z, _mThrow@@YAXPBDHK0ZZ, _ExceptionsInit@@YAXXZ, _newThread@ThreadEx@@SA_AVTHREAD_HANDLE@@P6AKPAX@Z0@Z, _mThrowSystem@@YAXPBDHK0ZZ, _exceptionType@ShutdownException@@UBEPBDXZ, _addCustomHeader@HttpRequestMgr@@SAXPBD0_N@Z, _removeCustomHeader@HttpRequestMgr@@SAXPBD@Z, _clearCustomHeaders@HttpRequestMgr@@SAXXZ, _areProxySettingsShared@WinInetHttpRequest@@SA_NXZ, __0InetAddr@@QAE@PBDP6AKPAX@Z@Z, _getRemotePort@Socket@@QAEGXZ, _mThrow@@YAXKPBDZZ, _getHostAddress@InetAddr@@QBE_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@XZ, _@ThreadEx@@SAKVTHREAD_HANDLE@@K@Z, _mThrowIO@@YAXKPBDZZ, _exceptionType@SystemException@@UBEPBDXZ, _getLocalAddress@Socket@@QAE_AVInetAddr@@XZ, _getLocalPort@Socket@@QAEGXZ, __1InetAddr@@QAE@XZ, _setHostname@InetAddr@@IAEXPBD@Z, _getHostname@InetAddr@@QBE_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@XZ, _setResolvedHostname@InetAddr@@IAEXPBD@Z, __0IProgressDisplay@@QAE@XZ, __1IProgressDisplay@@UAE@XZ, _showSomeProgress@IProgressDisplay@@UAEXXZ, _mThrowIO@@YAXPBDHK0ZZ, _getResolvedHostname@InetAddr@@QBE_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@XZ, __0Socket@@QAE@XZ, _throwNetworkSocketException@@YAXPBDHK0ZZ, _setRcvTimeout@Socket@@QAEXJ@Z, _setSndTimeout@Socket@@QAEXJ@Z, _setConnectTimeout@Socket@@QAEXJ@Z, __1Socket@@UAE@XZ, __1IOException@@UAE@XZ, __0IOException@@QAE@KPBD@Z, _exceptionType@IOException@@UBEPBDXZ, _close@Socket@@QAEXXZ, _httpRequest@HttpRequestMgr@@SAFPBDAAVIReader@@AAVIWriter@@0PAVIProgressDisplay@@_N@Z, _mThrowNetwork@@YAXPBDHK0ZZ, _httpRequest@HttpRequestMgr@@SAPAVHttpRequest@@XZ, _write@Socket@@QAEXPBDH@Z, _read@Socket@@QAEKPADH@Z, __0NetworkException@@QAE@KPBD@Z, __8InetAddr@@QAE_NABV0@@Z, __1NetworkException@@UAE@XZ, __0NetworkException@@QAE@K@Z, _exceptionType@NetworkException@@UBEPBDXZ, _init@HttpRequestMgr@@SAXXZ, _setCacheResponses@HttpRequestMgr@@SAX_N@Z, __BInetAddr@@QBE_BUin_addr@@XZ, _getNetworkTimeout@@YAJPBD0@Z, _mThrowNetwork@@YAXKPBDZZ, __1SystemException@@UAE@XZ, _GetHostByName@InetAddr@@KAKPAX@Z, __0InetAddr@@QAE@P6AKPAX@Z@Z, __0SystemException@@QAE@KPBDPAUHINSTANCE__@@@Z
> clientutil52.dll: _basename@File@@QBEPAVUnicodeString@@XZ, _getBytes@UnicodeString@@QBEPADXZ, _getThreadName@Thread@@SAPBDXZ, __0AutoLock@@QAE@AAVSimpleMutex@@@Z, __1AutoLock@@QAE@XZ, __3UnicodeString@@SAXPAX@Z, _newThread@Thread@@SA_AVTHREAD_HANDLE@@P6AKPAX@Z0@Z, _getValue@RegKey@@QAEHPAD0H0_N@Z, _setValue@Prefs@@SA_NPBDPAD@Z, _removeKey@Prefs@@SAXPBD@Z, _getKeys@Prefs@@SAPAVStringEnumeration@@PBD_N@Z, _removeKey@Prefs@@SAXPBD0H@Z, _getVendorValue@Prefs@@SA_NPBD0PA_N_N@Z, __4File@@QAEAAV0@ABV0@@Z, __0File@@QAE@ABV0@@Z, _appendFile@File@@QAEAAV1@PBD@Z, __1MotiveException@@UAE@XZ, __2MotiveException@@SAPAXI@Z, __0MotiveException@@QAE@KPBD@Z, __3MotiveException@@SAXPAX@Z, _exceptionType@MotiveException@@UBEPBDXZ, __1File@@QAE@XZ, _remove@File@@QBE_N_N@Z, __0File@@QAE@XZ, __BFile@@QBEPBDXZ, _getVendorValue@Prefs@@SA_NPBD0PAHH@Z, _getVendorValue@Prefs@@SAHPBD0PADH0@Z, _logError@LogManager@@SAXHPBD0ZZ, _@Thread@@SAKVTHREAD_HANDLE@@PAKKPAPAVMotiveException@@@Z, __0SimpleMutex@@QAE@XZ, __1SimpleMutex@@QAE@XZ, _setThreadName@Thread@@SAXPBD@Z, __4THREAD_HANDLE@@QAEAAV0@ABV0@@Z, __1THREAD_HANDLE@@QAE@XZ, _INVALID_THREAD_HANDLE@@3VTHREAD_HANDLE@@A, __0THREAD_HANDLE@@QAE@ABV0@@Z, _isWin9x@Machine@@SA_NXZ, _getDesc@MotiveException@@QBEPBDXZ, _getCode@MotiveException@@QBEKXZ, _log@LogManager@@SAXHPBDZZ, _exec@Runtime@@SAPAVProcess@@PAPAD0_NPBD@Z, _getMotiveRoot@Prefs@@SAXPADH@Z, _expandMacros@File@@SAXPBD0PADHZZ, _exec@Runtime@@SAPAVProcess@@PAPAD0PBD_N2@Z, _isRunning@Process@@QAE_NXZ, _init@UnicodeString@@SAXXZ, _init@Thread@@SAXXZ, _init@Runtime@@SAX_N@Z, _init@Prefs@@SAXPAUHINSTANCE__@@PAPAD@Z, _init@File@@SAXXZ, _setValue@Prefs@@SA_NPBD_N@Z, _getValue@Prefs@@SA_NPBDPA_N_N@Z, _getValue@Prefs@@SAHPBDPADH0@Z, _detach@Thread@@SAXVTHREAD_HANDLE@@@Z, __8THREAD_HANDLE@@QBE_NABQAX@Z, __BTHREAD_HANDLE@@QBEPAXXZ, _getPath@File@@QBEPBVUnicodeString@@XZ, __1UnicodeString@@QAE@XZ, _getLogLevel@Logger@@QAEHXZ, _getLogger@LogManager@@SAPAVLogger@@PBD@Z, _length@File@@QBEJXZ, _exists@File@@QBE_NXZ, _copy@File@@QAE_NPBV1@@Z, _move@File@@QAE_NPBV1@@Z, _flush@IniPrefStore@@UAEXXZ, _identity@IniPrefStore@@UAEPBDXZ, _getKeys@IniPrefStore@@UAEPAVStringEnumeration@@PAVPrefKey@@_N@Z, _load@IniPrefStore@@UAEXXZ, _removeSection@IniPrefStore@@UAE_NPAVPrefKey@@@Z, _remove@IniPrefStore@@UAE_NPAVPrefKey@@@Z, _contains@IniPrefStore@@UAEHPAVPrefKey@@@Z, _setValue@IniPrefStore@@UAE_NPAVPrefKey@@PBD@Z, _getValue@IniPrefStore@@UAEHPAVPrefKey@@PADH@Z, __0IniPrefStore@@QAE@PBD@Z, __1IniPrefStore@@UAE@XZ, __1PrefKey@@QAE@XZ, __0PrefKey@@QAE@PBD0_N@Z, _getLogFile@Logger@@QAEPADXZ, _lock@SimpleMutex@@UAEXXZ, _unlock@SimpleMutex@@UAEXXZ, __0File@@QAE@ABV0@PBD@Z, _dirname@File@@QBEPAVUnicodeString@@XZ, __0UnicodeString@@QAE@PBV0@@Z, _getLoggers@LogManager@@SAPAVStringEnumeration@@XZ, freeStrsplit, strsplit, __1ZipFile@@QAE@XZ, _extract@ZipFile@@QAE_NPBDPADPAI@Z, __0ZipFile@@QAE@PAVFile@@@Z, _setVendorValue@Prefs@@SA_NPBD0_N@Z, __0File@@QAE@ABVUnicodeString@@@Z, __0RegKey@@QAE@W4topKey@@PBD@Z, _exists@RegKey@@QAE_NXZ, __1RegKey@@QAE@XZ, _valueExists@RegKey@@QAE_NPAD@Z, __0MotiveException@@QAE@K@Z, _reinit@Prefs@@SAXXZ, _setLogLevel@Logger@@QAEHH@Z, _setValue@Prefs@@SA_NPBDH@Z, _getValue@Prefs@@SA_NPBDPAJJ@Z, _getThreadId@Thread@@SAKXZ, __0THREAD_HANDLE@@QAE@XZ, _sleep@Thread@@SAXK@Z, _getValue@Prefs@@SA_NPBDPAHH@Z, _equals@UnicodeString@@QBE_NPBD@Z, _equalsIgnoreCase@UnicodeString@@QBE_NPBV1@@Z, _list@File@@QAEPAVUnicodeStringEnumeration@@PBVUnicodeString@@@Z, __0ZipFile@@QAE@PBD00_N@Z, _append@File@@QAEAAV1@PBD@Z, _detach@AutoLock@@QAEPAVSimpleMutex@@XZ, _flush@Prefs@@SAXXZ, _log@Logger@@QAAXHPBDZZ, _addValue@RegKey@@QAEXPADW4valType@@0@Z, _getChangeTime@File@@QBEJXZ, _isDirectory@File@@QBE_NXZ, _mkdir@File@@QBE_NXZ, __4File@@QAEAAV0@PBD@Z, _close@IReader@@UAEXXZ, __1IReader@@UAE@XZ, _logv2@Logger@@QAEXHPBD0PAD@Z, _isAbsolute@File@@QBE_NXZ, _getName@File@@QBEPBVUnicodeString@@XZ, _getLogger@LogManager@@SAPAVLogger@@PBD0_N@Z, _logv@Logger@@QAEXHPBDPAD@Z, _init@LogManager@@SAXPBD0@Z, __1ExplicitLoadLib@@UAE@XZ, _isProcess@Runtime@@SA_NPA_NPAXPAPAX@Z, __0ExplicitLoadLib@@QAE@PBD@Z, _getLoadError@ExplicitLoadLib@@UBEPBDXZ, __BExplicitLoadLib@@UBE_NXZ, _LoadSymbol@ExplicitLoadLib@@UBEPAXPBD@Z, _setValue@Prefs@@SA_NPBD0@Z, _FormatError@ExplicitLoadLib@@UBEPADHPADI@Z, _ShellExecuteA@Runtime@@SA_NPAD0@Z, _setLogStdout@Logger@@QAEX_N@Z, _addKey@Prefs@@SAXPBD0@Z, _checkKey@Prefs@@SAHPBD0@Z, _reinit@Prefs@@SAXPADPAPAD@Z, _setMaxBackups@Logger@@QAEXH@Z, _setMaxSize@Logger@@QAEXJ@Z, _waitFor@Process@@QAEH_N@Z, __1Process@@QAE@XZ, __3Process@@SAXPAX@Z, _length@File@@SAJABVUnicodeString@@@Z, _close@ZipFile@@QAEXXZ, _logError@LogManager@@SAXHPBD@Z, _getOSMinorVersion@Machine@@SAXPADH@Z, _getMapInterp@Machine@@SAPBDXZ, _getOSMajorVersion@Machine@@SAXPADH@Z, _append@UnicodeString@@QAEXABV1@@Z, _getOSPatchLevel@Machine