Virtumonde - Page 2

Résolu
Précédent
  • 1
  • 2
  1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Re

    2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

    https://www.malwarebytes.com/
    https://www.commentcamarche.net/telecharger/ 34055379 malwarebyte s anti malware
    Tuto
    https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

    3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

    4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

    5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

    6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

    7) Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

    8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

    9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

    10) Si des malwares ont été détectés,
    leur liste s'affiche.
    En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

    11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

    12) Ferme MBAM en cliquant sur Quitter.

    13) Poste le rapport dans ta réponse


    0
  2. kduc Messages postés 1537 Statut Membre 133
     
    Salut à vous

    Marie,

    Pourquoi lui demander d' installer Malwarebytes, alors qu' il l' a déjà !?

    cf. le premier rapport ComboFix ainsi que le RSIT.
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      Je préfère mes canned, mes marches à suivre.


      cf. le premier rapport ComboFix ainsi que le RSIT. ???
      0
      1. kduc Messages postés 1537 Statut Membre 133 > ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention  
         
        ...

        Certes.

        A propos de canned, mets celui de ToolCleaner à jour en n' omettant pas d' associer dj QUIOU à A.Roshtein ...
        ça lui f'ra plaisir, puisque A.Roshtein lui a cédé les droits et donné son accord pour faire évoluer le tool !

        Je compter sur toi ...
        0
      2. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280 > kduc Messages postés 1537 Statut Membre
         
        c'est fait ;)
        0
  3. Youyayoun Messages postés 269 Statut Membre 15
     
    Bon je poste quand même mon rapport Malware :D
    Merci

    Malwarebytes' Anti-Malware 1.37
    Database version: 2198
    Windows 5.1.2600 Service Pack 3

    30/05/2009 23:56:29
    mbam-log-2009-05-30 (23-56-29).txt

    Scan type: Full Scan (C:\|D:\|)
    Objects scanned: 147153
    Time elapsed: 28 minute(s), 28 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
    0
  4. Youyayoun Messages postés 269 Statut Membre 15
     
    Seul Spybot semble le détecter lors du scan... bizarre...
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      Salut

      Faudrait coller le scan de spybot ici

      ++
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Youyayoun Messages postés 269 Statut Membre 15
     
    Me souviens pas d'un rapport de spybot, mais il detecte rien... Je lance quand même le scan et j'essaye de poster !
    Merci
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      mais il detecte rien
      Ben ! Alors !! Il est où le problème ?
      0
  7. Youyayoun Messages postés 269 Statut Membre 15
     
    Bah justement !
    Il boque comme un con pendant 40 minutes sur des fichiers Virtumonde !

    Virtumonde.Dll
    Virtumonde.prx
    Virtumonde.sci
    Virtumonde.sdn

    C'est super long, on dirait que ces fichiers prennent la moitié de mon ordi !
    Le scan va se finir.
    Quand je dis il détecte rien, c'est au final qu'il me dit qu'il y a pas de problemes... Mais quand je regarde le scan en temps réel, il loque longtemps sur ces fichiers !
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      Je voudrai savoir OU il et placé.
      0
  8. Youyayoun Messages postés 269 Statut Membre 15
     
    --- Search result list ---
    Félicitations!: Aucun mouchard n'a été trouvé. (Status)

    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2009-02-27 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2008-10-22 advcheck.dll (1.6.2.13)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-09-15 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2008-10-22 Tools.dll (2.1.6.8)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2009-05-19 Includes\Adware.sbi (*)
    2009-05-26 Includes\AdwareC.sbi (*)
    2009-01-22 Includes\Cookies.sbi (*)
    2009-05-19 Includes\Dialer.sbi (*)
    2009-05-26 Includes\DialerC.sbi (*)
    2009-01-22 Includes\HeavyDuty.sbi (*)
    2009-05-26 Includes\Hijackers.sbi (*)
    2009-05-26 Includes\HijackersC.sbi (*)
    2009-05-06 Includes\Keyloggers.sbi (*)
    2009-05-26 Includes\KeyloggersC.sbi (*)
    2009-05-12 Includes\Malware.sbi (*)
    2009-05-26 Includes\MalwareC.sbi (*)
    2009-03-25 Includes\PUPS.sbi (*)
    2009-05-26 Includes\PUPSC.sbi (*)
    2009-01-22 Includes\Revision.sbi (*)
    2009-01-13 Includes\Security.sbi (*)
    2009-05-26 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2009-04-07 Includes\Spyware.sbi (*)
    2009-05-26 Includes\SpywareC.sbi (*)
    2009-04-07 Includes\Tracks.uti
    2009-05-12 Includes\Trojans.sbi (*)
    2009-05-26 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

