Sujet Précédent Sujet Suivant

Bonjour!! problemes virus! besoin d aide !!

Fermé
mcpiero Messages postés 38 Date d'inscription jeudi 20 novembre 2008 Statut Membre Dernière intervention 22 avril 2010 - 13 mars 2009 à 22:17
 zemimi - 15 mars 2009 à 12:13
Bonjour,
j ai un gros soucis depuis plusieurs jours j ai un virus qui sevit et je n arrive pas a m en debarrasser j ai besoin de votre aide a savoir que firefox plante je peux plus m en servir a chaque connexion avast me donne une alerte j attends des reponses !!merci pour vos lumieres!!
os: win xp sp3
A voir également:

6 réponses

Réponse 1 / 6
zemimi
13 mars 2009 à 22:19
prend avira antivir comme antivirus et ad-aware comme pare feu ensuite donne le raport d'analise d'avast et
Télécharge HijackThis Version 2.02
- Enregistre HJTInstall.exe sur ton bureau.
- Fais un double-clic (gauche) sur HJTInstall.exe afin de lancer l’installation
- Clique sur Install ensuite sur « I Accept »
- Clique sur « Do a scan system and save log file »
- Le bloc-notes s’ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
0
Réponse 2 / 6
mcpiero Messages postés 38 Date d'inscription jeudi 20 novembre 2008 Statut Membre Dernière intervention 22 avril 2010
13 mars 2009 à 22:49
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:47:30, on 13/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
voila j attends ton aide mon pc sonne de partout la panik!!!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\TBPanel.exe
C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe
C:\Program Files\visual tools\VisualToolTip.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\GIGABYTE\ET6\GUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\RocketDock2\RocketDock.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\DOCUME~1\piero\LOCALS~1\Temp\Fichiers Internet temporaires\Content.IE5\I3JJBDDS\HiJackThis[1].exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\windres.exe,
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [FightPad] "C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe" -1
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\visual tools\VisualToolTip.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETcall.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock2\RocketDock.exe"
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Advanced Uninstaller PRO Installation Monitor] "C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1960408961-1993962763-839522115-1004\..\Run: [RocketDock] "C:\Program Files\RocketDock2\RocketDock.exe" (User '?')
O4 - HKUS\S-1-5-21-1960408961-1993962763-839522115-1004\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe" (User '?')
O4 - HKUS\S-1-5-21-1960408961-1993962763-839522115-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" (User '?')
O4 - HKUS\S-1-5-21-1960408961-1993962763-839522115-1004\..\Run: [Advanced Uninstaller PRO Installation Monitor] "C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe" (User '?')
O4 - HKUS\S-1-5-21-1960408961-1993962763-839522115-1004\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1960408961-1993962763-839522115-1004\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-21-1960408961-1993962763-839522115-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Fantastic Flame Agent.lnk = C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O20 - AppInit_DLLs: skvrsi.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe
O23 - Service: Service de la passerelle de la couche Application (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - Unknown owner - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Service d'indexation (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Application système COM+ (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Localisateur d'appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spouleur d'impression (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
0
Réponse 3 / 6
mcpiero Messages postés 38 Date d'inscription jeudi 20 novembre 2008 Statut Membre Dernière intervention 22 avril 2010
13 mars 2009 à 22:52
j attends une reponse lol merci!!
0
Réponse 4 / 6
zemimi
14 mars 2009 à 10:10
Moi aussi j'aime bien roket dock ...
Tu peux desinstaller avast il est trop peu performant
ensuite tu n'est pas obligé de garder autant d'antispyware
tu peux en desactiver un et faire un scan avec tous de temps en temps ( 2 sa suffit)
Tu n'as pas donné le rapport d'avast et d'antivir
Tu peux aussi me fournir le rapport de spybot S&D
0
mcpiero Messages postés 38 Date d'inscription jeudi 20 novembre 2008 Statut Membre Dernière intervention 22 avril 2010
14 mars 2009 à 20:17
ouais salut rocket dock ca clake!!
lol
je vais poster je vais t expliker a tt de suite!!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
mcpiero Messages postés 38 Date d'inscription jeudi 20 novembre 2008 Statut Membre Dernière intervention 22 avril 2010
14 mars 2009 à 20:36
alors avec antivir!!pas moyen de faire koi ke ce soit!! alors je l ai viré
aurait tu une autre solution ??
je vais te mettre un rapp spybot mais il ne detecte rien !!
mon virus c est TML:Iframe-inf si ta des infos??
tu connais un autre ²antivirus que je pourrais dl!! ta koi toi??