@@SAXPADH@Z, _getuId@Machine@@SAXHPADH@Z, _getVendorValue@Prefs@@SA_NPBD0PAJJ@Z, __0File@@QAE@ABV0@ABVUnicodeString@@@Z, _setVendorValue@Prefs@@SA_NPBD0K@Z, _setVendorValue@Prefs@@SA_NPBD00@Z, _getVendorValue@Prefs@@SA_NPBD0PAKK@Z, _removeSection@Prefs@@SAXPBD@Z, __3ZipEntry@@SAXPAX@Z, __2UnicodeString@@SAPAXI@Z, __1ZipEntry@@QAE@XZ, _remove@File@@SA_NABVUnicodeString@@_N@Z, _exists@File@@SA_NABVUnicodeString@@@Z, __0UnicodeString@@QAE@PBD@Z, __0EmptyWriter@@QAE@XZ, _getEntry@ZipFile@@QAEPAVZipEntry@@PAD@Z, _getOffset@ZipEntry@@QBEKXZ, _getOSName@Machine@@SAXPADH@Z, __1EmptyWriter@@UAE@XZ, _rewind@IWriter@@UAEXXZ, __0ZipFile@@QAE@PBD@Z, _getInterp@Machine@@SAPBDXZ, _setVendorValue@Prefs@@SA_NPBD0PAD@Z, _getName@ZipEntry@@QBEPBDXZ, _entries@ZipFile@@QAEPAVZipEntryEnumeration@@XZ, _isDirectory@ZipEntry@@QBE_NXZ, _mkdirs@File@@QBE_NXZ, _extract@ZipFile@@QAE_NPBD0@Z, _getParentFile@File@@QAE_AV1@XZ, _flush@IWriter@@UAEXXZ, __0EmptyReader@@QAE@XZ, __1EmptyReader@@UAE@XZ, __1IWriter@@UAE@XZ, _close@IWriter@@UAEXXZ, __0IWriter@@QAE@XZ, __0File@@QAE@PBD@Z, __0IReader@@QAE@XZ, _getValue@Prefs@@SA_NPBDPAKK@Z, _getVendorKeys@Prefs@@SAPAVStringEnumeration@@PBD0_N@Z, _isService@Runtime@@SA_NPA_NPAXPAPAX@Z, __0THREAD_HANDLE@@QAE@PAX@Z
> asst_ui.dll: _stop@ProgressDialog@@QAEHXZ, _start@ProgressDialog@@QAEHXZ, _setTitle@ProgressDialog@@QAEXPBG@Z, _bump@ProgressDialog@@QAEXH@Z, _wasCancelled@ProgressDialog@@QAE_NXZ, _setCancelEnabled@ProgressDialog@@QAEX_N@Z, _setHeader@ProgressDialog@@QAEXPBD@Z, _setStatus2@ProgressDialog@@QAEXPBG@Z, _setStatus2@ProgressDialog@@QAEXPBD@Z, _setStatus@ProgressDialog@@QAEXPBG@Z, _rectHeight@@YAJABUtagRECT@@@Z, _rectWidth@@YAJABUtagRECT@@@Z, _moveWindow@@YA_NPAUHWND__@@PBUtagRECT@@H@Z, _getRectInClientCoords@@YAXPAUHWND__@@0PAUtagRECT@@@Z, _DrawTransparentBitmap@@YAXPAUHDC__@@PAUHBITMAP__@@1KK@Z, _setPoint@@YAXPAUtagPOINT@@JJ@Z, _copyPoint@@YAXPAUtagPOINT@@PBU1@@Z, _bottomRight@@YA_BUtagPOINT@@ABUtagRECT@@@Z, _topLeft@@YA_BUtagPOINT@@ABUtagRECT@@@Z, _subtractPoint@@YA_AUtagSIZE@@UtagPOINT@@0@Z, _screenToClient@@YAXPAUHWND__@@PAUtagRECT@@@Z, _clientToScreen@@YAXPAUHWND__@@PAUtagRECT@@@Z, _getClientRectInClientCoords@@YAXPAUHWND__@@0PAUtagRECT@@@Z, _setStatus@ProgressDialog@@QAEXPBD@Z, _setTitle@ProgressDialog@@QAEXPBD@Z, _setHeader@ProgressDialog@@QAEXPBG@Z, _setStatus@ProgressDialog@@QAEXH@Z, __0ProgressDialog@@QAE@PAUHWND__@@PBD@Z, _Init@ProgressDialog@@SAXPAUHINSTANCE__@@@Z, __1ProgressDialog@@QAE@XZ
> COMCTL32.dll: _TrackMouseEvent, InitCommonControlsEx
> comdlg32.dll: GetOpenFileNameA, CommDlgExtendedError, GetOpenFileNameW
> KERNEL32.dll: WideCharToMultiByte, InterlockedDecrement, DebugBreak, LoadLibraryA, GetModuleHandleA, ExitThread, CreateThread, SystemTimeToFileTime, GetTimeFormatW, GetTimeFormatA, GetDateFormatW, GetDateFormatA, InterlockedExchange, MapViewOfFile, SetEndOfFile, GetLocaleInfoW, CompareStringW, CompareStringA, GetStringTypeW, GetStringTypeA, IsBadCodePtr, SetEnvironmentVariableA, SetEnvironmentVariableW, GetCurrentDirectoryA, GetFullPathNameA, GetOEM, GetA, LCMapStringW, LCMapStringA, SetFilePointer, SetUnhandledExceptionFilter, GetDefaultLCID, GetFileAttributesA, FileTimeToSystemTime, lstrlenW, OutputDebugStringA, GetLastError, GetModuleFileNameA, Sleep, EnumSystemLocalesA, GetLocaleInfoA, IsValidCodePage, IsValidLocale, GetInfo, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, UnhandledExceptionFilter, SetHandleCount, IsBadWritePtr, VirtualAlloc, VirtualFree, HeapCreate, CreateDirectoryA, GetSystemTimeAsFileTime, HeapSize, GetLocalTime, GetSystemTime, GetTimeZoneInformation, IsBadReadPtr, HeapReAlloc, GetCurrentProcess, RaiseException, ExitProcess, GetVersion, GetCommandLineA, GetStartupInfoA, GetFileType, SetStdHandle, RtlUnwind, HeapAlloc, HeapFree, WriteFile, ReadFile, CreateFileMappingA, CreateEventA, GlobalAddAtomA, UnmapViewOfFile, GlobalDeleteAtom, CreateFileA, FlushFileBuffers, FormatMessageW, FormatMessageA, LocalFree, FileTimeToLocalFileTime, SetConsoleCtrlHandler, GetExitCodeProcess, SetFileAttributesA, DeleteFileA, RemoveDirectoryA, GetTickCount, LoadLibraryExA, GetTempPathA, GetTempFileNameA, TlsSetValue, TlsAlloc, TlsGetValue, FindFirstFileA, FindNextFileA, FindClose, GetDiskFreeSpaceA, GetVolumeInformationA, GetSystemInfo, GlobalMemoryStatus, GetVersionExA, GetEnvironmentVariableA, GetLogicalDriveStringsA, GetDriveTypeA, TerminateProcess, GetSystemDirectoryA, GetWindowsDirectoryA, GetComputerNameA, MultiByteToWideChar, OpenProcess, CreateProcessA, CreateSemaphoreA, CloseHandle, WaitForSingleObject, ReleaseSemaphore, SetLastError, InterlockedIncrement, EnterCriticalSection, LeaveCriticalSection, GetProcAddress, FreeLibrary, InitializeCriticalSection, lstrcatA, lstrlenA, lstryA, DeleteCriticalSection, HeapDestroy, GetCurrentThreadId, AllocConsole, GetStdHandle, GetConsoleScreenBufferInfo, SetConsoleScreenBufferSize, FreeConsole
> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
> GDI32.dll: BitBlt, SelectObject, CreateCompatibleDC, DeleteDC, DPtoLP, CreateSolidBrush, PatBlt, CreatePatternBrush, CreateBitmap, DeleteObject, GetObjectA
> SHELL32.dll: SHGetMalloc, SHBrowseForFolderA, SHGetPathFromIDListA
> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> WININET.dll: InternetAutodial, InternetGetConnectedState
( 271 exports )
__0ASN1_ANY@@QAE@ABU0@@Z, __0ASN1_ANY@@QAE@XZ, __0ASN1_BIT_STRING@@QAE@ABU0@@Z, __0ASN1_BIT_STRING@@QAE@VBstream@@@Z, __0ASN1_BIT_STRING@@QAE@XZ, __0ASN1_BOOLEAN@@QAE@ABU0@@Z, __0ASN1_BOOLEAN@@QAE@H@Z, __0ASN1_BOOLEAN@@QAE@PBD@Z, __0ASN1_BOOLEAN@@QAE@XZ, __0ASN1_INTEGER@@QAE@AAVBigint@@@Z, __0ASN1_INTEGER@@QAE@ABU0@@Z, __0ASN1_INTEGER@@QAE@H@Z, __0ASN1_INTEGER@@QAE@XZ, __0ASN1_OCTET_STRING@@QAE@ABU0@@Z, __0ASN1_OCTET_STRING@@QAE@VBstream@@@Z, __0ASN1_OCTET_STRING@@QAE@XZ, __0ASN1_PRINTABLE_STRING@@QAE@ABU0@@Z, __0ASN1_PRINTABLE_STRING@@QAE@PBD@Z, __0ASN1_PRINTABLE_STRING@@QAE@XZ, __0ASN1_UTF8_STRING@@QAE@ABU0@@Z, __0ASN1_UTF8_STRING@@QAE@PBD@Z, __0ASN1_UTF8_STRING@@QAE@XZ, __0AlgId@@QAE@ABU0@@Z, __0AlgId@@QAE@XZ, __0Bigint@@QAE@ABV0@@Z, __0Bigint@@QAE@F@Z, __0Bigint@@QAE@PBD@Z, __0Bigint@@QAE@PBEH@Z, __0Bigint@@QAE@XZ, __0Bstream@@QAE@ABV0@@Z, __0Bstream@@QAE@ABVString@@@Z, __0Bstream@@QAE@HPBE@Z, __0Bstream@@QAE@PBD@Z, __0Bstream@@QAE@XZ, __0EncryptedDigest@@QAE@ABU0@@Z, __0EncryptedDigest@@QAE@XZ, __0IssuerAndSerialNumber@@QAE@ABU0@@Z, __0IssuerAndSerialNumber@@QAE@VName@@UASN1_INTEGER@@@Z, __0IssuerAndSerialNumber@@QAE@XZ, __0Key@@QAE@ABV0@@Z, __0Key@@QAE@HPAE@Z, __0Key@@QAE@XZ, __0Name@@QAA@HZZ, __0Name@@QAE@ABV0@@Z, __0Name@@QAE@PBD@Z, __0Name@@QAE@XZ, __0ObjId@@QAA@HZZ, __0ObjId@@QAE@ABV0@@Z, __0ObjId@@QAE@XZ, __0PCTime@@QAE@ABUGMtime@@@Z, __0PCTime@@QAE@ABV0@H@Z, __0PCTime@@QAE@HHHHHH@Z, __0PCTime@@QAE@XZ, __1ASN1_ANY@@QAE@XZ, __1ASN1_BIT_STRING@@QAE@XZ, __1ASN1_BOOLEAN@@QAE@XZ, __1ASN1_INTEGER@@QAE@XZ, __1ASN1_OCTET_STRING@@QAE@XZ, __1ASN1_PRINTABLE_STRING@@QAE@XZ, __1ASN1_UTF8_STRING@@QAE@XZ, __1AlgId@