    --- System information ---
    Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    / DataAccess: Security update for Microsoft Data Access Components
    / DirectX / DX9 / SP3: Correctif pour DirectX - KB825116
    / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
    If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
    For more information, visit https://support.microsoft.com/en-us/help/928365/description-of-the-security-update-for-the-net-framework-2-0-for-windo
    / MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
    / MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
    / Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
    / Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
    / Windows / SP1: Microsoft National Language Support Downlevel APIs
    / Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
    / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
    / Windows Media Player: Windows Media Update 819639
    / Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
    / Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683)
    / Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
    / Windows Media Player 11: Mise à jour critique pour Lecteur Windows Media 11 (KB959772)
    / Windows XP: Mise à jour de sécurité pour Windows XP (KB941569)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)
    / Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
    / Windows XP / SP2: Windows XP Service Pack 2
    / Windows XP / SP3: Windows XP Service Pack 3
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB923561)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464)
    / Windows XP / SP4: Mise à jour pour Windows XP (KB942763)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB946648)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950759)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950760)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950762)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950974)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951066)
    / Windows XP / SP4: Mise à jour pour Windows XP (KB951072-v2)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376-v2)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951698)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951748)
    / Windows XP / SP4: Mise à jour pour Windows XP (KB951978)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952004)
    / Windows XP / SP4: Correctif pour Windows XP (KB952287)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952954)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953838)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953839)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954211)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954459)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954600)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB955069)
    / Windows XP / SP4: Mise à jour pour Windows XP (KB955839)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956391)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956572)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956802)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956803)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956841)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957095)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957097)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958644)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958687)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958690)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB959426)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960225)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960715)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960803)
    / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961373)
    / Windows XP / SP4: Mise à jour pour Windows XP (KB967715)
    / Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221
    / XML Paper Specification Shared Components Pack 1.0: XML Paper Specification Shared Components Pack 1.0

    --- Startup entries list ---
    Located: HK_LM:Run, Adobe Reader Speed Launcher
    command: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    file: C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    size: 35696
    MD5: 452FA961163EF4AEE4815796A13AB2CF

    Located: HK_LM:Run, AlcWzrd
    command: ALCWZRD.EXE
    file: C:\WINDOWS\ALCWZRD.EXE
    size: 2557952
    MD5: 17CF16FA813C551353E531A51B6800D2

    Located: HK_LM:Run, avast!
    command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    size: 81000
    MD5: FC242DBD786557AC641726DC5C13F060

    Located: HK_LM:Run, DNS7reminder
    command: "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
    file: C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe
    size: 259624
    MD5: 568DF9D7D514AAB47373D8EE35C324E5

    Located: HK_LM:Run, NvCplDaemon
    command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    file: C:\WINDOWS\system32\NvCpl.dll
    size: 13574144
    MD5: 89C7169D6161D98585880E3079D721F3

    Located: HK_LM:Run, NvMediaCenter
    command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    file: C:\WINDOWS\system32\NvMcTray.dll
    size: 86016
    MD5: C01F5EFFCF7D51921722D96AE4140727

    Located: HK_LM:Run, nwiz
    command: nwiz.exe /install
    file: C:\WINDOWS\system32\nwiz.exe
    size: 1657376
    MD5: 7ADC35508F0C8D21197DD9988BDD42A4

    Located: HK_LM:Run, Raccourci vers la page des propriétés de High Definition Audio
    command: HDAudPropShortcut.exe
    file: C:\WINDOWS\system32\HDAudPropShortcut.exe
    size: 61952
    MD5: 3E7A11C1C4EBD2C3C52197238DF4E14B

    Located: HK_LM:Run, SoundMan
    command: SOUNDMAN.EXE
    file: C:\WINDOWS\SOUNDMAN.EXE
    size: 77824
    MD5: 5750D7AE7B501DAB3E9546403784939F

    Located: HK_LM:Run, SSBkgdUpdate
    command: "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    file: C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
    size: 210472
    MD5: 846965AE55A2662B1576C0F392DD1D6E

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Java\jre6\bin\jusched.exe"
    file: C:\Program Files\Java\jre6\bin\jusched.exe
    size: 148888
    MD5: A2D390F1F2408B94EF34BFE3A00C29D3

    Located: HK_LM:Run, VirtualCloneDrive
    command: "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    file: C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    size: 52168
    MD5: 9F3287A1CAF6E365ED2B39BB8D44B0EA

    Located: HK_CU:Run, CTFMON.EXE
    where: .DEFAULT...
    command: C:\WINDOWS\System32\CTFMON.EXE
    file: C:\WINDOWS\System32\CTFMON.EXE
    size: 15360
    MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