Win32.Delf.uc: [SBI $88B8013A] Réglages (Valeur du Registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\??\C:\WINDOWS\system32\winlogon.exe


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2009-03-05 TeaTimer.exe (1.6.6.32)
2008-11-19 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2009-01-22 Includes\Adware.sbi (*)
2009-03-10 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-03-10 Includes\Dialer.sbi (*)
2009-03-10 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-02-10 Includes\Hijackers.sbi (*)
2009-03-03 Includes\HijackersC.sbi (*)
2009-03-10 Includes\Keyloggers.sbi (*)
2009-03-10 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-03-03 Includes\Malware.sbi (*)
2009-03-10 Includes\MalwareC.sbi (*)
2008-12-16 Includes\PUPS.sbi (*)
2009-03-09 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-02-10 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-01-28 Includes\Spyware.sbi (*)
2009-01-28 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2009-03-10 Includes\Trojans.sbi (*)
2009-03-10 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
/ Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
/ Windows Media Player 11: Mise à jour critique pour Lecteur Windows Media 11 (KB959772)
/ Windows XP: Mise à jour de sécurité pour Windows XP (KB941569)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB960714)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB961260)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Windows XP Service Pack 3
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB946648)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950762)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950974)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951066)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB951072-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951698)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951748)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB951978)
/ Windows XP / SP4: Correctif pour Windows XP (KB952287)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952954)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954211)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954459)
/ Windows XP / SP4: Hotfix for Windows XP (KB954550-v5)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954600)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB955069)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB955839)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956391)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956802)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956841)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957095)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957097)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958644)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958687)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958690)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960225)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960715)
/ Windows XP / SP4: Correctif pour Windows XP (KB961118)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB967715)
/ XML Paper Specification Shared Components Pack 1.0: XML Paper Specification Shared Components Pack 1.0


--- Startup entries list ---
Located: HK_LM:Run, 36X Raid Configurer
command: C:\WINDOWS\system32\xRaidSetup.exe boot
file: C:\WINDOWS\system32\xRaidSetup.exe
size: 1990656
MD5: EA92E5A2368D1BC09C6E11B8E845B299

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
size: 34672
MD5: 69B16C7B7746BA5C642FC05B3561FC73

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: FC242DBD786557AC641726DC5C13F060

Located: HK_LM:Run, BootSkin Startup Jobs
command: "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
file: C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe
size: 290816
MD5: 556682D64F4B56842D2E8F359E7F462E

Located: HK_LM:Run, DeathAdder
command: C:\Program Files\Razer\DeathAdder\razerhid.exe
file: C:\Program Files\Razer\DeathAdder\razerhid.exe
size: 180224
MD5: B4EB601EFB0D4480028628612956E4C7

Located: HK_LM:Run, FightPad
command: "C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe" -1
file: C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe
size: 2506752
MD5: 50F51FA4B9C536DC2A5976322C17C760

Located: HK_LM:Run, fssui
command: "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
file: C:\Program Files\Windows Live\Family Safety\fsui.exe
size: 453984
MD5: 3AD994DD2442E938F53A504C5BAF504B

Located: HK_LM:Run, Gainward
command: C:\WINDOWS\TBPanel.exe /A
file: C:\WINDOWS\TBPanel.exe
size: 2189864
MD5: B36CA192535E5F10767B8D40C0732CCF

Located: HK_LM:Run, LifeCam
command: "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
file: C:\Program Files\Microsoft LifeCam\LifeExp.exe
size: 160800
MD5: E3DF7071623B6E639E87E667F1C54B2A

Located: HK_LM:Run, LogonStudio
command: "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
file: C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe
size: 987187
MD5: E7937FC9392A6040336833D5282259FE

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\NvCpl.dll
size: 13680640
MD5: A4DF135D9CBE77CD3F6E272558C2B907

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\system32\NvMcTray.dll
size: 86016
MD5: 4E03322DB729B41AF2C362300DD5576E

Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 1657376
MD5: 62CE6A1F613BD445459D592FDE4AFE14

Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
file: C:\WINDOWS\RTHDCPL.EXE
size: 16399872
MD5: 23BF0F9CCA3C7AEDAAFB53F8F1E70DE3