@QAE@XZ, __1Bigint@@QAE@XZ, __1Bstream@@QAE@XZ, __1EncryptedDigest@@QAE@XZ, __1IssuerAndSerialNumber@@QAE@XZ, __1Key@@QAE@XZ, __1Name@@QAE@XZ, __1ObjId@@QAE@XZ, __4ASN1_ANY@@QAEAAU0@ABU0@@Z, __4ASN1_BIT_STRING@@QAEAAU0@ABU0@@Z, __4ASN1_BOOLEAN@@QAEAAU0@ABU0@@Z, __4ASN1_INTEGER@@QAEAAU0@ABU0@@Z, __4ASN1_OCTET_STRING@@QAEAAU0@ABU0@@Z, __4ASN1_PRINTABLE_STRING@@QAEAAU0@ABU0@@Z, __4ASN1_UTF8_STRING@@QAEAAU0@ABU0@@Z, __4AlgId@@QAEAAU0@ABU0@@Z, __4Bigint@@QAEAAV0@ABV0@@Z, __4Bstream@@QAEAAV0@ABV0@@Z, __4EncryptedDigest@@QAEAAU0@ABU0@@Z, __4IssuerAndSerialNumber@@QAEAAU0@ABU0@@Z, __4Key@@QAEAAV0@ABV0@@Z, __4Name@@QAEAAV0@ABV0@@Z, __4ObjId@@QAEAAV0@ABV0@@Z, __4PCTime@@QAEAAV0@ABV0@@Z, __5@YAAAVBstream@@AAUASN1_SEQUENCE@@AAUASN1_ANY@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificateInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificateRevocationListInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificationRequestInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UExtendedCertificateInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UExtendedCertificationRequestInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_BIT_STRING@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_BOOLEAN@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_INTEGER@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_OCTET_STRING@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_PRINTABLE_STRING@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_SEQUENCE@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_UTF8_STRING@@@Z, __5@YAAAVBstream@@AAV0@AAUAlgorithmIdentifier@@@Z, __5@YAAAVBstream@@AAV0@AAUAttribute@@@Z, __5@YAAAVBstream@@AAV0@AAUCertificateInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUCertificateRevocationListInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUCertificationRequestInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUContentInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUDigestInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUExtendedCertificateInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUExtendedCertificateOrCertificate@@@Z, __5@YAAAVBstream@@AAV0@AAUExtendedCertificationRequestInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUExtension@@@Z, __5@YAAAVBstream@@AAV0@AAUIssuerAndSerialNumber@@@Z, __5@YAAAVBstream@@AAV0@AAUPrivateKeyInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUPublicKeyInfo@@@Z, __5@YAAAVBstream@@AAV0@AAURSAPrivateKey@@@Z, __5@YAAAVBstream@@AAV0@AAURSAPublicKey@@@Z, __5@YAAAVBstream@@AAV0@AAUSignedData@@@Z, __5@YAAAVBstream@@AAV0@AAUSignerInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUValidity@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@U_$SIGNED@UCertificateRevocationListInfo@@@@V_$allocator@U_$SIGNED@UCertificateRevocationListInfo@@@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@UAlgorithmIdentifier@@V_$allocator@UAlgorithmIdentifier@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@UAttribute@@V_$allocator@UAttribute@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@UExtendedCertificateOrCertificate@@V_$allocator@UExtendedCertificateOrCertificate@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@UExtension@@V_$allocator@UExtension@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@USignerInfo@@V_$allocator@USignerInfo@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAVName@@@Z, __5@YAAAVBstream@@AAV0@AAVObjId@@@Z, __5@YAAAVBstream@@AAV0@AAVPCTime@@@Z, __6@YAAAVBstream@@AAUASN1_SEQUENCE@@ABUASN1_ANY@@@Z, __6@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificateInfo@@@@@Z, __6@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificationRequestInfo@@@@@Z, __6@YAAAVBstream@@AAV0@AAUASN1_PRINTABLE_STRING@@@Z, __6@YAAAVBstream@@AAV0@AAUASN1_SEQUENCE@@@Z, __6@YAAAVBstream@@AAV0@AAUASN1_UTF8_STRING@@@Z, __6@YAAAVBstream@@AAV0@AAUCertificateInfo@@@Z, __6@YAAAVBstream@@AAV0@AAUCertificationRequestInfo@@@Z, __6@YAAAVBstream@@AAV0@AAUExtension@@@Z, __6@YAAAVBstream@@AAV0@AAV_$list@UAttribute@@V_$allocator@UAttribute@@@std@@@std@@@Z, __6@YAAAVBstream@@AAV0@AAV_$list@UExtension@@V_$allocator@UExtension@@@std@@@std@@@Z, __6@YAAAVBstream@@AAV0@ABUASN1_BIT_STRING@@@Z, __6@YAAAVBstream@@AAV0@ABUASN1_BOOLEAN@@@Z, __6@YAAAVBstream@@AAV0@ABUASN1_INTEGER@@@Z, __6@YAAAVBstream@@AAV0@ABUASN1_OCTET_STRING@@@Z, __6@YAAAVBstream@@AAV0@ABUAlgorithmIdentifier@@@Z, __6@YAAAVBstream@@AAV0@ABUAttribute@@@Z, __6@YAAAVBstream@@AAV0@ABUIssuerAndSerialNumber@@@Z, __6@YAAAVBstream@@AAV0@ABUPrivateKeyInfo@@@Z, __6@YAAAVBstream@@AAV0@ABUPublicKeyInfo@@@Z, __6@YAAAVBstream@@AAV0@ABURSAPublicKey@@@Z, __6@YAAAVBstream@@AAV0@ABVObjId@@@Z, __6@YAAAVBstream@@AAV0@ABVPCTime@@@Z, __6@YAAAVBstream@@AAV0@VName@@@Z, __8@YAHABVBigint@@0@Z, __8@YAHABVObjId@@0@Z, __8ASN1_BOOLEAN@@QAE_NABU0@@Z, __8ASN1_INTEGER@@QAE_NABU0@@Z, __9@YAHABVObjId@@0@Z, __BASN1_PRINTABLE_STRING@@QAEPBDXZ, __BASN1_UTF8_STRING@@QAEPBDXZ, __BBstream@@QBEPBDXZ, __H@YA_AVBstream@@ABV0@0@Z, __O@YAHABVBigint@@0@Z, __OASN1_INTEGER@@QAE_NABU0@@Z, __YBstream@@QAEAAV0@ABV0@@Z, ___C@_0BD@NN@RSA__rc_5_$DN_$DN_50_$AA@, ___C@_0BF@MDA@sig_digest_5_$DN_$DN_5digest_$AA@, ___C@_0DF@GBNA@signatureAlgorithm_4algorithm_5_$DN_$DN_5@, ___C@_0P@IPCC@SignerInfo_4p_$AA@, _add_element@Name@@QAEXABUAva@@@Z, _add_element@ObjId@@QAEXABVBigint@@@Z, _asn1_der_decode_T61_string@@YAHAAVBstream@@0@Z, _asn1_der_decode_bit_string@@YAHAAVBstream@@0@Z, _asn1_der_decode_boolean@@YAHAAVBstream@@AAVBigint@@@Z, _asn1_der_decode_integer@@YAHAAVBstream@@AAVBigint@@@Z, _asn1_der_decode_null@@YAHAAVBstream@@@Z, _asn1_der_decode_octet_string@@YAHAAVBstream@@0@Z, _asn1_der_decode_printable_string@@YAHAAVBstream@@0@Z, _asn1_der_decode_sequence@@YAHAAVBstream@@AAH@Z, _asn1_der_decode_sequence_of@@YAHAAVBstream@@AAH@Z, _asn1_der_decode_set@@YAHAAVBstream@@AAH@Z, _asn1_der_decode_set_of@@YAHAAVBstream@@AAH@Z, _asn1_der_decode_utctime@@YAHAAVBstream@@AAVPCTime@@@Z, _asn1_der_decode_utf8_string@@YAHAAVBstream@@0@Z, _asn1_der_encode_T61_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_bit_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_boolean@@YA_AVBstream@@ABVBigint@@@Z, _asn1_der_encode_implicit_tagged@@YA_AVBstream@@ABV1@H@Z, _asn1_der_encode_integer@@YA_AVBstream@@ABVBigint@@@Z, _asn1_der_encode_network_addr@@YA_AVBstream@@K@Z, _asn1_der_encode_null@@YA_AVBstream@@XZ, _asn1_der_encode_octet_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_printable_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_sequence@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_sequence_of@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_set@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_set_of@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_timeticks@@YA_AVBstream@@ABVBigint@@@Z, _asn1_der_encode_utctime@@YA_AVBstream@@ABVPCTime@@@Z, _asn1_der_encode_utf8_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_get_length@@YAHAAVBstream@@@Z, _