    Located: HK_CU:Run, AlcoholAutomount
    where: S-1-5-21-2174628605-1942470035-4010875387-1006...
    command: "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
    file: C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe
    size: 217544
    MD5: EBE01A82316B05FBBBEE67A11EE6F29A

    Located: HK_CU:Run, ctfmon.exe
    where: S-1-5-21-2174628605-1942470035-4010875387-1006...
    command: C:\WINDOWS\system32\ctfmon.exe
    file: C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

    Located: HK_CU:Run, CTFMON.EXE
    where: S-1-5-18...
    command: C:\WINDOWS\System32\CTFMON.EXE
    file: C:\WINDOWS\System32\CTFMON.EXE
    size: 15360
    MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

    Located: Démarrage (utilisateur), LemonScreen.lnk
    where: C:\Documents and Settings\OUHAYOUN\Menu Démarrer\Programmes\Démarrage...
    command: C:\Documents and Settings\OUHAYOUN\Application Data\Microsoft\Installer\{C75C9EFC-260B-4565-A801-904CEE81CBC8}\_bb32ea6.exe
    file: C:\Documents and Settings\OUHAYOUN\Application Data\Microsoft\Installer\{C75C9EFC-260B-4565-A801-904CEE81CBC8}\_bb32ea6.exe
    size: 12862
    MD5: A21B9A5C46E6BB786E1450A8F591353C

    Located: WinLogon, crypt32chain
    command: crypt32.dll
    file: crypt32.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, cryptnet
    command: cryptnet.dll
    file: cryptnet.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, cscdll
    command: cscdll.dll
    file: cscdll.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, dimsntfy
    command: %SystemRoot%\System32\dimsntfy.dll
    file: %SystemRoot%\System32\dimsntfy.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, ScCertProp
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, Schedule
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, sclgntfy
    command: sclgntfy.dll
    file: sclgntfy.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, SensLogn
    command: WlNotify.dll
    file: WlNotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, termsrv
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, wlballoon
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    --- Browser helper object list ---
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: AcroIEHelperStub
    CLSID name: Adobe PDF Link Helper
    Path: C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\
    Long name: AcroIEHelperShim.dll
    Short name: ACROIE~2.DLL
    Date (created): 27/02/2009 13:07:26
    Date (last access): 01/06/2009 11:05:24
    Date (last write): 27/02/2009 13:07:26
    Filesize: 75128
    Attributes: archive
    MD5: 5CF6190CD875DA6B35256FEE573E7908
    CRC32: 764BA81B
    Version: 9.1.0.163

    {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} (flashget urlcatch)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: flashget urlcatch
    CLSID name: FGCatchUrl
    Path: C:\Program Files\FlashGet\
    Long name: jccatch.dll
    Short name:
    Date (created): 06/08/2007 11:11:58
    Date (last access): 01/06/2009 10:29:50
    Date (last write): 06/08/2007 11:11:58
    Filesize: 94308
    Attributes: archive
    MD5: F75511A4E8C213D088BA7E53BA0CC4DA
    CRC32: FABB6089
    Version: 1.8.4.1007

    {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (Search Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: Search Helper
    CLSID name: Search Helper
    Path: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\
    Long name: SearchHelper.dll
    Short name: SEARCH~1.DLL
    Date (created): 14/01/2009 18:49:24
    Date (last access): 01/06/2009 11:05:20
    Date (last write): 14/01/2009 18:49:24
    Filesize: 92504
    Attributes: archive
    MD5: C5700CD3293E88BE85C73ECCCE772E9E
    CRC32: 4005D5F1
    Version: 1.2.118.0

    {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name:

    {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Java(tm) Plug-In 2 SSV Helper
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2ssv.dll
    Short name:
    Date (created): 19/12/2008 11:58:30
    Date (last access): 01/06/2009 11:10:00
    Date (last write): 09/03/2009 05:18:50
    Filesize: 35840
    Attributes: archive
    MD5: 96A225C7F5346A9E81FC3DFA89A900C0
    CRC32: BAD5D2EF
    Version: 6.0.130.3

    {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (Windows Live Toolbar Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Windows Live Toolbar Helper
    Path: C:\Program Files\Windows Live\Toolbar\
    Long name: wltcore.dll
    Short name:
    Date (created): 06/02/2009 19:17:46
    Date (last access): 01/06/2009 11:23:26
    Date (last write): 06/02/2009 19:17:46
    Filesize: 1068904
    Attributes: archive
    MD5: 28455424E3C8B81661C5A40E18066BB1
    CRC32: E5BA354B
    Version: 14.0.8064.206