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 148888
MD5: 3237A58DC79C051004CD3A67C8FBC781

Located: HK_LM:Run, VisualTooltip
command: C:\Program Files\visual tools\VisualToolTip.exe
file: C:\Program Files\visual tools\VisualToolTip.exe
size: 974336
MD5: 80C49D6984A59862C71DAB1876A55408

Located: HK_LM:Run, VX3000
command: C:\WINDOWS\vVX3000.exe
file: C:\WINDOWS\vVX3000.exe
size: 721936
MD5: 7D9B1758C2956DEA1E6D3CF7E4101857

Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 42496
MD5: 3B44D3A8C9A55E68464B8D7E1297C795

Located: HK_CU:Run, Advanced Uninstaller PRO Installation Monitor
where: S-1-5-21-1960408961-1993962763-839522115-1004...
command: "C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe"
file: C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe
size: 920976
MD5: EFC414B8C694787522A6E2EE1C470FE5

Located: HK_CU:Run, BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: S-1-5-21-1960408961-1993962763-839522115-1004...
command: "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
file: C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
size: 114688
MD5: 2BF6B7A9AFD443BAAF2810BE89D15F98

Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-1960408961-1993962763-839522115-1004...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 42496
MD5: 3B44D3A8C9A55E68464B8D7E1297C795

Located: HK_CU:Run, CursorFX
where: S-1-5-21-1960408961-1993962763-839522115-1004...
command: "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
file: C:\Program Files\Stardock\CursorFX\CursorFX.exe
size: 434176
MD5: 9F619FE44FAF297CA2AA69D1A7DC2280

Located: HK_CU:Run, DAEMON Tools Lite
where: S-1-5-21-1960408961-1993962763-839522115-1004...
command: "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
file: C:\Program Files\DAEMON Tools Lite\daemon.exe
size: 490952
MD5: 79CC43BE17E1D1AC58844574ABD58941

Located: HK_CU:Run, RocketDock
where: S-1-5-21-1960408961-1993962763-839522115-1004...
command: "C:\Program Files\RocketDock2\RocketDock.exe"
file: C:\Program Files\RocketDock2\RocketDock.exe
size: 516096
MD5: 3A211218EC3E19F5E33029A3984FEB2E

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1960408961-1993962763-839522115-1004...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2277888
MD5: BA0D1BD84AD5BC6A76C141890EEF824E

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 42496
MD5: 3B44D3A8C9A55E68464B8D7E1297C795

Located: Démarrage (tous utilisateurs), Fantastic Flame Agent.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
file: C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
size: 29992
MD5: 07A0B8D55431EE900F1706EC433C1D20

Located: Démarrage (désactivé), OpenOffice.org 2.3 (DISABLED)
command: C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE
file: C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE
size: 413696
MD5: 68D2CA2EFD823CE3901B2C3B0AC1CCFF

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (Windows Live Family Safety Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Windows Live Family Safety Browser Helper
CLSID name: Windows Live Family Safety Browser Helper Class
Path: C:\Program Files\Windows Live\Family Safety\
Long name: fssbho.dll
Short name:
Date (created): 06/02/2009 18:08:44
Date (last access): 14/03/2009 20:15:32
Date (last write): 08/12/2008 17:01:58
Filesize: 61792
Attributes: archive
MD5: AF397A56597FCF7EFE90A12E609FDDE8
CRC32: 40F1FE2C
Version: 14.0.8052.1208

{5C255C8A-E604-49b4-9D64-90988571CECB} (Click-to-Call BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Click-to-Call BHO
Path: C:\Program Files\Windows Live\Messenger\
Long name: wlchtc.dll
Short name:
Date (created): 06/02/2009 18:21:00
Date (last access): 14/03/2009 20:15:34
Date (last write): 06/02/2009 18:21:00
Filesize: 73072
Attributes: archive
MD5: AFE0E51266F484E37C2782ABD49028B0
CRC32: FA3AB61F
Version: 14.0.8064.206

{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (Search Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Search Helper
CLSID name: Search Helper
Path: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\
Long name: SearchHelper.dll
Short name: SEARCH~1.DLL
Date (created): 04/12/2008 15:59:06
Date (last access): 14/03/2009 20:15:34
Date (last write): 04/12/2008 15:59:06
Filesize: 92504
Attributes: archive
MD5: C5700CD3293E88BE85C73ECCCE772E9E
CRC32: 4005D5F1
Version: 1.2.118.0