asn1_der_set_length@@YA_AVBstream@@H@Z, _asn1_perror@@YAXH@Z, _bits@Bigint@@QBEHXZ, _checkValidityPeriod@@YA_NPBDAAU_$SIGNED@UCertificateInfo@@@@@Z, _consume@Bstream@@QAEHH@Z, _decrypt@@YA_AVBstream@@ABUPublicKeyInfo@@ABV1@@Z, _decrypt@@YAXABUPrivateKeyInfo@@ABVbytestream@@AAV2@@Z, _decrypt@@YAXABUPublicKeyInfo@@ABVbytestream@@AAV2@@Z, _decrypt@@YAXABUSymmetricKey@@ABVbytestream@@AAV2@@Z, _decrypt@@YAXABUSymmetricKey@@ABVbytestream@@AAVBstream@@@Z, _encode@Name@@QAE_AVBstream@@XZ, _encode@ObjId@@QBE_AVBstream@@XZ, _encrypt@@YA_AVBstream@@ABUPrivateKeyInfo@@ABV1@@Z, _encrypt@@YAXABUPrivateKeyInfo@@ABVbytestream@@AAV2@@Z, _encrypt@@YAXABUPublicKeyInfo@@ABVbytestream@@AAV2@@Z, _encrypt@@YAXABUSymmetricKey@@ABVBstream@@AAVbytestream@@@Z, _encrypt@@YAXABUSymmetricKey@@ABVbytestream@@AAV2@@Z, _fetchbyte@Bstream@@QAEHAAE@Z, _get@PCTime@@QBE_AUGMtime@@XZ, _getbstr@Bigint@@QBE_AVBstream@@XZ, _getdatap@Bstream@@QBEPAEXZ, _getdecstr@Bstream@@QBE_AVString@@XZ, _gethexstr@Bstream@@QBE_AVString@@XZ, _getlength@Bstream@@QBEHXZ, _getnumstr@Bigint@@QBE_AVString@@XZ, _getnumstrd@Bigint@@QBE_AVString@@XZ, _getstr@Bstream@@QBE_AVString@@XZ, _getstr@PCTime@@QBE_AVString@@XZ, _last@Bstream@@QBEEXZ, _md5_digest@@YA_AVBstream@@AAV1@@Z, _msl_GeneratePKCS1KeyPair@@YAXAAUPublicKeyInfo@@AAUPrivateKeyInfo@@@Z, _msl_GetCertExtnBool@@YA_NAAU_$SIGNED@UCertificateInfo@@@@ABVObjId@@@Z, _msl_GetCertExtnString@@YAPADAAU_$SIGNED@UCertificateInfo@@@@ABVObjId@@@Z, _ntptime@PCTime@@QAEKXZ, _num_to_mask@@YAEH@Z, _peekbyte@Bstream@@QAEHAAE@Z, _print@PCTime@@QBEXXZ, _replace@Bstream@@QBE_AV1@ABV1@0@Z, _sign@_$SIGNED@UCertificateInfo@@@@QAEXABUPrivateKeyInfo@@@Z, _sign@_$SIGNED@UCertificationRequestInfo@@@@QAEXABUPrivateKeyInfo@@@Z, _timenow@@YA_AVPCTime@@XZ, _truncate@Bstream@@QAEHH@Z, _validate@@YAXAAU_$SIGNED@UCertificateInfo@@@@0@Z, _validate@@YAXAAU_$SIGNED@UCertificateInfo@@@@AAUDigestInfo@@AAUSignerInfo@@@Z, _@_$SIGNED@UCertificateInfo@@@@QAEXABUPublicKeyInfo@@@Z, _@_$SIGNED@UCertificationRequestInfo@@@@QAEXABUPublicKeyInfo@@@Z, DecodeBase64, EncodeBase64, RSA_sign, RSA_, ex_assert_failed, msl_DecryptBytes, msl_DecryptData, msl_EncryptBytes, msl_EncryptData, msl_EncryptDataSize, msl_EndDecryption, msl_EndEncryption, msl_GenerateRSAKeyPair, msl_MakeRSAKeyPairFromSeed, msl_RandomIzer, msl_StartDecryption, msl_StartEncryption, msl_freeData, msl_generateKey, msl_getSessionKeyLen, msl_privateDecrypt, msl_privateEncryptBuf, msl_publicDecrypt, msl_publicEncryptBuf, xMD5Final, xMD5Init, xMD5Transform, xMD5Update
Ensuite après le redemmarrage j'ai planté 5x maintenant ça a l'air bon...
Il y avait juste sous hiJackThis un n° que je n'avais pas c le suivant :
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} -
Voilà j'espère que c'est tout bon :)
@ plus
Alors voici:
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 614
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 104152
Temps écoulé: 2 hour(s), 9 minute(s), 42 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089391.dll (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089392.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089393.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089394.old (Adware.VideoEgg) -> No action taken.
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 614
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 104152
Temps écoulé: 2 hour(s), 9 minute(s), 42 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089391.dll (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089392.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089393.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089394.old (Adware.VideoEgg) -> No action taken.
Fichier QuickHelp.exe reçu le 2008.04.12 22:40:19 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/32 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 2.
L'heure estimée de démarrage est entre 42 et 60 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.12.0 2008.04.11 -
AntiVir 7.6.0.85 2008.04.11 -
Authentium 4.93.8 2008.04.11 -
Avast 4.8.1169.0 2008.04.12 -
AVG 7.5.0.516 2008.04.12 -
BitDefender 7.2 2008.04.12 -
CAT-QuickHeal 9.50 2008.04.12 -
ClamAV 0.92.1 2008.04.12 -
DrWeb 4.44.0.09170 2008.04.12 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5692 2008.04.11 -
Ewido 4.0 2008.04.12 -
F-Prot 4.4.2.54 2008.04.12 -
F-Secure 6.70.13260.0 2008.04.11 -
FileAdvisor 1 2008.04.12 -
Fortinet 3.14.0.0 2008.04.12 -
Ikarus T3.1.1.26 2008.04.12 -
Kaspersky 7.0.0.125 2008.04.12 -
McAfee 5272 2008.04.11 -
Microsoft 1.3408 2008.04.12 -
NOD32v2 3021 2008.04.12 -
Norman 5.80.02 2008.04.12 -
Panda 9.0.0.4 2008.04.12 -
Prevx1 V2 2008.04.12 -
Rising 20.39.52.00 2008.04.12 -
Sophos 4.28.0 2008.04.12 -
Sunbelt 3.0.1041.0 2008.04.12 -
Symantec 10 2008.04.12 -
TheHacker 6.2.92.276 2008.04.12 -
VBA32 3.12.6.4 2008.04.06 -
VirusBuster 4.3.26:9 2008.04.12 -
Webwasher-Gateway 6.6.2 2008.04.11 -
Information additionnelle
File size: 2396160 bytes
MD5...: be3307a090ed15cd25652a4f6d8f8c51
SHA1..: 466a6cc045e1217cb6ad49f917bfa7edccf4d439
SHA256: dc6b44c60fe3c251445562c57ca482ace6702859b6b3a2514cc1ac68d56ab983
SHA512: e7207dd37891c324c5a4e32c54dc3d2270d4ff61136a4678a533348988ab2e83
b6c13956a143876224db0afa817899ced5a0e3870392a5a302a2d6bd62628e35
PEiD..: Armadillo v1.71
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x5713a7
timedatestamp.....: 0x42a06549 (Fri Jun 03 14:12:25 2005)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1bfa3c 0x1c0000 6.21 e906d650ee1e844b50ed25ad17a71a4f
.rdata 0x1c1000 0x3c526 0x3d000 4.29 31fea5e32cf0cc146341dc68af1a0f9b
.data 0x1fe000 0x505c5 0x49000 5.09 32e16a33aaa37b9bc3dc0b5c501ac44c
.rsrc 0x24f000 0x185c 0x2000 4.79 0d9f04a8c26fe8aa089394d0790a30ff
( 15 imports )
> ADVAPI32.dll: ControlService, InitializeSecurityDescriptor, RegQueryValueExA, RegCloseKey, RegOpenKeyExA, StartServiceCtrlDispatcherA, ServiceCtrlHandlerA, SetServiceStatus, DeEventSource, ReportEventA, EventSourceA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, DeleteService, QueryServiceStatus, CreateProcessAsA, OpenServiceA, SetSecurityDescriptorDacl, GetNameA, RegQueryValueExW, RegOpenKeyExW, RegEnumKeyExA, RegSetValueExA, RegCreateKeyExA, RegEnumValueA, RegQueryInfoKeyA, LookupSidA, GetTokenInformation, ImpersonateLoggedOn, RevertToSelf
> ole32.dll: CLSIDFromProgID, CoTaskMemFree, StringFromCLSID, ProgIDFromCLSID, CoCreateInstance, CoInitializeEx, CoUninitialize, CoInitializeSecurity