    {E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: JQSIEStartDetectorImpl
    CLSID name: JQSIEStartDetectorImpl Class
    Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
    Long name: jqs_plugin.dll
    Short name: JQS_PL~1.DLL
    Date (created): 19/12/2008 11:58:30
    Date (last access): 01/06/2009 11:05:24
    Date (last write): 09/03/2009 05:18:52
    Filesize: 73728
    Attributes: archive
    MD5: 53F8B53918C839F76367B7E612B742B1
    CRC32: 735F7F91
    Version: 6.0.130.3

    {F156768E-81EF-470C-9057-481BA8380DBA} (FlashGet GetFlash Class)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: FlashGet GetFlash Class
    Path: C:\Program Files\FlashGet\
    Long name: getflash.dll
    Short name:
    Date (created): 18/05/2007 18:13:10
    Date (last access): 01/06/2009 10:29:50
    Date (last write): 18/05/2007 18:13:10
    Filesize: 163840
    Attributes: archive
    MD5: 42CB9A71788338483537F36A00318D00
    CRC32: AC7D29D0
    Version: 1.8.4.1003

    --- ActiveX list ---
    {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
    DPF name:
    CLSID name: MUWebControl Class
    Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
    Codebase: http://www.update.microsoft.com/...
    description:
    classification: Legitimate
    known filename: muweb.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\system32\
    Long name: muweb.dll
    Short name:
    Date (created): 30/07/2007 19:18:34
    Date (last access): 01/06/2009 11:07:00
    Date (last write): 16/10/2008 15:06:48
    Filesize: 208744
    Attributes: archive
    MD5: D2E6F0A06391FE5556E8A1D6D5041A5E
    CRC32: 27FBFA7D
    Version: 7.2.6001.788

    {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_13
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    description: Sun Java
    classification: Legitimate
    known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
    info link:
    info source: Patrick M. Kolla
    Path: C:\Program Files\Java\jre6\bin\
    Long name: npjpi160_13.dll
    Short name: NPJPI1~1.DLL
    Date (created): 09/03/2009 02:53:24
    Date (last access): 01/06/2009 11:23:26
    Date (last write): 09/03/2009 05:19:10
    Filesize: 136600
    Attributes: archive
    MD5: 20188EB1790C5EB9057DDFE3EA138FC7
    CRC32: 2EA1ACCF
    Version: 6.0.130.3

    {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
    DPF name: Java Runtime Environment 1.4.2
    CLSID name:
    Installer:
    Codebase: https://www.oracle.com/java/technologies/
    description: Java Runtime Environment 1.4.2
    classification: Legitimate
    known filename: %ProgramFiles%\Java\j2re1.4.2_01\bin\NPJPI142_04.dll
    info link:
    info source: Patrick M. Kolla

    {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name:
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

    {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_13
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    Path: C:\Program Files\Java\jre6\bin\
    Long name: npjpi160_13.dll
    Short name: NPJPI1~1.DLL
    Date (created): 09/03/2009 02:53:24
    Date (last access): 01/06/2009 11:23:26
    Date (last write): 09/03/2009 05:19:10
    Filesize: 136600
    Attributes: archive
    MD5: 20188EB1790C5EB9057DDFE3EA138FC7
    CRC32: 2EA1ACCF
    Version: 6.0.130.3

    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_13
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    description:
    classification: Legitimate
    known filename: npjpi150_06.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\Program Files\Java\jre6\bin\
    Long name: npjpi160_13.dll
    Short name: NPJPI1~1.DLL
    Date (created): 09/03/2009 02:53:24
    Date (last access): 01/06/2009 11:23:26
    Date (last write): 09/03/2009 05:19:10
    Filesize: 136600
    Attributes: archive
    MD5: 20188EB1790C5EB9057DDFE3EA138FC7
    CRC32: 2EA1ACCF
    Version: 6.0.130.3

    {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
    DPF name:
    CLSID name: Shockwave Flash Object
    Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
    Codebase: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    description: Macromedia Shockwave Flash Player
    classification: Legitimate
    known filename:
    info link:
    info source: Patrick M. Kolla
    Path: C:\WINDOWS\System32\Macromed\Flash\
    Long name: Flash9f.ocx
    Short name:
    Date (created): 25/03/2008 04:32:42
    Date (last access): 01/06/2009 11:23:26
    Date (last write): 25/03/2008 04:32:42
    Filesize: 2991488
    Attributes: readonly archive
    MD5: 48FDF435B8595604E54125B321924510
    CRC32: 12335E29
    Version: 9.0.124.0