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 22/01/2009 15:41:30
Date (last access): 14/03/2009 20:15:32
Date (last write): 22/01/2009 15:41:30
Filesize: 408448
Attributes: archive
MD5: B7899C3E21B299D7A3C0DA96CAE340BD
CRC32: 288935F8
Version: 5.0.818.5

{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 13/03/2009 22:05:22
Date (last access): 14/03/2009 20:15:34
Date (last write): 13/03/2009 22:05:22
Filesize: 35840
Attributes: archive
MD5: 2CA866C48BD8781383F63229D4D94349
CRC32: B38362A9
Version: 6.0.120.4

{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (Windows Live Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Live Toolbar Helper
Path: C:\Program Files\Windows Live\Toolbar\
Long name: wltcore.dll
Short name:
Date (created): 08/12/2008 17:01:58
Date (last access): 14/03/2009 20:15:32
Date (last write): 08/12/2008 17:01:58
Filesize: 1067352
Attributes: archive
MD5: 4DC993F947CA0E46DAF3260D78BC9A60
CRC32: E16D1FE7
Version: 14.0.8052.1208

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: JQSIEStartDetectorImpl
CLSID name: JQSIEStartDetectorImpl Class
Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
Long name: jqs_plugin.dll
Short name: JQS_PL~1.DLL
Date (created): 13/03/2009 22:05:26
Date (last access): 14/03/2009 20:15:34
Date (last write): 13/03/2009 22:05:26
Filesize: 73728
Attributes: archive
MD5: 8F9867CEA366201D7759F930F9F986BB
CRC32: A5660ADC
Version: 6.0.120.4



--- ActiveX list ---
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 20/03/2008 17:06:36
Date (last access): 14/03/2009 20:24:50
Date (last write): 20/03/2008 17:06:36
Filesize: 1480232
Attributes: archive
MD5: E058C4821D48E0A67F6069CB50818D44
CRC32: 3513AE02
Version: 1.7.69.2

{1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab)
DPF name: System Requirements Lab
CLSID name: System Requirements Lab Class
Installer:
Codebase: https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: sysreqlab_srl.dll
Short name: SYSREQ~1.DLL
Date (created): 08/12/2008 16:11:40
Date (last access): 14/03/2009 12:22:58
Date (last write): 08/12/2008 16:11:40
Filesize: 267568
Attributes: archive
MD5: B11752E787A74D4EA1E3C39ADFC2686D
CRC32: 0BBFA8F6
Version: 3.0.0.3

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://www.update.microsoft.com/...
description:
classification: Legitimate
known filename: muweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 30/07/2007 18:18:34
Date (last access): 14/03/2009 20:25:28
Date (last write): 16/10/2008 14:06:48
Filesize: 208744
Attributes: archive
MD5: D2E6F0A06391FE5556E8A1D6D5041A5E
CRC32: 27FBFA7D
Version: 7.2.6001.788

{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control)
DPF name:
CLSID name: HardwareDetection Control
Installer: C:\WINDOWS\Downloaded Program Files\hardwaredetection.inf
Codebase: https://www.touslesdrivers.com/index.php?v_page=29
description:
classification: Legitimate
known filename: HARDWA~1.OCX
info link:
info source: Safer Networking Ltd.
Path: C:\PROGRA~1\MA-CON~1.COM\
Long name: HardwareDetection.ocx
Short name: HARDWA~1.OCX
Date (created): 24/01/2009 15:13:34
Date (last access): 13/03/2009 21:03:12
Date (last write): 24/01/2009 15:13:34
Filesize: 679080
Attributes: archive
MD5: 6FEA0A3C1694F9802B9F9CFE5B7325B9
CRC32: C9D7AD03
Version: 3.1.1.0

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_12
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_12.dll
Short name: NPJPI1~1.DLL
Date (created): 13/03/2009 22:05:24
Date (last access): 13/03/2009 22:05:24
Date (last write): 13/03/2009 22:05:24
Filesize: 136600
Attributes: archive
MD5: BB1F300BABFAAFBC9DAABCBADE3347F0
CRC32: 000509E5
Version: 6.0.120.4

{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_12
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_12.dll
Short name: NPJPI1~1.DLL
Date (created): 13/03/2009 22:05:24
Date (last access): 14/03/2009 20:35:30
Date (last write): 13/03/2009 22:05:24
Filesize: 136600
Attributes: archive
MD5: BB1F300BABFAAFBC9DAABCBADE3347F0
CRC32: 000509E5
Version: 6.0.120.4