> 32.dll: GetClassNameA, IsIconic, SetActiveWindow, EnumWindows, CreateDialogParamA, DialogBoxParamW, CreateDialogParamW, LoadCursorA, LoenuW, DialogBoxParamA, LoadIconA, IntersectRect, LoenuA, InflateRect, SubtractRect, ValidateRect, ReleaseCapture, GetCapture, UnionRect, CopyRect, SetCapture, PtInRect, IsRectEmpty, GetDC, RedrawWindow, DestroyCursor, SetRectEmpty, ReleaseDC, InvalidateRect, SetFocus, OffsetRect, GetDlgCtrlID, GetClassInfoExA, GetDlgItem, CallWindowProcW, CallWindowProcA, ClassExA, LoadImageA, SetWindowLongW, SetCursor, GetParent, SetWindowTextW, GetClassLongA, GetUpdateRect, BeginPaint, SetWindowTextA, SetWindowPos, KillTimer, EndPaint, SetTimer, PostMessageA, IsWindowVisible, SetClassLongA, GetClientRect, CreateWindowExW, MessageBeep, EndDialog, ShowWindow, GetSystemMetrics, MoveWindow, GetWindowRect, SetDlgItemTextW, SetDlgItemTextA, IsWindowUnicode, PeekMessageA, OpenWindowStationA, MsgWaitForMultipleObjects, CloseWindowStation, OpenDesktopA, SetProcessWindowStation, GetMessageA, TranslateMessage, GetWindowTextA, IsWindow, GetObjectInformationA, DefWindowProcA, CharNextA, CreateWindowExA, MessageBoxA, SendMessageA, FindWindowA, GetDesktopWindow, LoadStringA, GetTopWindow, GetWindow, GetThreadDesktop, GetProcessWindowStation, FindWindowExA, EnumChildWindows, AttachThreadInput, CharUpperBuffA, wsprintfA, GetForegroundWindow, MessageBoxW, GetWindowThreadProcessId, PostQuitMessage, DestroyWindow, ClassA, DispatchMessageA, SetThreadDesktop, CloseDesktop, IsWindowEnabled, WaitForInputIdle, SetForegroundWindow, SetWindowLongA, GetWindowLongA, SendMessageW
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> httpclient52.dll: _getRemoteAddress@Socket@@QAE_AVInetAddr@@XZ, __0ShutdownException@@QAE@KPBD@Z, __1ShutdownException@@UAE@XZ, _vsnexceptionf@@YAPADPADIPBDHK10@Z, _mThrow@@YAXPBDHK0ZZ, _ExceptionsInit@@YAXXZ, _newThread@ThreadEx@@SA_AVTHREAD_HANDLE@@P6AKPAX@Z0@Z, _mThrowSystem@@YAXPBDHK0ZZ, _exceptionType@ShutdownException@@UBEPBDXZ, _addCustomHeader@HttpRequestMgr@@SAXPBD0_N@Z, _removeCustomHeader@HttpRequestMgr@@SAXPBD@Z, _clearCustomHeaders@HttpRequestMgr@@SAXXZ, _areProxySettingsShared@WinInetHttpRequest@@SA_NXZ, __0InetAddr@@QAE@PBDP6AKPAX@Z@Z, _getRemotePort@Socket@@QAEGXZ, _mThrow@@YAXKPBDZZ, _getHostAddress@InetAddr@@QBE_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@XZ, _@ThreadEx@@SAKVTHREAD_HANDLE@@K@Z, _mThrowIO@@YAXKPBDZZ, _exceptionType@SystemException@@UBEPBDXZ, _getLocalAddress@Socket@@QAE_AVInetAddr@@XZ, _getLocalPort@Socket@@QAEGXZ, __1InetAddr@@QAE@XZ, _setHostname@InetAddr@@IAEXPBD@Z, _getHostname@InetAddr@@QBE_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@XZ, _setResolvedHostname@InetAddr@@IAEXPBD@Z, __0IProgressDisplay@@QAE@XZ, __1IProgressDisplay@@UAE@XZ, _showSomeProgress@IProgressDisplay@@UAEXXZ, _mThrowIO@@YAXPBDHK0ZZ, _getResolvedHostname@InetAddr@@QBE_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@XZ, __0Socket@@QAE@XZ, _throwNetworkSocketException@@YAXPBDHK0ZZ, _setRcvTimeout@Socket@@QAEXJ@Z, _setSndTimeout@Socket@@QAEXJ@Z, _setConnectTimeout@Socket@@QAEXJ@Z, __1Socket@@UAE@XZ, __1IOException@@UAE@XZ, __0IOException@@QAE@KPBD@Z, _exceptionType@IOException@@UBEPBDXZ, _close@Socket@@QAEXXZ, _httpRequest@HttpRequestMgr@@SAFPBDAAVIReader@@AAVIWriter@@0PAVIProgressDisplay@@_N@Z, _mThrowNetwork@@YAXPBDHK0ZZ, _httpRequest@HttpRequestMgr@@SAPAVHttpRequest@@XZ, _write@Socket@@QAEXPBDH@Z, _read@Socket@@QAEKPADH@Z, __0NetworkException@@QAE@KPBD@Z, __8InetAddr@@QAE_NABV0@@Z, __1NetworkException@@UAE@XZ, __0NetworkException@@QAE@K@Z, _exceptionType@NetworkException@@UBEPBDXZ, _init@HttpRequestMgr@@SAXXZ, _setCacheResponses@HttpRequestMgr@@SAX_N@Z, __BInetAddr@@QBE_BUin_addr@@XZ, _getNetworkTimeout@@YAJPBD0@Z, _mThrowNetwork@@YAXKPBDZZ, __1SystemException@@UAE@XZ, _GetHostByName@InetAddr@@KAKPAX@Z, __0InetAddr@@QAE@P6AKPAX@Z@Z, __0SystemException@@QAE@KPBDPAUHINSTANCE__@@@Z
> clientutil52.dll: _basename@File@@QBEPAVUnicodeString@@XZ, _getBytes@UnicodeString@@QBEPADXZ, _getThreadName@Thread@@SAPBDXZ, __0AutoLock@@QAE@AAVSimpleMutex@@@Z, __1AutoLock@@QAE@XZ, __3UnicodeString@@SAXPAX@Z, _newThread@Thread@@SA_AVTHREAD_HANDLE@@P6AKPAX@Z0@Z, _getValue@RegKey@@QAEHPAD0H0_N@Z, _setValue@Prefs@@SA_NPBDPAD@Z, _removeKey@Prefs@@SAXPBD@Z, _getKeys@Prefs@@SAPAVStringEnumeration@@PBD_N@Z, _removeKey@Prefs@@SAXPBD0H@Z, _getVendorValue@Prefs@@SA_NPBD0PA_N_N@Z, __4File@@QAEAAV0@ABV0@@Z, __0File@@QAE@ABV0@@Z, _appendFile@File@@QAEAAV1@PBD@Z, __1MotiveException@@UAE@XZ, __2MotiveException@@SAPAXI@Z, __0MotiveException@@QAE@KPBD@Z, __3MotiveException@@SAXPAX@Z, _exceptionType@MotiveException@@UBEPBDXZ, __1File@@QAE@XZ, _remove@File@@QBE_N_N@Z, __0File@@QAE@XZ, __BFile@@QBEPBDXZ, _getVendorValue@Prefs@@SA_NPBD0PAHH@Z, _getVendorValue@Prefs@@SAHPBD0PADH0@Z, _logError@LogManager@@SAXHPBD0ZZ, _@Thread@@SAKVTHREAD_HANDLE@@PAKKPAPAVMotiveException@@@Z, __0SimpleMutex@@QAE@XZ, __1SimpleMutex@@QAE@XZ, _setThreadName@Thread@@SAXPBD@Z, __4THREAD_HANDLE@@QAEAAV0@ABV0@@Z, __1THREAD_HANDLE@@QAE@XZ, _INVALID_THREAD_HANDLE@@3VTHREAD_HANDLE@@A, __0THREAD_HANDLE@@QAE@ABV0@@Z, _isWin9x@Machine@@SA_NXZ, _getDesc@MotiveException@@QBEPBDXZ, _getCode@MotiveException@@QBEKXZ, _log@LogManager@@SAXHPBDZZ, _exec@Runtime@@SAPAVProcess@@PAPAD0_NPBD@Z, _getMotiveRoot@Prefs@@SAXPADH@Z, _expandMacros@File@@SAXPBD0PADHZZ, _exec@Runtime@@SAPAVProcess@@PAPAD0PBD_N2@Z, _isRunning@Process@@QAE_NXZ, _init@UnicodeString@@SAXXZ, _init@Thread@@SAXXZ, _init@Runtime@@SAX_N@Z, _init@Prefs@@SAXPAUHINSTANCE__@@PAPAD@Z, _init@File@@SAXXZ, _setValue@Prefs@@SA_NPBD_N@Z, _getValue@Prefs@@SA_NPBDPA_N_N@Z, _getValue@Prefs@@SAHPBDPADH0@Z, _detach@Thread@@SAXVTHREAD_HANDLE@@@Z, __8THREAD_HANDLE@@QBE_NABQAX@Z, __BTHREAD_HANDLE@@QBEPAXXZ, _getPath@File@@QBEPBVUnicodeString@@XZ, __1UnicodeString@@QAE@XZ, _getLogLevel@Logger@@QAEHXZ, _getLogger@LogManager@@SAPAVLogger@@PBD@Z, _length@File@@QBEJXZ, _exists@File@@QBE_NXZ, _copy@File@@QAE_NPBV1@@Z, _move@File@@QAE_NPBV1@@Z, _flush@IniPrefStore@@UAEXXZ, _identity@IniPrefStore@@UAEPBDXZ, _getKeys@IniPrefStore@@UAEPAVStringEnumeration@@PAVPrefKey@@_N@Z, _load@IniPrefStore@@UAEXXZ, _removeSection@IniPrefStore@@UAE_NPAVPrefKey@@@Z, _remove@IniPrefStore@@UAE_NPAVPrefKey@@@Z, _contains@IniPrefStore@@UAEHPAVPrefKey@@@Z, _setValue@IniPrefStore@@UAE_NPAVPrefKey@@PBD@Z, _getValue@IniPrefStore@@UAEHPAVPrefKey@@PADH@Z, __0IniPrefStore@@QAE@PBD@Z, __1IniPrefStore@@UAE@XZ, __1PrefKey@@QAE@XZ, __0PrefKey@@QAE@PBD0_N@Z, _getLogFile@Logger@@QAEPADXZ, _lock@SimpleMutex@@UAEXXZ, _unlock@SimpleMutex@@UAEXXZ, __0File@@QAE@ABV0@PBD@Z, _dirname@File@@QBEPAVUnicodeString@@XZ, __0UnicodeString@@QAE@PBV0@@Z, _getLoggers@LogManager@@SAPAVStringEnumeration@@XZ, freeStrsplit, strsplit, __1ZipFile@@QAE@XZ, _extract@ZipFile@@QAE_NPBDPADPAI@Z, __0ZipFile@@QAE@PAVFile@@@Z, _setVendorValue@Prefs@@SA_NPBD0_N@Z, __0File@@QAE@ABVUnicodeString@@@Z, __0RegKey@@QAE@W4topKey@@PBD@Z, _exists@RegKey@@QAE_NXZ, __1RegKey@@QAE@XZ, _valueExists@RegKey@@QAE_NPAD@Z, __0MotiveException@@QAE@K@Z, _reinit@Prefs@@SAXXZ, _setLogLevel@Logger@@QAEHH@Z, _setValue@Prefs@@SA_NPBDH@Z, _getValue@Prefs@@SA_NPBDPAJJ@Z, _getThreadId@Thread@@SAKXZ, __0THREAD_HANDLE@@QAE@XZ, _sleep@Thread@@SAXK@Z, _getValue@Prefs@@SA_NPBDPAHH@Z, _equals@UnicodeString@@QBE_NPBD@Z, _equalsIgnoreCase@UnicodeString@@QBE_NPBV1@@Z, _list@File@@QAEPAVUnicodeStringEnumeration@@PBVUnicodeString@@@Z, __0ZipFile@@QAE@PBD00_N@Z, _append@File@@QAEAAV1@PBD@Z, _detach@AutoLock@@QAEPAVSimpleMutex@@XZ, _flush@Prefs@@SAXXZ, _log@Logger@@QAAXHPBDZZ, _addValue@RegKey@@QAEXPADW4valType@@0@Z, _getChangeTime@File@@QBEJXZ, _isDirectory@File@@QBE_NXZ, _mkdir@File@@QBE_NXZ, __4File@@QAEAAV0@PBD@Z, _close@IReader@@UAEXXZ, __1IReader@@UAE@XZ, _logv2@Logger@@QAEXHPBD0PAD@Z, _isAbsolute@File@@QBE_NXZ, _getName@File@@QBEPBVUnicodeString@@XZ, _getLogger@LogManager@@SAPAVLogger@@PBD0_N@Z, _logv@Logger@@QAEXHPBDPAD@Z, _init@LogManager@@SAXPBD0@Z, __1ExplicitLoadLib@@UAE@XZ, _isProcess@Runtime@@SA_NPA_NPAXPAPAX@Z, __0ExplicitLoadLib@@QAE@PBD@Z, _getLoadError@ExplicitLoadLib@@UBEPBDXZ, __BExplicitLoadLib@@UBE_NXZ, _LoadSymbol@ExplicitLoadLib@@UBEPAXPBD@Z, _setValue@Prefs@@SA_NPBD0@Z, _FormatError@ExplicitLoadLib@@UBEPADHPADI@Z, _ShellExecuteA@Runtime@@SA_NPAD0@Z, _setLogStdout@Logger@@QAEX_N@Z, _addKey@Prefs@@SAXPBD0@Z, _checkKey@Prefs@@SAHPBD0@Z, _reinit@Prefs@@SAXPADPAPAD@Z, _setMaxBackups@Logger@@QAEXH@Z, _setMaxSize@Logger@@QAEXJ@Z, _waitFor@Process@@QAEH_N@Z, __1Process@@QAE@XZ, __3Process@@SAXPAX@Z, _length@File@@SAJABVUnicodeString@@@Z, _close@ZipFile@@QAEXXZ, _logError@LogManager@@SAXHPBD@Z, _getOSMinorVersion@Machine@@SAXPADH@Z, _getMapInterp@Machine@@SAPBDXZ, _getOSMajorVersion@Machine@@SAXPADH@Z, _append@UnicodeString@@QAEXABV1@@Z, _getOSPatchLevel@Machine@@SAXPADH@Z, _getuId@Machine@@SAXHPADH@Z, _getVendorValue@Prefs@@SA_NPBD0PAJJ@Z, __0File@@QAE@ABV0@ABVUnicodeString@@@Z, _setVendorValue@Prefs@@SA_NPBD0K@Z, _setVendorValue@Prefs@@SA_NPBD00@Z, _getVendorValue@Prefs@@SA_NPBD0PAKK@Z, _removeSection@Prefs@@SAXPBD@Z, __3ZipEntry@@SAXPAX@Z, __2UnicodeString@@SAPAXI@Z, __1ZipEntry@@QAE@XZ, _remove@File@@SA_NABVUnicodeString@@_N@Z, _exists@File@@SA_NABVUnicodeString@@@Z, __0UnicodeString@@QAE@PBD@Z, __0EmptyWriter@@QAE@XZ, _getEntry@ZipFile@@QAEPAVZipEntry@@PAD@Z, _getOffset@ZipEntry@@QBEKXZ, _getOSName@Machine@@SAXPADH@Z, __1EmptyWriter@@UAE@XZ, _rewind@IWriter@@UAEXXZ, __0ZipFile@@QAE@PBD@Z, _getInterp@Machine@@SAPBDXZ, _setVendorValue@Prefs@@SA_NPBD0PAD@Z, _getName@ZipEntry@@QBEPBDXZ, _entries@ZipFile@@QAEPAVZipEntryEnumeration@@XZ, _isDirectory@ZipEntry@@QBE_NXZ, _mkdirs@File@@QBE_NXZ, _extract@ZipFile@@QAE_NPBD0@Z, _getParentFile@File@@QAE_AV1@XZ, _flush@IWriter@@UAEXXZ, __0EmptyReader@@QAE@XZ, __1EmptyReader@@UAE@XZ, __1IWriter@@UAE@XZ, _close@IWriter@@UAEXXZ, __0IWriter@@QAE@XZ, __0File@@QAE@PBD@Z, __0IReader@@QAE@XZ, _getValue@Prefs@@SA_NPBDPAKK@Z, _getVendorKeys@Prefs@@SAPAVStringEnumeration@@PBD0_N@Z, _isService@Runtime@@SA_NPA_NPAXPAPAX@Z, __0THREAD_HANDLE@@QAE@PAX@Z
> asst_ui.dll: _stop@ProgressDialog@@QAEHXZ, _start@ProgressDialog@@QAEHXZ, _setTitle@ProgressDialog@@QAEXPBG@Z, _bump@ProgressDialog@@QAEXH@Z, _wasCancelled@ProgressDialog@@QAE_NXZ, _setCancelEnabled@ProgressDialog@@QAEX_N@Z, _setHeader@ProgressDialog@@QAEXPBD@Z, _setStatus2@ProgressDialog@@QAEXPBG@Z, _setStatus2@ProgressDialog@@QAEXPBD@Z, _setStatus@ProgressDialog@@QAEXPBG@Z, _rectHeight@@YAJABUtagRECT@@@Z, _rectWidth@@YAJABUtagRECT@@@Z, _moveWindow@@YA_NPAUHWND__@@PBUtagRECT@@H@Z, _getRectInClientCoords@@YAXPAUHWND__@@0PAUtagRECT@@@Z, _DrawTransparentBitmap@@YAXPAUHDC__@@PAUHBITMAP__@@1KK@Z, _setPoint@@YAXPAUtagPOINT@@JJ@Z, _copyPoint@@YAXPAUtagPOINT@@PBU1@@Z, _bottomRight@@YA_BUtagPOINT@@ABUtagRECT@@@Z, _topLeft@@YA_BUtagPOINT@@ABUtagRECT@@@Z, _subtractPoint@@YA_AUtagSIZE@@UtagPOINT@@0@Z, _screenToClient@@YAXPAUHWND__@@PAUtagRECT@@@Z, _clientToScreen@@YAXPAUHWND__@@PAUtagRECT@@@Z, _getClientRectInClientCoords@@YAXPAUHWND__@@0PAUtagRECT@@@Z, _setStatus@ProgressDialog@@QAEXPBD@Z, _setTitle@ProgressDialog@@QAEXPBD@Z, _setHeader@ProgressDialog@@QAEXPBG@Z, _setStatus@ProgressDialog@@QAEXH@Z, __0ProgressDialog@@QAE@PAUHWND__@@PBD@Z, _Init@ProgressDialog@@SAXPAUHINSTANCE__@@@Z, __1ProgressDialog@@QAE@XZ
> COMCTL32.dll: _TrackMouseEvent, InitCommonControlsEx
> comdlg32.dll: GetOpenFileNameA, CommDlgExtendedError, GetOpenFileNameW
> KERNEL32.dll: WideCharToMultiByte, InterlockedDecrement, DebugBreak, LoadLibraryA, GetModuleHandleA, ExitThread, CreateThread, SystemTimeToFileTime, GetTimeFormatW, GetTimeFormatA, GetDateFormatW, GetDateFormatA, InterlockedExchange, MapViewOfFile, SetEndOfFile, GetLocaleInfoW, CompareStringW, CompareStringA, GetStringTypeW, GetStringTypeA, IsBadCodePtr, SetEnvironmentVariableA, SetEnvironmentVariableW, GetCurrentDirectoryA, GetFullPathNameA, GetOEM, GetA, LCMapStringW, LCMapStringA, SetFilePointer, SetUnhandledExceptionFilter, GetDefaultLCID, GetFileAttributesA, FileTimeToSystemTime, lstrlenW, OutputDebugStringA, GetLastError, GetModuleFileNameA, Sleep, EnumSystemLocalesA, GetLocaleInfoA, IsValidCodePage, IsValidLocale, GetInfo, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, UnhandledExceptionFilter, SetHandleCount, IsBadWritePtr, VirtualAlloc, VirtualFree, HeapCreate, CreateDirectoryA, GetSystemTimeAsFileTime, HeapSize, GetLocalTime, GetSystemTime, GetTimeZoneInformation, IsBadReadPtr, HeapReAlloc, GetCurrentProcess, RaiseException, ExitProcess, GetVersion, GetCommandLineA, GetStartupInfoA, GetFileType, SetStdHandle, RtlUnwind, HeapAlloc, HeapFree, WriteFile, ReadFile, CreateFileMappingA, CreateEventA, GlobalAddAtomA, UnmapViewOfFile, GlobalDeleteAtom, CreateFileA, FlushFileBuffers, FormatMessageW, FormatMessageA, LocalFree, FileTimeToLocalFileTime, SetConsoleCtrlHandler, GetExitCodeProcess, SetFileAttributesA, DeleteFileA, RemoveDirectoryA, GetTickCount, LoadLibraryExA, GetTempPathA, GetTempFileNameA, TlsSetValue, TlsAlloc, TlsGetValue, FindFirstFileA, FindNextFileA, FindClose, GetDiskFreeSpaceA, GetVolumeInformationA, GetSystemInfo, GlobalMemoryStatus, GetVersionExA, GetEnvironmentVariableA, GetLogicalDriveStringsA, GetDriveTypeA, TerminateProcess, GetSystemDirectoryA, GetWindowsDirectoryA, GetComputerNameA, MultiByteToWideChar, OpenProcess, CreateProcessA, CreateSemaphoreA, CloseHandle, WaitForSingleObject, ReleaseSemaphore, SetLastError, InterlockedIncrement, EnterCriticalSection, LeaveCriticalSection, GetProcAddress, FreeLibrary, InitializeCriticalSection, lstrcatA, lstrlenA, lstryA, DeleteCriticalSection, HeapDestroy, GetCurrentThreadId, AllocConsole, GetStdHandle, GetConsoleScreenBufferInfo, SetConsoleScreenBufferSize, FreeConsole
> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
> GDI32.dll: BitBlt, SelectObject, CreateCompatibleDC, DeleteDC, DPtoLP, CreateSolidBrush, PatBlt, CreatePatternBrush, CreateBitmap, DeleteObject, GetObjectA
> SHELL32.dll: SHGetMalloc, SHBrowseForFolderA, SHGetPathFromIDListA
> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> WININET.dll: InternetAutodial, InternetGetConnectedState
( 271 exports )