    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 536 ( 4) \SystemRoot\System32\smss.exe
    size: 50688
    PID: 592 ( 536) \??\C:\WINDOWS\system32\csrss.exe
    size: 6144
    PID: 620 ( 536) \??\C:\WINDOWS\system32\winlogon.exe
    size: 512000
    PID: 664 ( 620) C:\WINDOWS\system32\services.exe
    size: 111104
    MD5: C3FB1D70CB88722267949694BA51759E
    PID: 676 ( 620) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB
    PID: 824 ( 664) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 888 ( 664) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 956 ( 664) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 992 ( 664) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 1128 ( 664) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 1216 ( 664) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 1268 ( 664) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    size: 18752
    MD5: B4253776EE034F6770FCEE32C28490B0
    PID: 1324 ( 664) C:\Program Files\Alwil Software\Avast4\ashServ.exe
    size: 138680
    MD5: 62889D40A3FB1A9012428E16FE0DC67A
    PID: 1552 ( 664) C:\WINDOWS\system32\spoolsv.exe
    size: 57856
    MD5: 460E4CE148BD07218DA0B6A3D31885A9
    PID: 220 ( 664) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 280 ( 664) C:\Program Files\Java\jre6\bin\jqs.exe
    size: 152984
    MD5: 890369AED0DDE1A98F09F7DC239CA2BD
    PID: 456 ( 664) C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    size: 322120
    MD5: 11F714F85530A2BD134074DC30E99FCA
    PID: 940 ( 560) C:\WINDOWS\Explorer.EXE
    size: 1037824
    MD5: F2317622D29F9FF0F88AEECD5F60F0DD
    PID: 1228 ( 664) C:\Program Files\CDBurnerXP\NMSAccessU.exe
    size: 71096
    MD5: FD306FBCCE7ADB1077B709742E7148E9
    PID: 1484 ( 664) C:\WINDOWS\system32\nvsvc32.exe
    size: 163908
    MD5: F96DF45CFBDC670584293E03C2AB602A
    PID: 1620 ( 664) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    size: 226656
    MD5: D358E077A0A05D9B12DA22D137EE8464
    PID: 1720 ( 664) C:\WINDOWS\system32\slserv.exe
    size: 45056
    MD5: DB823CD4E9B57B5CB15D556633054A15
    PID: 1768 ( 664) C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    size: 275968
    MD5: B1691AF4A072CB674D600DB16DD7308E
    PID: 1792 ( 664) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 2448 ( 940) C:\WINDOWS\SOUNDMAN.EXE
    size: 77824
    MD5: 5750D7AE7B501DAB3E9546403784939F
    PID: 2464 ( 940) C:\WINDOWS\ALCWZRD.EXE
    size: 2557952
    MD5: 17CF16FA813C551353E531A51B6800D2
    PID: 2484 ( 940) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    size: 81000
    MD5: FC242DBD786557AC641726DC5C13F060
    PID: 2492 ( 940) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    size: 52168
    MD5: 9F3287A1CAF6E365ED2B39BB8D44B0EA
    PID: 2508 ( 940) C:\WINDOWS\system32\RUNDLL32.EXE
    size: 33792
    MD5: 93AD0B78C7357A05F50E594EC7C22300
    PID: 2548 ( 940) C:\Program Files\Java\jre6\bin\jusched.exe
    size: 148888
    MD5: A2D390F1F2408B94EF34BFE3A00C29D3
    PID: 2612 ( 940) C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
    PID: 2640 ( 664) C:\WINDOWS\System32\alg.exe
    size: 44544
    MD5: 5E9A6658A2A69AE7EB195113B7A2E7A9
    PID: 2688 ( 940) C:\Program Files\KeyLemon\LemonScreen\LemonScreen.exe
    size: 1413120
    MD5: EC7927A47A5150B604874C591EBCDBC5
    PID: 3660 ( 664) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: E4BDF223CD75478BF44567B4D5C2634D
    PID: 3816 ( 664) C:\WINDOWS\System32\wbem\wmiapsrv.exe
    size: 126464
    MD5: 4E8E8A58F56B25D0795F484E5EB7F898
    PID: 2152 ( 664) C:\Program Files\Bonjour\mDNSResponder.exe
    size: 229376
    MD5: 73686FE0B2E0469F89FD2075BE724704
    PID: 3812 ( 664) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    size: 254040
    MD5: F09461C8ECCACE33C271CC229F11E281
    PID: 4028 ( 664) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    size: 352920
    MD5: 23CA3E54474AE5FFDBC0F97B9E1815DB
    PID: 3844 ( 940) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 5365592
    MD5: 0477C2F9171599CA5BC3307FDFBA8D89
    PID: 1188 ( 940) C:\Program Files\Mozilla Firefox\firefox.exe
    size: 7678568
    MD5: 8F93743D81634DB09023C41154B3E320
    PID: 4 ( 0) System

    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 01/06/2009 11:24:29

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\WINDOWS\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    https://www.orange.fr/portail
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    https://www.msn.com/fr-fr/?ocid=iehp
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    https://www.msn.com/fr-fr/?ocid=iehp
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm

    --- Winsock Layered Service Provider list ---
    Protocol 0: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 1: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 2: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 3: RSVP UDP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll

    Protocol 4: RSVP TCP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll

    Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3966C532-4E61-4AF2-A575-952CDF96C659}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3966C532-4E61-4AF2-A575-952CDF96C659}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF7C332E-DB59-4879-8638-A2E4E031F2F4}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF7C332E-DB59-4879-8638-A2E4E031F2F4}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AC3271DD-0E47-4AB1-A575-B355E18DEF46}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AC3271DD-0E47-4AB1-A575-B355E18DEF46}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F40F0325-E264-4190-8B25-6B2C7D0AFE01}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F40F0325-E264-4190-8B25-6B2C7D0AFE01}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{58EBDCD0-65E2-43A1-8920-017E49F61EAA}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{58EBDCD0-65E2-43A1-8920-017E49F61EAA}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll

    Namespace Provider 0: TCP/IP
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename: %SystemRoot%\System32\mswsock.dll

    Namespace Provider 1: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll

    Namespace Provider 2: Espace de noms NLA (Network Location Awareness)
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename: %SystemRoot%\System32\mswsock.dll

    Namespace Provider 3: mdnsNSP
    GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
    Filename: C:\Program Files\Bonjour\mdnsNSP.dll

    --- Uninstall list ---
    (AddressBook)

    Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
    version (major): 5
    install location: C:\Program Files\Adobe\Acrobat 5.0
    install source: C:\Documents and Settings\OUHAYOUN\Local Settings\Temp\pftB3~tmp\
    uninstall cmd: C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    publisher: Adobe Systems, Inc.
    help link: https://acrobat.adobe.com/us/en/acrobat.html

    Adobe AIR 1.1.0.5790 (Adobe AIR)
    install location: c:\
    uninstall cmd: c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    publisher: Adobe Systems Inc.

    Adobe Flash Player ActiveX 9.0.124.0 (Adobe Flash Player ActiveX)
    uninstall cmd: C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
    publisher: Adobe Systems Incorporated
    help link: https://helpx.adobe.com/flash-player.html

    Adobe Flash Player 10 Plugin 10.0.22.87 (Adobe Flash Player Plugin)
    uninstall cmd: C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
    publisher: Adobe Systems Incorporated

    Adobe Photoshop CS3 10.0 (Adobe_32e9033392a51340b32fdc6ad893ab7)
    estimated size: 1112748
    uninstall cmd: C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
    publisher: Adobe Systems Incorporated
    help link: https://helpx.adobe.com/support.html
    help telephone: https://helpx.adobe.com/fr/contact.html

    Adobe ExtendScript Toolkit 2 2.0.2 (Adobe_3e054d2218e7aa282c2369d939e58ff)
    estimated size: 16809
    uninstall cmd: C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
    publisher: Adobe Systems Incorporated

    Audacity 1.3.4 (Unicode) (Audacity 1.3 Beta (Unicode)_is1)
    install date: 20080808
    install location: C:\Program Files\Audacity 1.3 Beta (Unicode)\
    uninstall cmd: "C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
    publisher: Audacity Team
    help link: https://sourceforge.net/projects/audacity/

    avast! Antivirus 4.8 (avast!)
    version (major): 4
    version (minor): 8
    install location: C:\PROGRA~1\ALWILS~1\Avast4
    install source: C:\PROGRA~1\ALWILS~1\Avast4\setup
    uninstall cmd: C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    publisher: Alwil Software
    help link: https://www.avast.com/fr-fr/index

    (Branding)

    CCleaner (remove only) (CCleaner)
    uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"
    publisher: Piriform

    (Connection Manager)

    Curse Client (CurseClient)
    uninstall cmd: C:\Program Files\Curse\uninstall.exe

    (DirectAnimation)

    (DirectDrawEx)

    (DXM_Runtime)

    eMule (eMule)
    uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"

    FlashGet 1.9.6.1073 1.9.6.1073 (FlashGet)
    uninstall cmd: C:\Program Files\FlashGet\uninst.exe
    publisher: http://www.flashget.com

    (Fontcore)

    Fraps (remove only) (Fraps)
    uninstall cmd: "C:\Fraps\uninstall.exe"

    HijackThis 2.0.2 2.0.2 (HijackThis)
    uninstall cmd: "C:\Program Files\trend micro\HijackThis.exe" /uninstall
    publisher: TrendMicro

    (ICW)

    Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
    install date: 20080822
    uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation

    (IE40)

    (IE4Data)

    (IE5BAKEX)

    Windows Internet Explorer 7 20070813.185237 (ie7)
    install date: 20080822
    uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/office/internet-explorer-help-23360e49-9cd3-4dda-ba52-705336cc0de2?ui=en-US&rs=en-001&ad=US

