Win32 TDSS.rtk
candisse
Messages postés
3
Statut
Membre
-
Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention -
Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention -
Bonjour,
J'ai cette saloperie sur mon ordi depuis un moment .Spy bot le trouve à chaque fois mais ne peut l'effacer.Je suis nulle en informatique c'est pourquoi je vous adresse ce message de désespoir....Quelqu'un pourrait il m'aider.MERCI
J'ai cette saloperie sur mon ordi depuis un moment .Spy bot le trouve à chaque fois mais ne peut l'effacer.Je suis nulle en informatique c'est pourquoi je vous adresse ce message de désespoir....Quelqu'un pourrait il m'aider.MERCI
5 réponses
Bonsoir,
En fin de compte je ne m'en sort pas.C'est de pire en pire Spy Bot m'indique en plus du win 32 TDSS.rtk un problème Windows explorer.Jcommence auissi à avoir des petites fenêtres noires qui apparaîssent sur le bureau au redémarrage.Je craaaque.
En fin de compte je ne m'en sort pas.C'est de pire en pire Spy Bot m'indique en plus du win 32 TDSS.rtk un problème Windows explorer.Jcommence auissi à avoir des petites fenêtres noires qui apparaîssent sur le bureau au redémarrage.Je craaaque.
Bonsoir,
désactivez la restauration système, puis lancez spybot en mode sans échec.
démarrer en mode sans échec
tapotez la touche F8 en général ou ( F5 selon les pc) au démarrage, puis sélectionnez, avec le flèches du clavier,"mode sans échec" puis appuyez sur la touche entrer
démarrez en administrateur
une fois supprimé réactivez la restauration système
désactivez la restauration système, puis lancez spybot en mode sans échec.
démarrer en mode sans échec
tapotez la touche F8 en général ou ( F5 selon les pc) au démarrage, puis sélectionnez, avec le flèches du clavier,"mode sans échec" puis appuyez sur la touche entrer
démarrez en administrateur
une fois supprimé réactivez la restauration système
Bonjour,
Tout d'abord merci pour votre aide.
Ci joint le rapport Spy bot.Je ne sais pas si ça a marché car il me dit que deux éléments ne peuvent être corrigés.
--- Search result list ---
Le conseil du jour: Cliquez sur la barre située à droite pour voir plus d'informations! ()
Win32.TDSS.rtk: [SBI $A1DBF387] Réglages (Valeur du Registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gaopdxserv.sys\Enum\0
Win32.TDSS.rtk: [SBI $881BBBB8] Réglages (Valeur du Registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gaopdxserv.sys\Enum\Count
Win32.TDSS.rtk: [SBI $838AD185] Réglages (Valeur du Registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gaopdxserv.sys\Enum\NextInstance
Common Dialogs: History (2 files) (Clé du Registre, fixed)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Log: Activity: SchedLgU.Txt (Sauver le fichier, fixed)
C:\WINDOWS\SchedLgU.Txt
Log: Activity: ntbtlog.txt (Sauver le fichier, fixed)
C:\WINDOWS\ntbtlog.txt
Log: Shutdown: System32\wbem\logs\wbemcore.log (Sauver le fichier, fixed)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Log: Shutdown: System32\wbem\logs\wbemess.log (Sauver le fichier, fixed)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Log: Shutdown: System32\wbem\logs\wmiprov.log (Sauver le fichier, fixed)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Internet Explorer: [SBI $FF589D0C] Download directory (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Internet Explorer\Download Directory
Internet Explorer: [SBI $0BC7B918] User agent (Modification du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\QGR9MNWW\secureinclude.ebaystatic.com\ebayLSO.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\QGR9MNWW\secureinclude.ebaystatic.com\ebayT.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\QGR9MNWW\video.flashtalking.com\ft4122-1.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\bin.clearspring.com\clearspring.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\broadcast.piximedia.fr\piximedia.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\cdn.gigya.com\com.quantserve.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\cosmos.bcst.yahoo.com\COSMOSPrefs.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\cosmos.bcst.yahoo.com\COSMOS_FOP.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\d.yimg.com\COSMOSPrefs.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\d.yimg.com\COSMOS_FOP.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\flash.quantserve.com\com.quantserve.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\fr.youtube.com\soundData.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\fr.youtube.com\videostats.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\gdata.youtube.com\soundData.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\gdata.youtube.com\videostats.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\images.video.msn.com\CountryCode.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\img-cdn.mediaplex.com\ft2320-52.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\mochiads.com\com.mochiads.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\mochibot.com\com.mochibot.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\pixmania.com\pixsettings.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\pixmania.com\pixsettings_fr.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\s.ytimg.com\soundData.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\s.ytimg.com\videostats.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\video.flashtalking.com\ft2457-54.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\video.flashtalking.com\ft2457-56.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\video.flashtalking.com\ft2457-57.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.miniclip.com\miniclipxgenml.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.youtube.com\soundData.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.youtube.com\videostats.sol
Adobe FlashPlayer Cookies: [SBI $E17C7B50] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\earth.google.com\datastore.swf\googleEarthSettings.sol
Adobe FlashPlayer Cookies: [SBI $E17C7B50] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\pagead2.googlesyndication.com\pagead\googleadplayer.swf\mediaPlayerUserSettings.sol
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.bigpoint.com\bpid\bpid.swf\bpid.sol
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.miniclip.com\swfcontent\surfpin.swf\geoIP.sol
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.video-foot.net\jeux\space_bounty.swf\qigames_spacebounty25.sol
MS Direct3D: [SBI $7FB7B83F] Most recent application (Modification du Registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Modification du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Modification du Registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Modification du Registre, fixing failed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Modification du Registre, fixing failed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\DirectInput\MostRecentApplication\Id
MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Clé du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Search Assistant\ACMru
RealOne Player 2 (aka RealPlayer 6.0): [SBI $F369C542] Last login time (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\LastLoginTime\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $BB3E2788] Last open file directory (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $066A5F4B] Most recent clips #1 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips1\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $9BCCEEB8] Most recent clips #2 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips2\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $598183D6] Most recent clips #3 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips3\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $7BF08B1F] Most recent clips #4 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips4\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $B9BDE671] Most recent clips #5 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips5\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $241B5782] Most recent clips #6 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips6\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $E6563AEC] Most recent clips #7 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips7\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $60F94610] Most recent clips #8 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips8\
Windows: [SBI $1E4E2003] Drivers installation paths (Modification du Registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 fichiers) (Clé du Registre, fixed)
HKEY_USERS\PE_C_ADMINISTRATEUR\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 fichiers) (Clé du Registre, fixed)