__0ASN1_ANY@@QAE@ABU0@@Z, __0ASN1_ANY@@QAE@XZ, __0ASN1_BIT_STRING@@QAE@ABU0@@Z, __0ASN1_BIT_STRING@@QAE@VBstream@@@Z, __0ASN1_BIT_STRING@@QAE@XZ, __0ASN1_BOOLEAN@@QAE@ABU0@@Z, __0ASN1_BOOLEAN@@QAE@H@Z, __0ASN1_BOOLEAN@@QAE@PBD@Z, __0ASN1_BOOLEAN@@QAE@XZ, __0ASN1_INTEGER@@QAE@AAVBigint@@@Z, __0ASN1_INTEGER@@QAE@ABU0@@Z, __0ASN1_INTEGER@@QAE@H@Z, __0ASN1_INTEGER@@QAE@XZ, __0ASN1_OCTET_STRING@@QAE@ABU0@@Z, __0ASN1_OCTET_STRING@@QAE@VBstream@@@Z, __0ASN1_OCTET_STRING@@QAE@XZ, __0ASN1_PRINTABLE_STRING@@QAE@ABU0@@Z, __0ASN1_PRINTABLE_STRING@@QAE@PBD@Z, __0ASN1_PRINTABLE_STRING@@QAE@XZ, __0ASN1_UTF8_STRING@@QAE@ABU0@@Z, __0ASN1_UTF8_STRING@@QAE@PBD@Z, __0ASN1_UTF8_STRING@@QAE@XZ, __0AlgId@@QAE@ABU0@@Z, __0AlgId@@QAE@XZ, __0Bigint@@QAE@ABV0@@Z, __0Bigint@@QAE@F@Z, __0Bigint@@QAE@PBD@Z, __0Bigint@@QAE@PBEH@Z, __0Bigint@@QAE@XZ, __0Bstream@@QAE@ABV0@@Z, __0Bstream@@QAE@ABVString@@@Z, __0Bstream@@QAE@HPBE@Z, __0Bstream@@QAE@PBD@Z, __0Bstream@@QAE@XZ, __0EncryptedDigest@@QAE@ABU0@@Z, __0EncryptedDigest@@QAE@XZ, __0IssuerAndSerialNumber@@QAE@ABU0@@Z, __0IssuerAndSerialNumber@@QAE@VName@@UASN1_INTEGER@@@Z, __0IssuerAndSerialNumber@@QAE@XZ, __0Key@@QAE@ABV0@@Z, __0Key@@QAE@HPAE@Z, __0Key@@QAE@XZ, __0Name@@QAA@HZZ, __0Name@@QAE@ABV0@@Z, __0Name@@QAE@PBD@Z, __0Name@@QAE@XZ, __0ObjId@@QAA@HZZ, __0ObjId@@QAE@ABV0@@Z, __0ObjId@@QAE@XZ, __0PCTime@@QAE@ABUGMtime@@@Z, __0PCTime@@QAE@ABV0@H@Z, __0PCTime@@QAE@HHHHHH@Z, __0PCTime@@QAE@XZ, __1ASN1_ANY@@QAE@XZ, __1ASN1_BIT_STRING@@QAE@XZ, __1ASN1_BOOLEAN@@QAE@XZ, __1ASN1_INTEGER@@QAE@XZ, __1ASN1_OCTET_STRING@@QAE@XZ, __1ASN1_PRINTABLE_STRING@@QAE@XZ, __1ASN1_UTF8_STRING@@QAE@XZ, __1AlgId@@QAE@XZ, __1Bigint@@QAE@XZ, __1Bstream@@QAE@XZ, __1EncryptedDigest@@QAE@XZ, __1IssuerAndSerialNumber@@QAE@XZ, __1Key@@QAE@XZ, __1Name@@QAE@XZ, __1ObjId@@QAE@XZ, __4ASN1_ANY@@QAEAAU0@ABU0@@Z, __4ASN1_BIT_STRING@@QAEAAU0@ABU0@@Z, __4ASN1_BOOLEAN@@QAEAAU0@ABU0@@Z, __4ASN1_INTEGER@@QAEAAU0@ABU0@@Z, __4ASN1_OCTET_STRING@@QAEAAU0@ABU0@@Z, __4ASN1_PRINTABLE_STRING@@QAEAAU0@ABU0@@Z, __4ASN1_UTF8_STRING@@QAEAAU0@ABU0@@Z, __4AlgId@@QAEAAU0@ABU0@@Z, __4Bigint@@QAEAAV0@ABV0@@Z, __4Bstream@@QAEAAV0@ABV0@@Z, __4EncryptedDigest@@QAEAAU0@ABU0@@Z, __4IssuerAndSerialNumber@@QAEAAU0@ABU0@@Z, __4Key@@QAEAAV0@ABV0@@Z, __4Name@@QAEAAV0@ABV0@@Z, __4ObjId@@QAEAAV0@ABV0@@Z, __4PCTime@@QAEAAV0@ABV0@@Z, __5@YAAAVBstream@@AAUASN1_SEQUENCE@@AAUASN1_ANY@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificateInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificateRevocationListInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificationRequestInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UExtendedCertificateInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAU_$SIGNED@UExtendedCertificationRequestInfo@@@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_BIT_STRING@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_BOOLEAN@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_INTEGER@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_OCTET_STRING@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_PRINTABLE_STRING@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_SEQUENCE@@@Z, __5@YAAAVBstream@@AAV0@AAUASN1_UTF8_STRING@@@Z, __5@YAAAVBstream@@AAV0@AAUAlgorithmIdentifier@@@Z, __5@YAAAVBstream@@AAV0@AAUAttribute@@@Z, __5@YAAAVBstream@@AAV0@AAUCertificateInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUCertificateRevocationListInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUCertificationRequestInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUContentInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUDigestInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUExtendedCertificateInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUExtendedCertificateOrCertificate@@@Z, __5@YAAAVBstream@@AAV0@AAUExtendedCertificationRequestInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUExtension@@@Z, __5@YAAAVBstream@@AAV0@AAUIssuerAndSerialNumber@@@Z, __5@YAAAVBstream@@AAV0@AAUPrivateKeyInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUPublicKeyInfo@@@Z, __5@YAAAVBstream@@AAV0@AAURSAPrivateKey@@@Z, __5@YAAAVBstream@@AAV0@AAURSAPublicKey@@@Z, __5@YAAAVBstream@@AAV0@AAUSignedData@@@Z, __5@YAAAVBstream@@AAV0@AAUSignerInfo@@@Z, __5@YAAAVBstream@@AAV0@AAUValidity@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@U_$SIGNED@UCertificateRevocationListInfo@@@@V_$allocator@U_$SIGNED@UCertificateRevocationListInfo@@@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@UAlgorithmIdentifier@@V_$allocator@UAlgorithmIdentifier@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@UAttribute@@V_$allocator@UAttribute@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@UExtendedCertificateOrCertificate@@V_$allocator@UExtendedCertificateOrCertificate@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@UExtension@@V_$allocator@UExtension@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAV_$list@USignerInfo@@V_$allocator@USignerInfo@@@std@@@std@@@Z, __5@YAAAVBstream@@AAV0@AAVName@@@Z, __5@YAAAVBstream@@AAV0@AAVObjId@@@Z, __5@YAAAVBstream@@AAV0@AAVPCTime@@@Z, __6@YAAAVBstream@@AAUASN1_SEQUENCE@@ABUASN1_ANY@@@Z, __6@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificateInfo@@@@@Z, __6@YAAAVBstream@@AAV0@AAU_$SIGNED@UCertificationRequestInfo@@@@@Z, __6@YAAAVBstream@@AAV0@AAUASN1_PRINTABLE_STRING@@@Z, __6@YAAAVBstream@@AAV0@AAUASN1_SEQUENCE@@@Z, __6@YAAAVBstream@@AAV0@AAUASN1_UTF8_STRING@@@Z, __6@YAAAVBstream@@AAV0@AAUCertificateInfo@@@Z, __6@YAAAVBstream@@AAV0@AAUCertificationRequestInfo@@@Z, __6@YAAAVBstream@@AAV0@AAUExtension@@@Z, __6@YAAAVBstream@@AAV0@AAV_$list@UAttribute@@V_$allocator@UAttribute@@@std@@@std@@@Z, __6@YAAAVBstream@@AAV0@AAV_$list@UExtension@@V_$allocator@UExtension@@@std@@@std@@@Z, __6@YAAAVBstream@@AAV0@ABUASN1_BIT_STRING@@@Z, __6@YAAAVBstream@@AAV0@ABUASN1_BOOLEAN@@@Z, __6@YAAAVBstream@@AAV0@ABUASN1_INTEGER@@@Z, __6@YAAAVBstream@@AAV0@ABUASN1_OCTET_STRING@@@Z, __6@YAAAVBstream@@AAV0@ABUAlgorithmIdentifier@@@Z, __6@YAAAVBstream@@AAV0@ABUAttribute@@@Z, __6@YAAAVBstream@@AAV0@ABUIssuerAndSerialNumber@@@Z, __6@YAAAVBstream@@AAV0@ABUPrivateKeyInfo@@@Z, __6@YAAAVBstream@@AAV0@ABUPublicKeyInfo@@@Z, __6@YAAAVBstream@@AAV0@ABURSAPublicKey@@@Z, __6@YAAAVBstream@@AAV0@ABVObjId@@@Z, __6@YAAAVBstream@@AAV0@ABVPCTime@@@Z, __6@YAAAVBstream@@AAV0@VName@@@Z, __8@YAHABVBigint@@0@Z, __8@YAHABVObjId@@0@Z, __8ASN1_BOOLEAN@@QAE_NABU0@@Z, __8ASN1_INTEGER@@QAE_NABU0@@Z, __9@YAHABVObjId@@0@Z, __BASN1_PRINTABLE_STRING@@QAEPBDXZ, __BASN1_UTF8_STRING@@QAEPBDXZ, __BBstream@@QBEPBDXZ, __H@YA_AVBstream@@ABV0@0@Z, __O@YAHABVBigint@@0@Z, __OASN1_INTEGER@@QAE_NABU0@@Z, __YBstream@@QAEAAV0@ABV0@@Z, ___C@_0BD@NN@RSA__rc_5_$DN_$DN_50_$AA@, ___C@_0BF@MDA@sig_digest_5_$DN_$DN_5digest_$AA@, ___C@_0DF@GBNA@signatureAlgorithm_4algorithm_5_$DN_$DN_5@, ___C@_0P@IPCC@SignerInfo_4p_$AA@, _add_element@Name@@QAEXABUAva@@@Z, _add_element@ObjId@@QAEXABVBigint@@@Z, _asn1_der_decode_T61_string@@YAHAAVBstream@@0@Z, _asn1_der_decode_bit_string@@YAHAAVBstream@@0@Z, _asn1_der_decode_boolean@@YAHAAVBstream@@AAVBigint@@@Z, _asn1_der_decode_integer@@YAHAAVBstream@@AAVBigint@@@Z, _asn1_der_decode_null@@YAHAAVBstream@@@Z, _asn1_der_decode_octet_string@@YAHAAVBstream@@0@Z, _asn1_der_decode_printable_string@@YAHAAVBstream@@0@Z, _asn1_der_decode_sequence@@YAHAAVBstream@@AAH@Z, _asn1_der_decode_sequence_of@@YAHAAVBstream@@AAH@Z, _asn1_der_decode_set@@YAHAAVBstream@@AAH@Z, _asn1_der_decode_set_of@@YAHAAVBstream@@AAH@Z, _asn1_der_decode_utctime@@YAHAAVBstream@@AAVPCTime@@@Z, _asn1_der_decode_utf8_string@@YAHAAVBstream@@0@Z, _asn1_der_encode_T61_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_bit_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_boolean@@YA_AVBstream@@ABVBigint@@@Z, _asn1_der_encode_implicit_tagged@@YA_AVBstream@@ABV1@H@Z, _asn1_der_encode_integer@@YA_AVBstream@@ABVBigint@@@Z, _asn1_der_encode_network_addr@@YA_AVBstream@@K@Z, _asn1_der_encode_null@@YA_AVBstream@@XZ, _asn1_der_encode_octet_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_printable_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_sequence@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_sequence_of@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_set@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_set_of@@YA_AVBstream@@ABV1@@Z, _asn1_der_encode_timeticks@@YA_AVBstream@@ABVBigint@@@Z, _asn1_der_encode_utctime@@YA_AVBstream@@ABVPCTime@@@Z, _asn1_der_encode_utf8_string@@YA_AVBstream@@ABV1@@Z, _asn1_der_get_length@@YAHAAVBstream@@@Z, _asn1_der_set_length@@YA_AVBstream@@H@Z, _asn1_perror@@YAXH@Z, _bits@Bigint@@QBEHXZ, _checkValidityPeriod@@YA_NPBDAAU_$SIGNED@UCertificateInfo@@@@@Z, _consume@Bstream@@QAEHH@Z, _decrypt@@YA_AVBstream@@ABUPublicKeyInfo@@ABV1@@Z, _decrypt@@YAXABUPrivateKeyInfo@@ABVbytestream@@AAV2@@Z, _decrypt@@YAXABUPublicKeyInfo@@ABVbytestream@@AAV2@@Z, _decrypt@@YAXABUSymmetricKey@@ABVbytestream@@AAV2@@Z, _decrypt@@YAXABUSymmetricKey@@ABVbytestream@@AAVBstream@@@Z, _encode@Name@@QAE_AVBstream@@XZ, _encode@ObjId@@QBE_AVBstream@@XZ, _encrypt@@YA_AVBstream@@ABUPrivateKeyInfo@@ABV1@@Z, _encrypt@@YAXABUPrivateKeyInfo@@ABVbytestream@@AAV2@@Z, _encrypt@@YAXABUPublicKeyInfo@@ABVbytestream@@AAV2@@Z, _encrypt@@YAXABUSymmetricKey@@ABVBstream@@AAVbytestream@@@Z, _encrypt@@YAXABUSymmetricKey@@ABVbytestream@@AAV2@@Z, _fetchbyte@Bstream@@QAEHAAE@Z, _get@PCTime@@QBE_AUGMtime@@XZ, _getbstr@Bigint@@QBE_AVBstream@@XZ, _getdatap@Bstream@@QBEPAEXZ, _getdecstr@Bstream@@QBE_AVString@@XZ, _gethexstr@Bstream@@QBE_AVString@@XZ, _getlength@Bstream@@QBEHXZ, _getnumstr@Bigint@@QBE_AVString@@XZ, _getnumstrd@Bigint@@QBE_AVString@@XZ, _getstr@Bstream@@QBE_AVString@@XZ, _getstr@PCTime@@QBE_AVString@@XZ, _last@Bstream@@QBEEXZ, _md5_digest@@YA_AVBstream@@AAV1@@Z, _msl_GeneratePKCS1KeyPair@@YAXAAUPublicKeyInfo@@AAUPrivateKeyInfo@@@Z, _msl_GetCertExtnBool@@YA_NAAU_$SIGNED@UCertificateInfo@@@@ABVObjId@@@Z, _msl_GetCertExtnString@@YAPADAAU_$SIGNED@UCertificateInfo@@@@ABVObjId@@@Z, _ntptime@PCTime@@QAEKXZ, _num_to_mask@@YAEH@Z, _peekbyte@Bstream@@QAEHAAE@Z, _print@PCTime@@QBEXXZ, _replace@Bstream@@QBE_AV1@ABV1@0@Z, _sign@_$SIGNED@UCertificateInfo@@@@QAEXABUPrivateKeyInfo@@@Z, _sign@_$SIGNED@UCertificationRequestInfo@@@@QAEXABUPrivateKeyInfo@@@Z, _timenow@@YA_AVPCTime@@XZ, _truncate@Bstream@@QAEHH@Z, _validate@@YAXAAU_$SIGNED@UCertificateInfo@@@@0@Z, _validate@@YAXAAU_$SIGNED@UCertificateInfo@@@@AAUDigestInfo@@AAUSignerInfo@@@Z, _@_$SIGNED@UCertificateInfo@@@@QAEXABUPublicKeyInfo@@@Z, _@_$SIGNED@UCertificationRequestInfo@@@@QAEXABUPublicKeyInfo@@@Z, DecodeBase64, EncodeBase64, RSA_sign, RSA_, ex_assert_failed, msl_DecryptBytes, msl_DecryptData, msl_EncryptBytes, msl_EncryptData, msl_EncryptDataSize, msl_EndDecryption, msl_EndEncryption, msl_GenerateRSAKeyPair, msl_MakeRSAKeyPairFromSeed, msl_RandomIzer, msl_StartDecryption, msl_StartEncryption, msl_freeData, msl_generateKey, msl_getSessionKeyLen, msl_privateDecrypt, msl_privateEncryptBuf, msl_publicDecrypt, msl_publicEncryptBuf, xMD5Final, xMD5Init, xMD5Transform, xMD5Update
Ensuite après le redemmarrage j'ai planté 5x maintenant ça a l'air bon...
Il y avait juste sous hiJackThis un n° que je n'avais pas c le suivant :
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} -
Voilà j'espère que c'est tout bon :)
@ plus
Bonsoir,
oui c'est mieux.
Mais il me manque un nouveau rapport HiJackT stp.
Peux tu en poster un ?
Et puis je n'ai pas le rapport virus total de :
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
Celui m'inquiéte plus que l'autre fichier.
Idem : peux aussi en poster un ?
Et puis idem : pour MalwareByte's Anti-Malware :
Fichier(s) infecté(s):
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089391.dll (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089392.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089393.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089394.old (Adware.VideoEgg) -> No action taken.
...
Ca veux dire que tu fais le scanne mais qu'à la fin tu ne supprime pas les éléments infectés...donc ça ne sert à rien (ou presque)...
Donc il faut le refaire ! et oui et surtout éliminer les crasse à la fin ! Puis poste moi le rapport stp.
Aller, on avance pas très vite....:(
et moi aussi je perds du temps à tout te réexpliquer ..
:s
Pas grave.
Bon courage,
après on termine.
A+
oui c'est mieux.
Mais il me manque un nouveau rapport HiJackT stp.
Peux tu en poster un ?
Et puis je n'ai pas le rapport virus total de :
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
Celui m'inquiéte plus que l'autre fichier.
Idem : peux aussi en poster un ?
Et puis idem : pour MalwareByte's Anti-Malware :
Fichier(s) infecté(s):
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089391.dll (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089392.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089393.exe (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP67\A0089394.old (Adware.VideoEgg) -> No action taken.
...
Ca veux dire que tu fais le scanne mais qu'à la fin tu ne supprime pas les éléments infectés...donc ça ne sert à rien (ou presque)...
Donc il faut le refaire ! et oui et surtout éliminer les crasse à la fin ! Puis poste moi le rapport stp.
Aller, on avance pas très vite....:(
et moi aussi je perds du temps à tout te réexpliquer ..
:s
Pas grave.
Bon courage,
après on termine.
A+
MSNFix 1.693
C:\Documents and Settings\cricri\Bureau\Raccourcis Bureau non utilis‚s\MSNFix\MSNFix
Fix exécuté le 11.04.2008 - 16:16:46.01 By cricri
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
Aucun Fichier trouvé
************************ HKLM\...\Winlogon\init
init = C:\WINDOWS\system32\init.exe,C:\Documents and Settings\cricri\Bureau\catchme\services.exe
------------------------------------------------------------------------
Auteur : !aur3n7 : https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Voilà j'ai bien desinstallé le pare-feu windows et installé le nouveau ZoneAlarm bien évidemment maintenant j'ai une vignette avec une croix rouge ds la barre de lancement rapide ... je suppose que c'est normal. N'ai pas pu installer le premier et le deuxième firewall c'est pkoi j'ai pris le troisième.
Voilà :) j'espère que j'ai rien loupé et j'attends de tes news. Merci
@ plus
cricri