    (IEData)

    (InstallShield Uninstall Information)

    OpenMG Secure Module 4.7.00 4.7.00.12140 (InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D})
    version: 67567616
    version (major): 4
    version (minor): 7
    estimated size: 23788
    install date: 20090524
    install location: C:\Program Files\Sony Corporation\OpenMG Secure Module\
    install source: C:\DOCUME~1\OUHAYOUN\LOCALS~1\Temp\sonicext.tmp\OmgSetup\
    uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
    publisher: Sony Corporation

    High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us

    (KB884016)

    (KB884267)

    (KB885353)

    (KB886612)

    (KB887078)

    (KB887626)

    (KB888656)

    (KB891122)

    Windows Genuine Advantage Validation Tool (KB892130) (KB892130)
    install date: 20080807
    publisher: Microsoft Corporation
    help link: https://www.microsoft.com/en-us/howtotell/default.aspx

    (KB893240)

    (KB893241)

    (KB893803)

    (KB895181)

    (KB895316)

    (KB897586)

    (KB898549)

    (KB900399)

    (KB902344)

    (KB911854)

    Mise à jour de sécurité pour Windows XP (KB923561) 1 (KB923561)
    install date: 20090415
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/923561/ms09-010-description-of-the-update-for-windows-wordpad-converter-april

    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) 20050502.101010 (KB923723)
    install date: 20090211
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/923723

    Security Update pour Microsoft .NET Framework 2.0 (KB928365) 2 (KB928365.T1_1ToU569_1)
    uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/928365/description-of-the-security-update-for-the-net-framework-2-0-for-windo

    Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/929399

    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) (KB936782_WMP11)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/936782/ms07-047-vulnerability-in-windows-media-player-could-allow-remote-code

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) 2 (KB938127-v2-IE7)
    install date: 20080827
    uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/938127

    Mise à jour de sécurité pour Windows XP (KB938464) 1 (KB938464)
    install date: 20080910
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/938464/ms08-052-description-of-the-security-update-for-gdi-for-all-editions-o

    Correctif pour Lecteur Windows Media 11 (KB939683) (KB939683)
    install date: 20080816
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/939683

    Mise à jour de sécurité pour Windows XP (KB941569) (KB941569)
    install date: 20080809
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/941569/ms07-068-vulnerability-in-windows-media-file-format-could-allow-remote

    Mise à jour pour Windows XP (KB942763) 1 (KB942763)
    install date: 20080807
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/942763/december-2007-cumulative-time-zone-update-for-microsoft-windows-operat

    Mise à jour de sécurité pour Windows XP (KB946648) 1 (KB946648)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/946648

    Mise à jour de sécurité pour Windows XP (KB950759) 1 (KB950759)
    install date: 20080807
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/950759/ms08-031-cumulative-security-update-for-internet-explorer

    Mise à jour de sécurité pour Windows XP (KB950760) 1 (KB950760)
    install date: 20080807
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/950760/ms08-032-critical-security-update-of-activex-kill-bits

    Mise à jour de sécurité pour Windows XP (KB950762) 1 (KB950762)
    install date: 20080807
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/950762/ms08-036-vulnerabilities-in-pragmatic-general-multicast-pgm-could-allo

    Mise à jour de sécurité pour Windows XP (KB950974) 1 (KB950974)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/950974/ms08-049-vulnerability-in-event-system-could-allow-remote-code-executi

    Mise à jour de sécurité pour Windows XP (KB951066) 1 (KB951066)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/951066

    Mise à jour pour Windows XP (KB951072-v2) 2 (KB951072-v2)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/951072/

    Mise à jour de sécurité pour Windows XP (KB951376-v2) 2 (KB951376-v2)
    install date: 20080807
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/951376/ms08-030-vulnerability-in-bluetooth-stack-could-allow-remote-code-exec

    Mise à jour de sécurité pour Windows XP (KB951698) 1 (KB951698)
    install date: 20080807
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/951698

    Mise à jour de sécurité pour Windows XP (KB951748) 1 (KB951748)
    install date: 20080807
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/951748/ms08-037-description-of-the-security-update-for-dns-in-windows-server

    Mise à jour pour Windows XP (KB951978) 1 (KB951978)
    install date: 20080808
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/951978

    Mise à jour de sécurité pour Windows XP (KB952004) 1 (KB952004)
    install date: 20090415
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/952004/ms09-012-description-of-the-security-update-for-msdtc-transaction-faci

    Mise à jour de sécurité pour Lecteur Windows Media (KB952069) (KB952069_WM9)
    install date: 20081212
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/952069/ms08-076-description-of-the-security-update-for-windows-media-format-r