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_12
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_12.dll
Short name: NPJPI1~1.DLL
Date (created): 13/03/2009 22:05:24
Date (last access): 14/03/2009 20:35:30
Date (last write): 13/03/2009 22:05:24
Filesize: 136600
Attributes: archive
MD5: BB1F300BABFAAFBC9DAABCBADE3347F0
CRC32: 000509E5
Version: 6.0.120.4



--- Process list ---
PID: 0 ( 0) [System]
PID: 632 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 680 ( 632) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 704 ( 632) \??\C:\WINDOWS\system32\winlogon.exe
size: 551424
PID: 748 ( 704) C:\WINDOWS\system32\services.exe
size: 109056
MD5: 54CB50058851D95E56EC70D09F70857F
PID: 760 ( 704) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB
PID: 920 ( 748) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 988 ( 748) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1028 ( 748) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1112 ( 748) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1144 ( 748) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1204 ( 748) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
size: 18752
MD5: B4253776EE034F6770FCEE32C28490B0
PID: 1300 ( 748) C:\Program Files\Alwil Software\Avast4\ashServ.exe
size: 138680
MD5: 62889D40A3FB1A9012428E16FE0DC67A
PID: 1508 ( 748) C:\WINDOWS\system32\brsvc01a.exe
size: 77824
MD5: E4D2BB8590A8F96E5841F37975E07793
PID: 1528 (1508) C:\WINDOWS\system32\brss01a.exe
size: 65536
MD5: 795E9ECF2F566C6BE62C3A315675B719
PID: 1536 ( 748) C:\WINDOWS\system32\spoolsv.exe
size: 75264
MD5: 92B8EC8AE537999351EC4BF02462D0D3
PID: 1644 ( 748) C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe
size: 419448
MD5: 3B9155A4A257D1AA7310A39B66118886
PID: 1696 ( 748) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
size: 533344
MD5: F6717211C1EC2CDDAA81B97B0727C2E9
PID: 1724 ( 748) C:\Program Files\Java\jre6\bin\jqs.exe
size: 152984
MD5: 511AB23A292497F2C527EEE5775B0BFE
PID: 1800 ( 748) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
size: 164896
MD5: 514CF97979C166A47B82128DC344D80E
PID: 1820 ( 748) C:\WINDOWS\system32\nvsvc32.exe
size: 163908
MD5: 1633409E67F1BD6E5AC8ECB9CD5D2027
PID: 1852 ( 748) C:\WINDOWS\system32\PnkBstrA.exe
size: 66872
MD5: 19E83B09AB8EE1D837665DA941E2AC44
PID: 1876 ( 748) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
size: 226640
MD5: 58DC20EB15F071804C56FCCC796417A2
PID: 1916 ( 748) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 468 ( 748) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
size: 254040
MD5: F09461C8ECCACE33C271CC229F11E281
PID: 492 ( 748) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
size: 352920
MD5: 23CA3E54474AE5FFDBC0F97B9E1815DB
PID: 592 ( 748) C:\WINDOWS\System32\alg.exe
size: 61952
MD5: 5A2057F0AB7D4DB0D6104CF6DA928542
PID: 3032 (2996) C:\WINDOWS\Explorer.EXE
size: 1573888
MD5: 2ADE17232444E9FA58E82C48CB3A30BB
PID: 3284 (3032) C:\WINDOWS\RTHDCPL.EXE
size: 16399872
MD5: 23BF0F9CCA3C7AEDAAFB53F8F1E70DE3
PID: 3372 (3032) C:\WINDOWS\TBPanel.exe
size: 2189864
MD5: B36CA192535E5F10767B8D40C0732CCF
PID: 3436 (3032) C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe
size: 2506752
MD5: 50F51FA4B9C536DC2A5976322C17C760
PID: 3460 (3032) C:\Program Files\visual tools\VisualToolTip.exe
size: 974336
MD5: 80C49D6984A59862C71DAB1876A55408
PID: 3480 (3032) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: FC242DBD786557AC641726DC5C13F060
PID: 3520 (3032) C:\Program Files\Razer\DeathAdder\razerhid.exe
size: 180224
MD5: B4EB601EFB0D4480028628612956E4C7
PID: 3548 (3032) C:\WINDOWS\vVX3000.exe
size: 721936
MD5: 7D9B1758C2956DEA1E6D3CF7E4101857