HKEY_USERS\S-1-5-21-1733219022-1630013921-2901636661-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (5 fichiers) (Clé du Registre, fixed)
HKEY_USERS\PE_C_ADMINISTRATEUR\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (1 fichiers) (Clé du Registre, fixing failed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (10 fichiers) (Clé du Registre, fixed)
HKEY_USERS\S-1-5-21-1733219022-1630013921-2901636661-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Clé du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Clé du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Clé du Registre, fixed)
HKEY_USERS\S-1-5-21-1733219022-1630013921-2901636661-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $85C2C910] Last Copy/MoveTo folder (Valeur du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder
Windows Media SDK: [SBI $37AAEDE6] Computer name (Modification du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Valeur du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Valeur du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
WinRAR: [SBI $B84F9965] Last used directory (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\WinRAR\General\LastFolder
Cookie: [SBI $49804B54] Cookie (8) (Cookie, fixed)
Cache: [SBI $49804B54] Cache (156) (Cache, fixed)
History: [SBI $49804B54] Historique (3) (Historique, fixed)
Cookie: [SBI $49804B54] Cookie (17) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080729) ---
2008-07-30 blindman.exe (1.0.0.8)
2008-07-30 SDFiles.exe (1.6.0.4)
2008-07-30 SDMain.exe (1.0.0.6)
2008-07-30 SDShred.exe (1.0.2.3)
2008-07-30 SDUpdate.exe (1.6.0.9)
2008-07-30 SDWinSec.exe (1.0.0.12)
2008-07-30 SpybotSD.exe (1.6.0.31)
2009-03-05 TeaTimer.exe (1.6.6.32)
2006-11-26 unins000.exe (51.41.0.0)
2009-05-05 unins001.exe (51.49.0.0)
2008-07-30 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2009-03-25 Includes\Adware.sbi (*)
2009-05-12 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-03-31 Includes\Dialer.sbi (*)
2009-05-12 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-04-21 Includes\Hijackers.sbi (*)
2009-05-12 Includes\HijackersC.sbi (*)
2009-05-06 Includes\Keyloggers.sbi (*)
2009-05-12 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-05-12 Includes\Malware.sbi (*)
2009-05-13 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-05-12 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-05-12 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-04-07 Includes\Spyware.sbi (*)
2009-05-12 Includes\SpywareC.sbi (*)
2009-04-07 Includes\Tracks.uti (*)
2009-05-12 Includes\Trojans.sbi (*)
2009-05-13 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
/ Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
/ Windows Media Player 11: Mise à jour critique pour Lecteur Windows Media 11 (KB959772)
/ Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
/ Windows XP: Mise à jour de sécurité pour Windows XP (KB941569)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP0: Correctif pour Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Windows XP Service Pack 3
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB923561)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB946648)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950760)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950762)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950974)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951066)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB951072-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951698)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951748)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB951978)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952004)
/ Windows XP / SP4: Correctif pour Windows XP (KB952287)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952954)
/ Windows XP / SP4: Update for Windows XP (KB953356)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953839)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954211)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954459)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954600)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB955069)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB955839)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956391)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956572)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956802)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956841)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957095)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957097)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958644)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958687)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958690)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB959426)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960225)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960715)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961373)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB967715)
--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F
Located: HK_LM:Run, aisyw
command: "c:\windows\system32\aisyw.exe" aisyw
file: c:\windows\system32\aisyw.exe
size: 335872
MD5: 8B49534410F839C2F1B7B54C5F316648
Located: HK_LM:Run, avgnt
command: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
file: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
size: 209153
MD5: 29680A793F690EEF4AAA68479D2A6DF8
Located: HK_LM:Run, fssui
command: "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
file: C:\Program Files\Windows Live\Family Safety\fsui.exe
size: 453984
MD5: 3AD994DD2442E938F53A504C5BAF504B
Located: HK_LM:Run, Google Desktop Search
command: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
file: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 29744
MD5: 6542DC2E93BCE4D4289FA70A4D367DC2
Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 221184
MD5: FB9E5C251CF6C37749F296BACB34A69B
Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763DAB43BDAB27316DBF3373192823D7
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 290088
MD5: E6A4E341E4304B34AA280D3E73818C90
Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep 0 -k
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, LanguageShortcut
command: "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
file: C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
size: 52256
MD5: A4E85BDA66CF4DE8070D6F744D181C12
Located: HK_LM:Run, NBKeyScan
command: "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
file: C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
size: 2221352
MD5: DE9BD75FADB913F4E418CFBA381D7198
Located: HK_LM:Run, NeroFilterCheck
command: C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
file: C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
size: 570664
MD5: 925659214E5E6749C4B6B6E87B3A82D6
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\NvCpl.dll
size: 7311360
MD5: DF5133EA0D6D7C34E44551F87044EE59
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\SYSTEM32\nwiz.exe
size: 1519616
MD5: AE0A7905C97BA30211C700C3E12DFD83
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 413696
MD5: 0AB3C83FCB8EF6F56E4FB22089F0D3B9
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 148888
MD5: A2D390F1F2408B94EF34BFE3A00C29D3
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
size: 185896
MD5: 89D583FC41D48328128A974C25AFAEB7
Located: HK_LM:Run, UStorag
command: c:\program files\u-storage tools2.5\ustorage.exe sys_auto_run C:\Program Files\U-Storage Tools2.5
file: c:\program files\u-storage tools2.5\ustorage.exe
size: 352329
MD5: 81B36D109F73DA85D2CE132D9AFA4316
Located: HK_LM:Run, VirtualDrive
command: "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
file: C:\Program Files\FarStone\VirtualDrive\VDTask.exe
size: 254007
MD5: 42C976A5268D97ADC01DB78A52F9B8F4
Located: HK_LM:RunOnce, SpybotDeletingA7754
command: command /c del "C:\WINDOWS\SchedLgU.Txt"
file: command /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:RunOnce, SpybotDeletingC1288
command: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
file: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:RunOnce, SpybotSnD
command: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
file: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891984
MD5: 9C8F0F34F66BB845B42F70E92A972B5F
Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, MSMSGS
where: PE_C_ADMINISTRATEUR...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: E13EA4860E8F2AA845B53BFD2B6FEC5B
Located: HK_CU:RunOnce, NeroHomeFirstStart
where: PE_C_ADMINISTRATEUR...
command: "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe"
file: C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe
size: 19752
MD5: D72043D51B2CF2F0B2C07008E751623C
Located: HK_CU:Run, MSMSGS
where: PE_C_DEFAULT USER...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: E13EA4860E8F2AA845B53BFD2B6FEC5B
Located: HK_CU:RunOnce, NeroHomeFirstStart
where: PE_C_DEFAULT USER...
command: "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe"
file: C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe
size: 19752
MD5: D72043D51B2CF2F0B2C07008E751623C
Located: HK_CU:Run, aucisqy
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\aucisqy.exe" aucisqy
file: c:\windows\system32\aucisqy.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, ccmow
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\ccmow.exe" ccmow
file: c:\windows\system32\ccmow.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, ctfmon.exe
where: PE_C_ROBIN ET LOGAN...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, H/PC Connection Agent
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
file: C:\Program Files\Microsoft ActiveSync\wcescomm.exe
size: 1211176
MD5: 32C66EF018986853D04328A9CB832A32
Located: HK_CU:Run, IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
file: C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
size: 1840424
MD5: C44031488DED58FCE58E5D94BC345D30
Located: HK_CU:Run, kcskoqi
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\kcskoqi.exe" kcskoqi
file: c:\windows\system32\kcskoqi.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, MessengerPlus3
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
file: C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, MSMSGS
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: E13EA4860E8F2AA845B53BFD2B6FEC5B
Located: HK_CU:Run, msnmsgr
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3882312
MD5: 6CE9CD3BDCA8209051C037D1859AF5E9
Located: HK_CU:Run, QuickTime Task
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 413696
MD5: 0AB3C83FCB8EF6F56E4FB22089F0D3B9
Located: HK_CU:Run, sqwmc
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\sqwmc.exe" sqwmc
file: c:\windows\system32\sqwmc.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, swg
where: PE_C_ROBIN ET LOGAN...
command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE
Located: HK_CU:Run, syyieqo
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\syyieqo.exe" syyieqo
file: c:\windows\system32\syyieqo.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, uemumqw
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\uemumqw.exe" uemumqw
file: c:\windows\system32\uemumqw.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, CanalPlayer
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe
file: C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, H/PC Connection Agent
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
file: C:\PROGRA~1\MI3AA1~1\wcescomm.exe
size: 1211176
MD5: 32C66EF018986853D04328A9CB832A32
Located: HK_CU:Run, IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
file: C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
size: 1840424
MD5: C44031488DED58FCE58E5D94BC345D30
Located: HK_CU:Run, msnmsgr
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3882312
MD5: 6CE9CD3BDCA8209051C037D1859AF5E9
Located: HK_CU:Run, PCTAVApp
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
file: C:\Program Files\PC Tools AntiVirus\PCTAV.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
Located: HK_CU:Run, swg
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE
Located: HK_CU:Run, updateMgr
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:RunOnce, SpybotDeletingB3847
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: command /c del "C:\WINDOWS\SchedLgU.Txt"
file: command /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:RunOnce, SpybotDeletingD3959
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
file: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: Démarrage (tous utilisateurs), HP Digital Imaging Monitor.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 282624
MD5: A9D65CEEEC7844C9A0C6B445BCBE7823
Located: Démarrage (utilisateur), Pin.lnk
where: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage...
command: C:\hp\bin\CLOAKER.EXE
file: C:\hp\bin\CLOAKER.EXE
size: 27136
MD5: 6380625DD0480ED60960A149A087C848
Located: Démarrage (utilisateur), OpenOffice.org 2.2.lnk
where: C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
size: 393216
MD5: 7636C40413BB9AC278BD2C8AE24E3E0C
Located: Démarrage (utilisateur), Notification de cadeaux MSN.lnk
where: C:\Documents and Settings\robin et logan\Menu Démarrer\Programmes\Démarrage...
command: C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
file: C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Démarrage (utilisateur), OpenOffice.org 2.2.lnk
where: C:\Documents and Settings\robin et logan\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
size: 393216
MD5: 7636C40413BB9AC278BD2C8AE24E3E0C
Located: Démarrage (utilisateur), Pin.lnk
where: C:\Documents and Settings\robin et logan\Menu Démarrer\Programmes\Démarrage...
command: C:\hp\bin\CLOAKER.EXE
file: C:\hp\bin\CLOAKER.EXE
size: 27136
MD5: 6380625DD0480ED60960A149A087C848
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{3049C3E9-B461-4BC5-8870-4C09146192CA} (RealPlayer Download and Record Plugin for Internet Explorer)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: RealPlayer Download and Record Plugin for Internet Explorer
Path: C:\Program Files\Real\RealPlayer\
Long name: rpbrowserrecordplugin.dll
Short name: RPBROW~1.DLL
Date (created): 03/09/2008 17:17:52
Date (last access): 18/05/2009 22:09:52
Date (last write): 03/09/2008 17:17:52
Filesize: 308856
Attributes: archive
MD5: 33440A3EF90AF7ED74EE55CA634A9CFA
CRC32: B00E58A9
Version: 1.0.1.57
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (Windows Live Family Safety Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Windows Live Family Safety Browser Helper
CLSID name: Windows Live Family Safety Browser Helper Class
{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (Search Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Search Helper
CLSID name: Search Helper
Path: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\
Long name: SearchHelper.dll
Short name: SEARCH~1.DLL
Date (created): 04/12/2008 16:59:06
Date (last access): 18/05/2009 22:05:22
Date (last write): 04/12/2008 16:59:06
Filesize: 92504
Attributes: archive
MD5: C5700CD3293E88BE85C73ECCCE772E9E
CRC32: 4005D5F1
Version: 1.2.118.0
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 17/02/2009 17:11:04
Date (last access): 18/05/2009 22:12:26
Date (last write): 17/02/2009 17:11:04
Filesize: 408440
Attributes: archive
MD5: 1A82C1B9BB43385695EFC3A84F6756A2
CRC32: 75E558CA
Version: 5.0.818.6
{9CB65201-89C4-402c-BA80-02D8C59F9B1D} (Ask Search Assistant BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Ask Search Assistant BHO
CLSID name: Ask Search Assistant BHO
Path: C:\Program Files\AskTBar\SrchAstt\5.bin\
Long name: A5SRCHAS.DLL
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://www.google.com/intl/fr/toolbar/ie/index.html
info source: TonyKlein
Path: C:\Program Files\Google\Google Toolbar\
Long name: GoogleToolbar.dll
Short name: GOOGLE~1.DLL
Date (created): 13/01/2009 14:34:12
Date (last access): 18/05/2009 22:09:24
Date (last write): 27/04/2009 21:51:56
Filesize: 259696
Attributes: archive
MD5: 6154D449D3856AE42EB38531CE22DC83
CRC32: A7F1D641
Version: 6.1.1518.856
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\
Long name: swg.dll
Short name:
Date (created): 24/03/2009 20:16:42
Date (last access): 18/05/2009 22:12:26
Date (last write): 24/03/2009 20:16:44
Filesize: 668656
Attributes: archive
MD5: D1585B06DED161E13B905DC4FFBF7F12
CRC32: 88D5BAA5
Version: 5.1.1309.3572
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (Google Dictionary Compression sdch)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Google Dictionary Compression sdch
CLSID name: Google Dictionary Compression sdch
Path: C:\Program Files\Google\Google Toolbar\Component\
Long name: fastsearch_A8904FB862BD9564.dll
Short name: FASTSE~2.DLL
Date (created): 27/04/2009 21:51:54
Date (last access): 18/05/2009 22:12:26
Date (last write): 27/04/2009 21:51:54
Filesize: 470512
Attributes: archive
MD5: E35BCCB1D1D96F8E5B09C72AF70EC3F6
CRC32: 73C702FE
Version: 1.0.610.27482
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 30/10/2008 12:53:32
Date (last access): 18/05/2009 22:09:36
Date (last write): 09/03/2009 05:18:50
Filesize: 35840
Attributes: archive
MD5: 96A225C7F5346A9E81FC3DFA89A900C0
CRC32: BAD5D2EF
Version: 6.0.130.3
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (Windows Live Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Live Toolbar Helper
Path: C:\Program Files\Windows Live\Toolbar\
Long name: wltcore.dll
Short name:
Date (created): 08/12/2008 18:01:58
Date (last access): 18/05/2009 22:18:20
Date (last write): 08/12/2008 18:01:58
Filesize: 1067352
Attributes: archive
MD5: 4DC993F947CA0E46DAF3260D78BC9A60
CRC32: E16D1FE7
Version: 14.0.8052.1208
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: JQSIEStartDetectorImpl
CLSID name: JQSIEStartDetectorImpl Class
Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
Long name: jqs_plugin.dll
Short name: JQS_PL~1.DLL
Date (created): 30/10/2008 12:53:36
Date (last access): 18/05/2009 22:05:26
Date (last write): 09/03/2009 05:18:52
Filesize: 73728
Attributes: archive
MD5: 53F8B53918C839F76367B7E612B742B1
CRC32: 735F7F91
Version: 6.0.130.3
{FE063DB1-4EC0-403e-8DD8-394C54984B2C} (Ask Toolbar BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Ask Toolbar BHO
CLSID name: Ask Toolbar BHO
Path: C:\Program Files\AskTBar\bar\5.bin\
Long name: ASKTBAR.DLL
--- ActiveX list ---
Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file:///C:/WINDOWS/Java/classes/xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla
{09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control)
DPF name:
CLSID name: France Telecom MDM ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\MDM.inf
Codebase: http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
description:
classification: Open for discussion
known filename: MDM.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\
Long name: MDM.ocx
Short name:
Date (created): 07/09/2006 11:46:12
Date (last access): 18/05/2009 22:18:20
Date (last write): 07/09/2006 11:46:12
Filesize: 409600
Attributes: archive
MD5: 61356FEF489A501FC8E18E1393D1A407
CRC32: 8F4DB5E7
Version: 1.5.0.1
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 30/06/2008 19:04:26
Date (last access): 18/05/2009 22:18:20
Date (last write): 16/01/2009 20:25:34
Filesize: 202168
Attributes: archive
MD5: B5534D75A5785B913A598488410946A2
CRC32: 4BD1A138
Version: 11.0.3.472
{201B9B37-848F-40BD-90EA-7B8F0AA89D6A} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\IaLdr32.inf
Codebase: http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab
{5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class)
DPF name:
CLSID name: UnoCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\GAME_UNO1.INF
Codebase: http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
description:
classification: Legitimate
known filename: unomsnger.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: GAME_UNO1.dll
Short name: GAME_U~1.DLL
Date (created): 13/04/2007 02:14:52
Date (last access): 18/05/2009 22:18:20
Date (last write): 13/04/2007 02:14:52
Filesize: 382344
Attributes: archive
MD5: A9F8AB66D9D05A13843623EE6B92D259
CRC32: C9DFA641
Version: 1.0.1201.1
{5F4D3335-3194-4167-85AE-E7325F2695EF} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\IaLdr32.inf
Codebase: http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
{5FD9726A-4977-449D-8352-25FDD8A510B5} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\IaLdr32.inf
Codebase: http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1067_em_XP.cab
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase:
Tout d'abord merci pour votre aide.
Ci joint le rapport Spy bot.Je ne sais pas si ça a marché car il me dit que deux éléments ne peuvent être corrigés.
--- Search result list ---
Le conseil du jour: Cliquez sur la barre située à droite pour voir plus d'informations! ()
Win32.TDSS.rtk: [SBI $A1DBF387] Réglages (Valeur du Registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gaopdxserv.sys\Enum\0
Win32.TDSS.rtk: [SBI $881BBBB8] Réglages (Valeur du Registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gaopdxserv.sys\Enum\Count
Win32.TDSS.rtk: [SBI $838AD185] Réglages (Valeur du Registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gaopdxserv.sys\Enum\NextInstance
Common Dialogs: History (2 files) (Clé du Registre, fixed)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Log: Activity: SchedLgU.Txt (Sauver le fichier, fixed)
C:\WINDOWS\SchedLgU.Txt
Log: Activity: ntbtlog.txt (Sauver le fichier, fixed)
C:\WINDOWS\ntbtlog.txt
Log: Shutdown: System32\wbem\logs\wbemcore.log (Sauver le fichier, fixed)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Log: Shutdown: System32\wbem\logs\wbemess.log (Sauver le fichier, fixed)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Log: Shutdown: System32\wbem\logs\wmiprov.log (Sauver le fichier, fixed)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Internet Explorer: [SBI $FF589D0C] Download directory (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Internet Explorer\Download Directory
Internet Explorer: [SBI $0BC7B918] User agent (Modification du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\QGR9MNWW\secureinclude.ebaystatic.com\ebayLSO.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\QGR9MNWW\secureinclude.ebaystatic.com\ebayT.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\QGR9MNWW\video.flashtalking.com\ft4122-1.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\bin.clearspring.com\clearspring.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\broadcast.piximedia.fr\piximedia.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\cdn.gigya.com\com.quantserve.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\cosmos.bcst.yahoo.com\COSMOSPrefs.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\cosmos.bcst.yahoo.com\COSMOS_FOP.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\d.yimg.com\COSMOSPrefs.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\d.yimg.com\COSMOS_FOP.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\flash.quantserve.com\com.quantserve.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\fr.youtube.com\soundData.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\fr.youtube.com\videostats.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\gdata.youtube.com\soundData.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\gdata.youtube.com\videostats.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\images.video.msn.com\CountryCode.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\img-cdn.mediaplex.com\ft2320-52.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\mochiads.com\com.mochiads.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\mochibot.com\com.mochibot.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\pixmania.com\pixsettings.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\pixmania.com\pixsettings_fr.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\s.ytimg.com\soundData.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\s.ytimg.com\videostats.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\video.flashtalking.com\ft2457-54.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\video.flashtalking.com\ft2457-56.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\video.flashtalking.com\ft2457-57.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.miniclip.com\miniclipxgenml.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.youtube.com\soundData.sol
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.youtube.com\videostats.sol
Adobe FlashPlayer Cookies: [SBI $E17C7B50] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\earth.google.com\datastore.swf\googleEarthSettings.sol
Adobe FlashPlayer Cookies: [SBI $E17C7B50] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\pagead2.googlesyndication.com\pagead\googleadplayer.swf\mediaPlayerUserSettings.sol
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.bigpoint.com\bpid\bpid.swf\bpid.sol
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.miniclip.com\swfcontent\surfpin.swf\geoIP.sol
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Fichier texte () (Fichier, fixed)
C:\Documents and Settings\robin et logan\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.video-foot.net\jeux\space_bounty.swf\qigames_spacebounty25.sol
MS Direct3D: [SBI $7FB7B83F] Most recent application (Modification du Registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Modification du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Modification du Registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Modification du Registre, fixing failed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Modification du Registre, fixing failed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\DirectInput\MostRecentApplication\Id
MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Clé du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Search Assistant\ACMru
RealOne Player 2 (aka RealPlayer 6.0): [SBI $F369C542] Last login time (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\LastLoginTime\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $BB3E2788] Last open file directory (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $066A5F4B] Most recent clips #1 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips1\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $9BCCEEB8] Most recent clips #2 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips2\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $598183D6] Most recent clips #3 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips3\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $7BF08B1F] Most recent clips #4 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips4\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $B9BDE671] Most recent clips #5 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips5\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $241B5782] Most recent clips #6 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips6\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $E6563AEC] Most recent clips #7 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips7\
RealOne Player 2 (aka RealPlayer 6.0): [SBI $60F94610] Most recent clips #8 (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips8\
Windows: [SBI $1E4E2003] Drivers installation paths (Modification du Registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 fichiers) (Clé du Registre, fixed)
HKEY_USERS\PE_C_ADMINISTRATEUR\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 fichiers) (Clé du Registre, fixed)
HKEY_USERS\S-1-5-21-1733219022-1630013921-2901636661-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (5 fichiers) (Clé du Registre, fixed)
HKEY_USERS\PE_C_ADMINISTRATEUR\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (1 fichiers) (Clé du Registre, fixing failed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (10 fichiers) (Clé du Registre, fixed)
HKEY_USERS\S-1-5-21-1733219022-1630013921-2901636661-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Clé du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Clé du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Clé du Registre, fixed)
HKEY_USERS\S-1-5-21-1733219022-1630013921-2901636661-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $85C2C910] Last Copy/MoveTo folder (Valeur du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder
Windows Media SDK: [SBI $37AAEDE6] Computer name (Modification du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Valeur du Registre, fixed)
HKEY_USERS\PE_C_DEFAULT USER\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Valeur du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
WinRAR: [SBI $B84F9965] Last used directory (Modification du Registre, fixed)
HKEY_USERS\PE_C_ROBIN ET LOGAN\Software\WinRAR\General\LastFolder
Cookie: [SBI $49804B54] Cookie (8) (Cookie, fixed)
Cache: [SBI $49804B54] Cache (156) (Cache, fixed)
History: [SBI $49804B54] Historique (3) (Historique, fixed)
Cookie: [SBI $49804B54] Cookie (17) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080729) ---
2008-07-30 blindman.exe (1.0.0.8)
2008-07-30 SDFiles.exe (1.6.0.4)
2008-07-30 SDMain.exe (1.0.0.6)
2008-07-30 SDShred.exe (1.0.2.3)
2008-07-30 SDUpdate.exe (1.6.0.9)
2008-07-30 SDWinSec.exe (1.0.0.12)
2008-07-30 SpybotSD.exe (1.6.0.31)
2009-03-05 TeaTimer.exe (1.6.6.32)
2006-11-26 unins000.exe (51.41.0.0)
2009-05-05 unins001.exe (51.49.0.0)
2008-07-30 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2009-03-25 Includes\Adware.sbi (*)
2009-05-12 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-03-31 Includes\Dialer.sbi (*)
2009-05-12 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-04-21 Includes\Hijackers.sbi (*)
2009-05-12 Includes\HijackersC.sbi (*)
2009-05-06 Includes\Keyloggers.sbi (*)
2009-05-12 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-05-12 Includes\Malware.sbi (*)
2009-05-13 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-05-12 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-05-12 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-04-07 Includes\Spyware.sbi (*)
2009-05-12 Includes\SpywareC.sbi (*)
2009-04-07 Includes\Tracks.uti (*)
2009-05-12 Includes\Trojans.sbi (*)
2009-05-13 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
/ Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
/ Windows Media Player 11: Mise à jour critique pour Lecteur Windows Media 11 (KB959772)
/ Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
/ Windows XP: Mise à jour de sécurité pour Windows XP (KB941569)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP0: Correctif pour Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Windows XP Service Pack 3
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB923561)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB946648)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950760)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950762)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950974)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951066)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB951072-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951698)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951748)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB951978)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952004)
/ Windows XP / SP4: Correctif pour Windows XP (KB952287)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952954)
/ Windows XP / SP4: Update for Windows XP (KB953356)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953839)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954211)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954459)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954600)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB955069)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB955839)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956391)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956572)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956802)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956841)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957095)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957097)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958644)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958687)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958690)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB959426)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960225)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960715)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961373)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB967715)
--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F
Located: HK_LM:Run, aisyw
command: "c:\windows\system32\aisyw.exe" aisyw
file: c:\windows\system32\aisyw.exe
size: 335872
MD5: 8B49534410F839C2F1B7B54C5F316648
Located: HK_LM:Run, avgnt
command: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
file: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
size: 209153
MD5: 29680A793F690EEF4AAA68479D2A6DF8
Located: HK_LM:Run, fssui
command: "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
file: C:\Program Files\Windows Live\Family Safety\fsui.exe
size: 453984
MD5: 3AD994DD2442E938F53A504C5BAF504B
Located: HK_LM:Run, Google Desktop Search
command: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
file: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 29744
MD5: 6542DC2E93BCE4D4289FA70A4D367DC2
Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 221184
MD5: FB9E5C251CF6C37749F296BACB34A69B
Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763DAB43BDAB27316DBF3373192823D7
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 290088
MD5: E6A4E341E4304B34AA280D3E73818C90
Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep 0 -k
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, LanguageShortcut
command: "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
file: C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
size: 52256
MD5: A4E85BDA66CF4DE8070D6F744D181C12
Located: HK_LM:Run, NBKeyScan
command: "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
file: C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
size: 2221352
MD5: DE9BD75FADB913F4E418CFBA381D7198
Located: HK_LM:Run, NeroFilterCheck
command: C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
file: C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
size: 570664
MD5: 925659214E5E6749C4B6B6E87B3A82D6
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\NvCpl.dll
size: 7311360
MD5: DF5133EA0D6D7C34E44551F87044EE59
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\SYSTEM32\nwiz.exe
size: 1519616
MD5: AE0A7905C97BA30211C700C3E12DFD83
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 413696
MD5: 0AB3C83FCB8EF6F56E4FB22089F0D3B9
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 148888
MD5: A2D390F1F2408B94EF34BFE3A00C29D3
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
size: 185896
MD5: 89D583FC41D48328128A974C25AFAEB7
Located: HK_LM:Run, UStorag
command: c:\program files\u-storage tools2.5\ustorage.exe sys_auto_run C:\Program Files\U-Storage Tools2.5
file: c:\program files\u-storage tools2.5\ustorage.exe
size: 352329
MD5: 81B36D109F73DA85D2CE132D9AFA4316
Located: HK_LM:Run, VirtualDrive
command: "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
file: C:\Program Files\FarStone\VirtualDrive\VDTask.exe
size: 254007
MD5: 42C976A5268D97ADC01DB78A52F9B8F4
Located: HK_LM:RunOnce, SpybotDeletingA7754
command: command /c del "C:\WINDOWS\SchedLgU.Txt"
file: command /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:RunOnce, SpybotDeletingC1288
command: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
file: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:RunOnce, SpybotSnD
command: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
file: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891984
MD5: 9C8F0F34F66BB845B42F70E92A972B5F
Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, MSMSGS
where: PE_C_ADMINISTRATEUR...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: E13EA4860E8F2AA845B53BFD2B6FEC5B
Located: HK_CU:RunOnce, NeroHomeFirstStart
where: PE_C_ADMINISTRATEUR...
command: "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe"
file: C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe
size: 19752
MD5: D72043D51B2CF2F0B2C07008E751623C
Located: HK_CU:Run, MSMSGS
where: PE_C_DEFAULT USER...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: E13EA4860E8F2AA845B53BFD2B6FEC5B
Located: HK_CU:RunOnce, NeroHomeFirstStart
where: PE_C_DEFAULT USER...
command: "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe"
file: C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe
size: 19752
MD5: D72043D51B2CF2F0B2C07008E751623C
Located: HK_CU:Run, aucisqy
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\aucisqy.exe" aucisqy
file: c:\windows\system32\aucisqy.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, ccmow
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\ccmow.exe" ccmow
file: c:\windows\system32\ccmow.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, ctfmon.exe
where: PE_C_ROBIN ET LOGAN...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, H/PC Connection Agent
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
file: C:\Program Files\Microsoft ActiveSync\wcescomm.exe
size: 1211176
MD5: 32C66EF018986853D04328A9CB832A32
Located: HK_CU:Run, IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
file: C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
size: 1840424
MD5: C44031488DED58FCE58E5D94BC345D30
Located: HK_CU:Run, kcskoqi
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\kcskoqi.exe" kcskoqi
file: c:\windows\system32\kcskoqi.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, MessengerPlus3
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
file: C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, MSMSGS
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: E13EA4860E8F2AA845B53BFD2B6FEC5B
Located: HK_CU:Run, msnmsgr
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3882312
MD5: 6CE9CD3BDCA8209051C037D1859AF5E9
Located: HK_CU:Run, QuickTime Task
where: PE_C_ROBIN ET LOGAN...
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 413696
MD5: 0AB3C83FCB8EF6F56E4FB22089F0D3B9
Located: HK_CU:Run, sqwmc
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\sqwmc.exe" sqwmc
file: c:\windows\system32\sqwmc.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, swg
where: PE_C_ROBIN ET LOGAN...
command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE
Located: HK_CU:Run, syyieqo
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\syyieqo.exe" syyieqo
file: c:\windows\system32\syyieqo.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, uemumqw
where: PE_C_ROBIN ET LOGAN...
command: "c:\windows\system32\uemumqw.exe" uemumqw
file: c:\windows\system32\uemumqw.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, CanalPlayer
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe
file: C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: HK_CU:Run, H/PC Connection Agent
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
file: C:\PROGRA~1\MI3AA1~1\wcescomm.exe
size: 1211176
MD5: 32C66EF018986853D04328A9CB832A32
Located: HK_CU:Run, IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
file: C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
size: 1840424
MD5: C44031488DED58FCE58E5D94BC345D30
Located: HK_CU:Run, msnmsgr
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3882312
MD5: 6CE9CD3BDCA8209051C037D1859AF5E9
Located: HK_CU:Run, PCTAVApp
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
file: C:\Program Files\PC Tools AntiVirus\PCTAV.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
Located: HK_CU:Run, swg
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE
Located: HK_CU:Run, updateMgr
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:RunOnce, SpybotDeletingB3847
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: command /c del "C:\WINDOWS\SchedLgU.Txt"
file: command /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:RunOnce, SpybotDeletingD3959
where: S-1-5-21-1733219022-1630013921-2901636661-1008...
command: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
file: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
Located: Démarrage (tous utilisateurs), HP Digital Imaging Monitor.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 282624
MD5: A9D65CEEEC7844C9A0C6B445BCBE7823
Located: Démarrage (utilisateur), Pin.lnk
where: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage...
command: C:\hp\bin\CLOAKER.EXE
file: C:\hp\bin\CLOAKER.EXE
size: 27136
MD5: 6380625DD0480ED60960A149A087C848
Located: Démarrage (utilisateur), OpenOffice.org 2.2.lnk
where: C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
size: 393216
MD5: 7636C40413BB9AC278BD2C8AE24E3E0C
Located: Démarrage (utilisateur), Notification de cadeaux MSN.lnk
where: C:\Documents and Settings\robin et logan\Menu Démarrer\Programmes\Démarrage...
command: C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
file: C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Démarrage (utilisateur), OpenOffice.org 2.2.lnk
where: C:\Documents and Settings\robin et logan\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
size: 393216
MD5: 7636C40413BB9AC278BD2C8AE24E3E0C
Located: Démarrage (utilisateur), Pin.lnk
where: C:\Documents and Settings\robin et logan\Menu Démarrer\Programmes\Démarrage...
command: C:\hp\bin\CLOAKER.EXE
file: C:\hp\bin\CLOAKER.EXE
size: 27136
MD5: 6380625DD0480ED60960A149A087C848
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{3049C3E9-B461-4BC5-8870-4C09146192CA} (RealPlayer Download and Record Plugin for Internet Explorer)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: RealPlayer Download and Record Plugin for Internet Explorer
Path: C:\Program Files\Real\RealPlayer\
Long name: rpbrowserrecordplugin.dll
Short name: RPBROW~1.DLL
Date (created): 03/09/2008 17:17:52
Date (last access): 18/05/2009 22:09:52
Date (last write): 03/09/2008 17:17:52
Filesize: 308856
Attributes: archive
MD5: 33440A3EF90AF7ED74EE55CA634A9CFA
CRC32: B00E58A9
Version: 1.0.1.57
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (Windows Live Family Safety Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Windows Live Family Safety Browser Helper
CLSID name: Windows Live Family Safety Browser Helper Class
{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (Search Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Search Helper
CLSID name: Search Helper
Path: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\
Long name: SearchHelper.dll
Short name: SEARCH~1.DLL
Date (created): 04/12/2008 16:59:06
Date (last access): 18/05/2009 22:05:22
Date (last write): 04/12/2008 16:59:06
Filesize: 92504
Attributes: archive
MD5: C5700CD3293E88BE85C73ECCCE772E9E
CRC32: 4005D5F1
Version: 1.2.118.0
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 17/02/2009 17:11:04
Date (last access): 18/05/2009 22:12:26
Date (last write): 17/02/2009 17:11:04
Filesize: 408440
Attributes: archive
MD5: 1A82C1B9BB43385695EFC3A84F6756A2
CRC32: 75E558CA
Version: 5.0.818.6
{9CB65201-89C4-402c-BA80-02D8C59F9B1D} (Ask Search Assistant BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Ask Search Assistant BHO
CLSID name: Ask Search Assistant BHO
Path: C:\Program Files\AskTBar\SrchAstt\5.bin\
Long name: A5SRCHAS.DLL
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://www.google.com/intl/fr/toolbar/ie/index.html
info source: TonyKlein
Path: C:\Program Files\Google\Google Toolbar\
Long name: GoogleToolbar.dll
Short name: GOOGLE~1.DLL
Date (created): 13/01/2009 14:34:12
Date (last access): 18/05/2009 22:09:24
Date (last write): 27/04/2009 21:51:56
Filesize: 259696
Attributes: archive
MD5: 6154D449D3856AE42EB38531CE22DC83
CRC32: A7F1D641
Version: 6.1.1518.856
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\
Long name: swg.dll
Short name:
Date (created): 24/03/2009 20:16:42
Date (last access): 18/05/2009 22:12:26
Date (last write): 24/03/2009 20:16:44
Filesize: 668656
Attributes: archive
MD5: D1585B06DED161E13B905DC4FFBF7F12
CRC32: 88D5BAA5
Version: 5.1.1309.3572
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (Google Dictionary Compression sdch)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Google Dictionary Compression sdch
CLSID name: Google Dictionary Compression sdch
Path: C:\Program Files\Google\Google Toolbar\Component\
Long name: fastsearch_A8904FB862BD9564.dll
Short name: FASTSE~2.DLL
Date (created): 27/04/2009 21:51:54
Date (last access): 18/05/2009 22:12:26
Date (last write): 27/04/2009 21:51:54
Filesize: 470512
Attributes: archive
MD5: E35BCCB1D1D96F8E5B09C72AF70EC3F6
CRC32: 73C702FE
Version: 1.0.610.27482
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 30/10/2008 12:53:32
Date (last access): 18/05/2009 22:09:36
Date (last write): 09/03/2009 05:18:50
Filesize: 35840
Attributes: archive
MD5: 96A225C7F5346A9E81FC3DFA89A900C0
CRC32: BAD5D2EF
Version: 6.0.130.3
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (Windows Live Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Live Toolbar Helper
Path: C:\Program Files\Windows Live\Toolbar\
Long name: wltcore.dll
Short name:
Date (created): 08/12/2008 18:01:58
Date (last access): 18/05/2009 22:18:20
Date (last write): 08/12/2008 18:01:58
Filesize: 1067352
Attributes: archive
MD5: 4DC993F947CA0E46DAF3260D78BC9A60
CRC32: E16D1FE7
Version: 14.0.8052.1208
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: JQSIEStartDetectorImpl
CLSID name: JQSIEStartDetectorImpl Class
Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
Long name: jqs_plugin.dll
Short name: JQS_PL~1.DLL
Date (created): 30/10/2008 12:53:36
Date (last access): 18/05/2009 22:05:26
Date (last write): 09/03/2009 05:18:52
Filesize: 73728
Attributes: archive
MD5: 53F8B53918C839F76367B7E612B742B1
CRC32: 735F7F91
Version: 6.0.130.3
{FE063DB1-4EC0-403e-8DD8-394C54984B2C} (Ask Toolbar BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Ask Toolbar BHO
CLSID name: Ask Toolbar BHO
Path: C:\Program Files\AskTBar\bar\5.bin\
Long name: ASKTBAR.DLL
--- ActiveX list ---
Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file:///C:/WINDOWS/Java/classes/xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla
{09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control)
DPF name:
CLSID name: France Telecom MDM ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\MDM.inf
Codebase: http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
description:
classification: Open for discussion
known filename: MDM.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\
Long name: MDM.ocx
Short name:
Date (created): 07/09/2006 11:46:12
Date (last access): 18/05/2009 22:18:20
Date (last write): 07/09/2006 11:46:12
Filesize: 409600
Attributes: archive
MD5: 61356FEF489A501FC8E18E1393D1A407
CRC32: 8F4DB5E7
Version: 1.5.0.1
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 30/06/2008 19:04:26
Date (last access): 18/05/2009 22:18:20
Date (last write): 16/01/2009 20:25:34
Filesize: 202168
Attributes: archive
MD5: B5534D75A5785B913A598488410946A2
CRC32: 4BD1A138
Version: 11.0.3.472
{201B9B37-848F-40BD-90EA-7B8F0AA89D6A} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\IaLdr32.inf
Codebase: http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab
{5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class)
DPF name:
CLSID name: UnoCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\GAME_UNO1.INF
Codebase: http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
description:
classification: Legitimate
known filename: unomsnger.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: GAME_UNO1.dll
Short name: GAME_U~1.DLL
Date (created): 13/04/2007 02:14:52
Date (last access): 18/05/2009 22:18:20
Date (last write): 13/04/2007 02:14:52
Filesize: 382344
Attributes: archive
MD5: A9F8AB66D9D05A13843623EE6B92D259
CRC32: C9DFA641
Version: 1.0.1201.1
{5F4D3335-3194-4167-85AE-E7325F2695EF} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\IaLdr32.inf
Codebase: http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
{5FD9726A-4977-449D-8352-25FDD8A510B5} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\IaLdr32.inf
Codebase: http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1067_em_XP.cab
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase:
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
essayez des scans en ligne.
https://www.malekal.com/scan-antivirus-ligne-nod32/