    Correctif pour Windows XP (KB952287) 1 (KB952287)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/952287

    Mise à jour de sécurité pour Windows XP (KB952954) 1 (KB952954)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/952954/ms08-046-vulnerabilities-in-microsoft-windows-image-color-management-c

    Mise à jour de sécurité pour Windows XP (KB953838) 1 (KB953838)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/953838

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) 1 (KB953838-IE7)
    install date: 20080822
    uninstall cmd: "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/953838

    Mise à jour de sécurité pour Windows XP (KB953839) 1 (KB953839)
    install date: 20080813
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/953839

    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) (KB954154_WM11)
    install date: 20080910
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/954154/ms08-054-vulnerability-in-windows-media-player-could-allow-remote-code

    Mise à jour de sécurité pour Windows XP (KB954211) 1 (KB954211)
    install date: 20081016
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/954211/ms08-061-vulnerabilities-in-windows-kernel-could-allow-elevation-of-pr

    Mise à jour de sécurité pour Windows XP (KB954459) 1 (KB954459)
    install date: 20081112
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/954459/ms08-069-description-of-the-security-update-for-xml-core-services-6-0

    Mise à jour de sécurité pour Windows XP (KB954600) 1 (KB954600)
    install date: 20081212
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/954600

    Mise à jour de sécurité pour Windows XP (KB955069) 1 (KB955069)
    install date: 20081112
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/955069

    Mise à jour pour Windows XP (KB955839) 1 (KB955839)
    install date: 20081212
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/955839

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) 1 (KB956390-IE7)
    install date: 20081016
    uninstall cmd: "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/956390

    Mise à jour de sécurité pour Windows XP (KB956391) 1 (KB956391)
    install date: 20081016
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/956391/

    Mise à jour de sécurité pour Windows XP (KB956572) 1 (KB956572)
    install date: 20090415
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/956572/ms09-012-description-of-the-security-update-for-windows-service-isolat

    Mise à jour de sécurité pour Windows XP (KB956802) 1 (KB956802)
    install date: 20081212
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/956802

    Mise à jour de sécurité pour Windows XP (KB956803) 1 (KB956803)
    install date: 20081016
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/956803/ms08-066-vulnerability-in-the-microsoft-ancillary-function-driver-coul

    Mise à jour de sécurité pour Windows XP (KB956841) 1 (KB956841)
    install date: 20081016
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/956841

    Mise à jour de sécurité pour Windows XP (KB957095) 1 (KB957095)
    install date: 20081016
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/957095

    Mise à jour de sécurité pour Windows XP (KB957097) 1 (KB957097)
    install date: 20081112
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/957097/ms08-068-vulnerability-in-smb-could-allow-remote-code-execution

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) 1 (KB958215-IE7)
    install date: 20081212
    uninstall cmd: "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/958215

    Mise à jour de sécurité pour Windows XP (KB958644) 1 (KB958644)
    install date: 20081023
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/958644/ms08-067-vulnerability-in-server-service-could-allow-remote-code-execu

    Mise à jour de sécurité pour Windows XP (KB958687) 1 (KB958687)
    install date: 20090113
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://sup
    0
  9. Youyayoun Messages postés 269 Statut Membre 15
     
    Justement je ne sais pas ! Dans le rapport il ne l'affiche pas, pourtant durant le scan, il a passé un sacré moment dessus... Il ne les a pas inventés quand même :s

    Désolé que ce soit aussi peu clair Marie :s
    0
  10. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Vire Spybot, comme Ad-Aware, il ne servent à rien
    0
  11. Youyayoun Messages postés 269 Statut Membre 15
     
    mouarf ok xD

    Je scan avec quoi du coup ?
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      Pour avoir une protection correcte

      AV
      +
      Pare-feu
      +
      MBAM
      +
      éventuellement Ccleaner

      +
      0
  12. Youyayoun Messages postés 269 Statut Membre 15
     
    Et au niveau du Virtumonde, tu penses qu'il est éradiqué ?
    Je peux arrêter la ?

    (MBAM je l'ai, tu me l'as fait dl :p je le garde du coup ;))
    0
  13. Youyayoun Messages postés 269 Statut Membre 15
     
    Vla ils sont a jour !

    Merci encore !

    Bon alors pour le scan bizarre, c'et spybot qui déconnait complet ?
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      c'et spybot qui déconnait complet ?
      Aucune idée, possible, spybot et ad-aware sont pour moi des poubelles.

      ++



      0
  14. Youyayoun Messages postés 269 Statut Membre 15
     
    Voila ! Il a delete hijack et Rsit !
    Merci encore !
    0
  15. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Bon surf ;))
    0
Précédent
  • 1
  • 2