PID: 3580 (3032) C:\Program Files\Windows Live\Family Safety\fsui.exe
size: 453984
MD5: 3AD994DD2442E938F53A504C5BAF504B
PID: 3640 (3520) C:\Program Files\Razer\DeathAdder\razertra.exe
size: 163840
MD5: 3762B7EB781F254E5320596A6ADFAC81
PID: 3656 (3032) C:\WINDOWS\system32\RUNDLL32.EXE
size: 52736
MD5: 8080B2A3F0753E74E91115A96D2364BD
PID: 2288 (3032) C:\Program Files\Java\jre6\bin\jusched.exe
size: 148888
MD5: 3237A58DC79C051004CD3A67C8FBC781
PID: 2336 (3520) C:\Program Files\Razer\DeathAdder\razerofa.exe
size: 184320
MD5: CBDCC63795BB9263F3670B163C2A86C1
PID: 2308 (3032) C:\Program Files\RocketDock2\RocketDock.exe
size: 516096
MD5: 3A211218EC3E19F5E33029A3984FEB2E
PID: 2360 (3032) C:\Program Files\Stardock\CursorFX\CursorFX.exe
size: 434176
MD5: 9F619FE44FAF297CA2AA69D1A7DC2280
PID: 2392 (3032) C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
size: 114688
MD5: 2BF6B7A9AFD443BAAF2810BE89D15F98
PID: 2416 (3032) C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe
size: 920976
MD5: EFC414B8C694787522A6E2EE1C470FE5
PID: 2428 (3032) C:\Program Files\DAEMON Tools Lite\daemon.exe
size: 490952
MD5: 79CC43BE17E1D1AC58844574ABD58941
PID: 2452 (3032) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2277888
MD5: BA0D1BD84AD5BC6A76C141890EEF824E
PID: 2472 (3032) C:\WINDOWS\system32\ctfmon.exe
size: 42496
MD5: 3B44D3A8C9A55E68464B8D7E1297C795
PID: 2496 (3032) C:\Program Files\Fantastic Flame Screensaver\FantasticFlameAgent.exe
size: 29992
MD5: 07A0B8D55431EE900F1706EC433C1D20
PID: 3664 (3032) C:\Program Files\internet explorer\iexplore.exe
size: 727072
MD5: A8167D975562FB43EC7B03120EC9417E
PID: 740 (3664) C:\Program Files\internet explorer\iexplore.exe
size: 727072
MD5: A8167D975562FB43EC7B03120EC9417E
PID: 2804 (3032) C:\Program Files\internet explorer\iexplore.exe
size: 727072
MD5: A8167D975562FB43EC7B03120EC9417E
PID: 2872 (2804) C:\Program Files\internet explorer\iexplore.exe
size: 727072
MD5: A8167D975562FB43EC7B03120EC9417E
PID: 1252 ( 920) C:\Program Files\Windows Live\Toolbar\wltuser.exe
size: 224600
MD5: A29E6A21171B933348EB1FEAB2FF1D73
PID: 3992 (3664) C:\Program Files\internet explorer\iexplore.exe
size: 727072
MD5: A8167D975562FB43EC7B03120EC9417E
PID: 612 ( 544) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 14/03/2009 20:35:28

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.google.fr/?gws_rd=ssl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr/?ocid=iehp
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr/?ocid=iehp
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{68427351-C93E-4EC2-8E19-E0174585BCE3}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{68427351-C93E-4EC2-8E19-E0174585BCE3}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5C2EBC7F-31DE-4203-B7BD-689CC7658D5A}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5C2EBC7F-31DE-4203-B7BD-689CC7658D5A}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FC92862E-8B25-4004-AAFA-D7C491F9F895}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FC92862E-8B25-4004-AAFA-D7C491F9F895}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2E31A0E9-0D94-4A03-9672-89D67104A208}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2E31A0E9-0D94-4A03-9672-89D67104A208}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Espace de noms NLA (Network Location Awareness)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
0
Réponse 6 / 6
zemimi
15 mars 2009 à 12:13
essaye le test de kaspersky online sinon télécharge la version 30 jours
si antivir veut rien faire alors doit y a voir un problème
tu peux essayer le scan en ligne de Panda et de Bit defender
Et desinstalle les programmes inutiles
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses