A voir également:
- Clavier FOU
- Télécharger clavier arabe - Télécharger - Divers Web & Internet
- Comment taper / sur clavier - Guide
- Clavier de l'ordinateur - Guide
- Clavier iphone chiffre et lettre - Guide
- Changer clavier qwerty en azerty - Guide
5 réponses
Bonsoir,
CV ?
Essaie les solutions d'autres posts :
https://forums.commentcamarche.net/forum/affich-2551880-virus-clavier-fou
https://forums.commentcamarche.net/forum/affich-10636878-probleme-clavier-fou-sous-windows-xp
et dis-nous si cela fonctionne...
CV ?
Essaie les solutions d'autres posts :
https://forums.commentcamarche.net/forum/affich-2551880-virus-clavier-fou
https://forums.commentcamarche.net/forum/affich-10636878-probleme-clavier-fou-sous-windows-xp
et dis-nous si cela fonctionne...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Cv = CLAVIER VISUEL bref vlà rapport ad-ware suivi de spybot
Logfile created: 01/11/2009 11:43:26
Lavasoft Ad-Aware version: 8.1.0
User performing scan: Administrateur
*********************** Definitions database information ***********************
Lavasoft definition file: 149.83
Genotype definition file version: 2009/10/28 15:48:12
******************************** Scan results: *********************************
Scan profile name: Analyse complète (ID: full)
Objects scanned: 73080
Objects detected: 14
Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 0
Folders.........: 0
LSPs............: 0
Cookies.........: 14
Browser hijacks.: 0
MRU objects.....: 0
Removed items:
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408991 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408943 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Scan and cleaning complete: Finished correctly after 921 seconds
*********************************** Settings ***********************************
Scan profile:
ID: full, enabled:1, value: Analyse complète
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: useantivirus, enabled:0, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
ID: heuristicslevel, enabled:1, value: mild, domain: medium,mild,strict
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:0, value: Daily 1
ID: time, enabled:0, value: Sat Oct 31 19:39:00 2009
ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:0
ID: monday, enabled:0, value: false
ID: tuesday, enabled:0, value: false
ID: wednesday, enabled:0, value: false
ID: thursday, enabled:0, value: false
ID: friday, enabled:0, value: false
ID: saturday, enabled:0, value: false
ID: sunday, enabled:0, value: false
ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:0, value:
ID: auto_deal_with_infections, enabled:0, value: false
ID: updatedaily2, enabled:0, value: Daily 2
ID: time, enabled:0, value: Sat Oct 31 01:39:00 2009
ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:0
ID: monday, enabled:0, value: false
ID: tuesday, enabled:0, value: false
ID: wednesday, enabled:0, value: false
ID: thursday, enabled:0, value: false
ID: friday, enabled:0, value: false
ID: saturday, enabled:0, value: false
ID: sunday, enabled:0, value: false
ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:0, value:
ID: auto_deal_with_infections, enabled:0, value: false
ID: updatedaily3, enabled:0, value: Daily 3
ID: time, enabled:0, value: Sat Oct 31 07:39:00 2009
ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:0
ID: monday, enabled:0, value: false
ID: tuesday, enabled:0, value: false
ID: wednesday, enabled:0, value: false
ID: thursday, enabled:0, value: false
ID: friday, enabled:0, value: false
ID: saturday, enabled:0, value: false
ID: sunday, enabled:0, value: false
ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:0, value:
ID: auto_deal_with_infections, enabled:0, value: false
ID: updatedaily4, enabled:0, value: Daily 4
ID: time, enabled:0, value: Sat Oct 31 13:39:00 2009
ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:0
ID: monday, enabled:0, value: false
ID: tuesday, enabled:0, value: false
ID: wednesday, enabled:0, value: false
ID: thursday, enabled:0, value: false
ID: friday, enabled:0, value: false
ID: saturday, enabled:0, value: false
ID: sunday, enabled:0, value: false
ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:0, value:
ID: auto_deal_with_infections, enabled:0, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Sat Oct 31 19:39:00 2009
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: true
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:0, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:0, value: true
ID: networkprotection, enabled:0, value: true
ID: layers, enabled:1
ID: useantivirus, enabled:0, value: true
ID: usespywareheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
****************************** System information ******************************
Computer name: ZIZOUNE
Processor name: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Processor identifier: x86 Family 6 Model 23 Stepping 6
Processor speed: ~2499MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 5894, number of processors 2, processor features: [MMX,SSE,SSE2]
Physical memory available: 1235300352 bytes
Physical memory total: 2110889984 bytes
Virtual memory available: 1985560576 bytes
Virtual memory total: 2147352576 bytes
Memory load: 41%
Microsoft Windows XP Professional Service Pack 2 (build 2600)
Windows startup mode:
Running processes:
PID: 756 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT
PID: 816 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 840 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT
PID: 896 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT
PID: 908 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT
PID: 1076 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1152 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1248 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1332 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1492 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1748 name: C:\WINDOWS\Explorer.EXE owner: Administrateur domain: ZIZOUNE
PID: 1832 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT
PID: 1860 name: C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe owner: <UNKNOWN> domain: <UNKNOWN>
PID: 576 name: C:\WINDOWS\system32\igfxtray.exe owner: Administrateur domain: ZIZOUNE
PID: 584 name: C:\WINDOWS\system32\hkcmd.exe owner: Administrateur domain: ZIZOUNE
PID: 592 name: C:\WINDOWS\system32\igfxpers.exe owner: Administrateur domain: ZIZOUNE
PID: 636 name: C:\WINDOWS\system32\igfxsrvc.exe owner: Administrateur domain: ZIZOUNE
PID: 980 name: C:\WINDOWS\SMINST\Scheduler.exe owner: Administrateur domain: ZIZOUNE
PID: 1068 name: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe owner: Administrateur domain: ZIZOUNE
PID: 1188 name: C:\PROGRA~1\McAfee\MANAGE~1\Agent\myAgtTry.exe owner: Administrateur domain: ZIZOUNE
PID: 1236 name: C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe owner: <UNKNOWN> domain: <UNKNOWN>
PID: 1324 name: C:\WINDOWS\system32\ctfmon.exe owner: Administrateur domain: ZIZOUNE
PID: 1292 name: C:\Program Files\Ares\Ares.exe owner: Administrateur domain: ZIZOUNE
PID: 1376 name: C:\Program Files\Windows Live\Messenger\msnmsgr.exe owner: Administrateur domain: ZIZOUNE
PID: 1420 name: C:\Program Files\Internet Explorer\IEXPLORE.EXE owner: Administrateur domain: ZIZOUNE
PID: 1352 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1552 name: C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe owner: <UNKNOWN> domain: <UNKNOWN>
PID: 1700 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1744 name: C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe owner: SYSTEM domain: AUTORITE NT
PID: 1740 name: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe owner: Administrateur domain: ZIZOUNE
PID: 1980 name: c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 2208 name: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe owner: Administrateur domain: ZIZOUNE
PID: 2264 name: C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe owner: SYSTEM domain: AUTORITE NT
PID: 2312 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2380 name: C:\Program Files\PDF Complete\pdfsvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 2420 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2452 name: C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe owner: SYSTEM domain: AUTORITE NT
PID: 2500 name: C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSMonitor.exe owner: Administrateur domain: ZIZOUNE
PID: 2588 name: C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe owner: SYSTEM domain: AUTORITE NT
PID: 2668 name: c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe owner: SYSTEM domain: AUTORITE NT
PID: 3580 name: C:\WINDOWS\system32\wuauclt.exe owner: Administrateur domain: ZIZOUNE
PID: 3688 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 3864 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT
PID: 1072 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 3448 name: C:\Program Files\Internet Explorer\iexplore.exe owner: Administrateur domain: ZIZOUNE
PID: 480 name: C:\Program Files\Internet Explorer\iexplore.exe owner: Administrateur domain: ZIZOUNE
PID: 1200 name: C:\Program Files\Windows Live\Toolbar\wltuser.exe owner: Administrateur domain: ZIZOUNE
PID: 3240 name: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe owner: Administrateur domain: ZIZOUNE
PID: 2140 name: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe owner: Administrateur domain: ZIZOUNE
PID: 3852 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT
PID: 1896 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Administrateur domain: ZIZOUNE
PID: 2752 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT
PID: 2324 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Administrateur domain: ZIZOUNE
Startup items:
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
imagepath: Pré-chargeur Browseui
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Démon de cache des catégories de composant
Name: CTFMON.EXE
imagepath: C:\WINDOWS\system32\CTFMON.EXE
Name: IgfxTray
imagepath: C:\WINDOWS\system32\igfxtray.exe
Name: HotKeysCmds
imagepath: C:\WINDOWS\system32\hkcmd.exe
Name: Persistence
imagepath: C:\WINDOWS\system32\igfxpers.exe
Name: WatchDog
imagepath: C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe
Name: PDF Complete
imagepath: C:\Program Files\PDF Complete\pdfsty.exe
Name: SetRefresh
imagepath: C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
Name: MVS Splash
imagepath: C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
Name: McAfee Managed Services Tray
imagepath: "C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe"
Name: Recguard
imagepath: C:\WINDOWS\Sminst\Recguard.exe
Name: Reminder
imagepath: C:\WINDOWS\Creator\Remind_XP.exe
Name: Scheduler
imagepath: C:\WINDOWS\SMINST\Scheduler.exe
Name: HP Software Update
imagepath: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Name: hpqSRMon
imagepath: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
Name: Link date regs bits
imagepath: C:\Documents and Settings\All Users\Application Data\hold gpl link date\exit proc.exe
Name: AVGIDS
imagepath: "C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe"
Name:
imagepath: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
Name:
location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
imagepath: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Name:
imagepath: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\desktop.ini
Bootexecute items:
Name:
imagepath: autocheck autochk *
Running services:
Name: ALG
displayname: Service de la passerelle de la couche Application
Name: AudioSrv
displayname: Audio Windows
Name: AVGIDSAgent
displayname: AVGIDSAgent
Name: AVGIDSWatcher
displayname: AVGIDSWatcher
Name: BITS
displayname: Service de transfert intelligent en arrière-plan
Name: CryptSvc
displayname: Services de cryptographie
Name: DcomLaunch
displayname: Lanceur de processus serveur DCOM
Name: Dhcp
displayname: Client DHCP
Name: dmserver
displayname: Gestionnaire de disque logique
Name: Dnscache
displayname: Client DNS
Name: ERSvc
displayname: Service de rapport d'erreurs
Name: Eventlog
displayname: Journal des événements
Name: EventSystem
displayname: Système d'événements de COM+
Name: FastUserSwitchingCompatibility
displayname: Compatibilité avec le Changement rapide d'utilisateur
Name: helpsvc
displayname: Aide et support
Name: HidServ
displayname: HID Input Service
Name: hpqcxs08
displayname: hpqcxs08
Name: hpqddsvc
displayname: Service HP CUE DeviceDiscovery
Name: IviRegMgr
displayname: IviRegMgr
Name: lanmanserver
displayname: Serveur
Name: lanmanworkstation
displayname: Station de travail
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LmHosts
displayname: Assistance TCP/IP NetBIOS
Name: MSSQL$MSSMLBIZ
displayname: SQL Server (MSSMLBIZ)
Name: myAgtSvc
displayname: Service de protection contre les virus et les logiciels espions McAfee
Name: Net Driver HPZ12
displayname: Net Driver HPZ12
Name: Netman
displayname: Connexions réseau
Name: Nla
displayname: NLA (Network Location Awareness)
Name: pdfcDispatcher
displayname: PDF Document Manager
Name: PlugPlay
displayname: Plug-and-Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Services IPSEC
Name: ProtectedStorage
displayname: Emplacement protégé
Name: PSI_SVC_2
displayname: Protexis Licensing V2
Name: RasMan
displayname: Gestionnaire de connexions d'accès distant
Name: RemoteRegistry
displayname: Accès à distance au Registre
Name: RpcSs
displayname: Appel de procédure distante (RPC)
Name: SamSs
displayname: Gestionnaire de comptes de sécurité
Name: Schedule
displayname: Planificateur de tâches
Name: SeaPort
displayname: SeaPort
Name: seclogon
displayname: Connexion secondaire
Name: SENS
displayname: Notification d'événement système
Name: SharedAccess
displayname: Pare-feu Windows / Partage de connexion Internet
Name: ShellHWDetection
displayname: Détection matériel noyau
Name: Spooler
displayname: Spouleur d'impression
Name: SQLWriter
displayname: Enregistreur VSS SQL Server
Name: srservice
displayname: Service de restauration système
Name: SSDPSRV
displayname: Service de découvertes SSDP
Name: stisvc
displayname: Acquisition d'image Windows (WIA)
Name: TapiSrv
displayname: Téléphonie
Name: TermService
displayname: Services Terminal Server
Name: Themes
displayname: Thèmes
Name: TrkWks
displayname: Client de suivi de lien distribué
Name: W32Time
displayname: Horloge Windows
Name: WebClient
displayname: WebClient
Name: winmgmt
displayname: Infrastructure de gestion Windows
Name: wscsvc
displayname: Centre de sécurité
Name: wuauserv
displayname: Mises à jour automatiques
Name: WZCSVC
displayname: Configuration automatique sans fil
SPY BOT
--- Search result list ---
Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
DoubleClick: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-10-31 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-09-07 advcheck.dll (1.6.4.18)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2009-10-20 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-10-14 Includes\Dialer.sbi (*)
2009-10-13 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-10-27 Includes\HijackersC.sbi (*)
2009-10-20 Includes\Keyloggers.sbi (*)
2009-10-20 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-10-13 Includes\Malware.sbi (*)
2009-10-29 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-10-20 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-10-27 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-10-27 Includes\Spyware.sbi (*)
2009-10-27 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-10-27 Includes\Trojans.sbi (*)
2009-10-27 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Security Update (KB953297)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB954155)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB968816)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB973540)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)
/ Windows XP / SP0: Mise à jour pour Windows Internet Explorer 8 (KB975364)
/ Windows XP / SP3: Correctif Windows XP - KB815304
/ Windows XP / SP3: Correctif Windows XP - KB885222
/ Windows XP / SP3: Correctif Windows XP - KB886199
/ Windows XP / SP3: Correctif Windows XP - KB889673
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Correctif Windows XP - KB895246
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Correctif pour Windows XP (KB909095)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB911164)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Correctif pour Windows XP (KB923232)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB925720)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB931836)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB932823-v3)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB958470)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB971032)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB923561)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB946648)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950762)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950974)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951066)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951748)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952004)
/ Windows XP / SP4: Correctif pour Windows XP (KB952117-v2)
/ Windows XP / SP4: Correctif pour Windows XP (KB952287)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952954)
/ Windows XP / SP4: Hotfix for Windows XP (KB954550-v5)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954600)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB955069)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956572)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956802)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956844)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957097)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958644)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958687)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958869)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB959426)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960225)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960859)
/ Windows XP / SP4: Correctif pour Windows XP (KB961118)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961371-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961501)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB961503)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB967715)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB968389)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB968537)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB969059)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB970238)
/ Windows XP / SP4: Correctif pour Windows XP (KB970653-v3)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971486)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971557)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971633)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971657)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971961)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973346)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973354)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973507)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973525)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB973815)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973869)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB974112)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB974571)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB975025)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB975467)
/ XML Paper Specification Shared Components Pack 1.0: XML Paper Specification Shared Components Pack 1.0
--- Startup entries list ---
Located: HK_LM:Run, AVGIDS
command: "C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe"
file: C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe
size: 1600008
MD5: 0DBE31AA907D14E87500F7388186A961
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 170520
MD5: 5015BC3C77BA5F6258CFA36926E1C1B6
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 062F3DB9AFA9C3CE0DA52F28595C0C6D
Located: HK_LM:Run, hpqSRMon
command: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
size: 80896
MD5: 941A08CBDEEDF16B6C986B6BA7C9A5D0
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 150040
MD5: AA728E422A2B6121B4B19F88FDE62D3F
Located: HK_LM:Run, Link date regs bits
command: C:\Documents and Settings\All Users\Application Data\hold gpl link date\exit proc.exe
file: C:\Documents and Settings\All Users\Application Data\hold gpl link date\exit proc.exe
size: 733184
MD5: A86412CA232FE744D6E6CD2B7BA34555
Located: HK_LM:Run, McAfee Managed Services Tray
command: "C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe"
file: C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe
size: 95552
MD5: DDB263235DDAC7600B43F78C3A4295D0
Located: HK_LM:Run, MVS Splash
command: C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
file: C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
size: 558400
MD5: 4B337A32B39815B699B0756DC79C3740
Located: HK_LM:Run, PDF Complete
command: C:\Program Files\PDF Complete\pdfsty.exe
file: C:\Program Files\PDF Complete\pdfsty.exe
size: 318488
MD5: 75BECACF841636A1FC8367A0CFD69F7D
Located: HK_LM:Run, Persistence
command: C:\WINDOWS\system32\igfxpers.exe
file: C:\WINDOWS\system32\igfxpers.exe
size: 141848
MD5: 10B4967A0D1C71B747221073F23E774F
Located: HK_LM:Run, Recguard
command: C:\WINDOWS\Sminst\Recguard.exe
file: C:\WINDOWS\Sminst\Recguard.exe
size: 1138688
MD5: 6FF047B21A1B7A5934FF63FD5FB22858
Located: HK_LM:Run, Reminder
command: C:\WINDOWS\Creator\Remind_XP.exe
file: C:\WINDOWS\Creator\Remind_XP.exe
size: 761856
MD5: 89649D4C65FA0DECDBF0C7AFCAF6A051
Located: HK_LM:Run, Scheduler
command: C:\WINDOWS\SMINST\Scheduler.exe
file: C:\WINDOWS\SMINST\Scheduler.exe
size: 872448
MD5: C1915A84502B38D548D0C9351DFF3E47
Located: HK_LM:Run, SetRefresh
command: C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
file: C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
size: 525824
MD5: 0FFA9E2711A0228467BF08228D5B620F
Located: HK_LM:Run, WatchDog
command: C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe
file: C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe
size: 200848
MD5: 2602BE7D661AEE9C6DD4AE49CD0F694F
Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, ares
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: "C:\Program Files\Ares\Ares.exe" -h
file: C:\Program Files\Ares\Ares.exe
size: 1004544
MD5: D1EA7694103F5D5CF11148F9B3864C45
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, msnmsgr
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
Located: HK_CU:Run, swg
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 39408
MD5: 5D61BE7DB55B026A5D61A3EED09D0EAD
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: Démarrage (tous utilisateurs), HP Digital Imaging Monitor.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 214360
MD5: D9335549EAE48B14FB66EFCB6FFAE736
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{0347C33E-8762-4905-BF09-768834316C61} (HP Print Enhancer)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: HP Print Enhancer
CLSID name: HP Print Enhancer
Path: C:\Program Files\HP\Digital Imaging\Smart Web Printing\
Long name: hpswp_printenhancer.dll
Short name: HPSWP_~2.DLL
Date (created): 06/11/2007 01:50:44
Date (last access): 01/11/2009 11:14:02
Date (last write): 06/11/2007 01:50:44
Filesize: 322880
Attributes: archive
MD5: 71D5D112FE02384A6FACA6399DBDA914
CRC32: 64574CCD
Version: 100.0.14173.0
{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (Search Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Search Helper
CLSID name: Search Helper
Path: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\
Long name: SearchHelper.dll
Short name: SEARCH~1.DLL
Date (created): 14/01/2009 17:49:24
Date (last access): 01/11/2009 11:14:02
Date (last write): 14/01/2009 17:49:24
Filesize: 92504
Attributes: archive
MD5: C5700CD3293E88BE85C73ECCCE772E9E
CRC32: 4005D5F1
Version: 1.2.118.0
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 22/01/2009 15:41:30
Date (last access): 01/11/2009 11:14:02
Date (last write): 22/01/2009 15:41:30
Filesize: 408448
Attributes: archive
MD5: B7899C3E21B299D7A3C0DA96CAE340BD
CRC32: 288935F8
Version: 5.0.818.5
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://www.google.com/intl/fr/toolbar/ie/index.html
info source: TonyKlein
Path: C:\Program Files\Google\Google Toolbar\
Long name: GoogleToolbar.dll
Short name: GOOGLE~1.DLL
Date (created): 27/10/2009 19:27:50
Date (last access): 01/11/2009 11:14:02
Date (last write): 27/10/2009 19:27:46
Filesize: 259696
Attributes: archive
MD5: B2A3EE0D6570BAE9BD90892E0009A6AB
CRC32: 230192E8
Version: 6.1.1715.1442
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\
Long name: swg.dll
Short name:
Date (created): 27/10/2009 19:34:46
Date (last access): 01/11/2009 11:13:52
Date (last write): 27/10/2009 19:34:46
Filesize: 762864
Attributes: archive
MD5: 927558FA159FED54852692D729039E67
CRC32: EE7BD555
Version: 5.3.4501.1418
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (Google Dictionary Compression sdch)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Google Dictionary Compression sdch
CLSID name: Google Dictionary Compression sdch
Path: C:\Program Files\Google\Google Toolbar\Component\
Long name: fastsearch_A8904FB862BD9564.dll
Short name: FASTSE~1.DLL
Date (created): 27/10/2009 19:27:46
Date (last access): 01/11/2009 11:14:04
Date (last write): 27/10/2009 19:27:46
Filesize: 470512
Attributes: archive
MD5: E35BCCB1D1D96F8E5B09C72AF70EC3F6
CRC32: 73C702FE
Version: 1.0.610.27482
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (Windows Live Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Live Toolbar Helper
Path: C:\Program Files\Windows Live\Toolbar\
Long name: wltcore.dll
Short name:
Date (created): 06/02/2009 18:17:46
Date (last access): 01/11/2009 11:14:04
Date (last write): 06/02/2009 18:17:46
Filesize: 1068904
Attributes: archive
MD5: 28455424E3C8B81661C5A40E18066BB1
CRC32: E5BA354B
Version: 14.0.8064.206
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} (SingleInstance Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SingleInstance Class
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn\
Long name: YTSingleInstance.dll
Short name: YTSING~1.DLL
Date (created): 28/07/2008 10:47:42
Date (last access): 01/11/2009 11:14:04
Date (last write): 28/07/2008 10:47:42
Filesize: 160496
Attributes: archive
MD5: F64C4241FE5E519F62C47C361DC671D7
CRC32: 5F6F96A7
Version: 2008.7.28.1
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} (HP Smart BHO Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: HP Smart BHO Class
CLSID name: HP Smart BHO Class
Path: C:\Program Files\HP\Digital Imaging\Smart Web Printing\
Long name: hpswp_BHO.dll
Short name: HPSWP_~1.DLL
Date (created): 06/11/2007 01:50:44
Date (last access): 01/11/2009 11:14:04
Date (last write): 06/11/2007 01:50:44
Filesize: 542016
Attributes: archive
MD5: 4A8A49921534B030B27F16FC68FBA1DC
CRC32: DC81D3CD
Version: 100.0.14173.0
--- ActiveX list ---
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\swdir.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 31/07/2009 13:41:42
Date (last access): 01/11/2009 11:14:48
Date (last write): 31/07/2009 13:41:42
Filesize: 206264
Attributes: archive
MD5: 1C3973D5F67549C32B23DC730A48E16B
CRC32: DC797A8F
Version: 11.5.1.601
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10/06/2008 00:32:34
Date (last access): 01/11/2009 11:14:48
Date (last write): 10/06/2008 02:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10/06/2008 00:32:34
Date (last access): 01/11/2009 11:14:48
Date (last write): 10/06/2008 02:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10/06/2008 00:32:34
Date (last access): 01/11/2009 11:14:48
Date (last write): 10/06/2008 02:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
Codebase: http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
--- Process list ---
PID: 0 ( 0) [System]
PID: 756 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 816 ( 756) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 840 ( 756) \??\C:\WINDOWS\system32\winlogon.exe
size: 506368
PID: 896 ( 840) C:\WINDOWS\system32\services.exe
size: 111104
MD5: 51A24094F076961A7FF73E5F7E991D68
PID: 908 ( 840) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 1076 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1152 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1248 ( 896) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1332 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1492 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1748 (1732) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 2A7BD330924252A2FD80344FC949BB72
PID: 1832 ( 896) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DF9FC62AD51CB082B0AE371919A232CB
PID: 1860 ( 896) C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe
size: 5641736
MD5: 5A2355BEBDD8230CFABA3A4CFEB95971
PID: 576 (1748) C:\WINDOWS\system32\igfxtray.exe
size: 150040
MD5: AA728E422A2B6121B4B19F88FDE62D3F
PID: 584 (1748) C:\WINDOWS\system32\hkcmd.exe
size: 170520
MD5: 5015BC3C77BA5F6258CFA36926E1C1B6
PID: 592 (1748) C:\WINDOWS\system32\igfxpers.exe
size: 141848
MD5: 10B4967A0D1C71B747221073F23E774F
PID: 636 (1076) C:\WINDOWS\system32\igfxsrvc.exe
size: 256536
MD5: B8A9B4BDD01297C4A84EE8BA6F9FD130
PID: 980 (1748) C:\WINDOWS\SMINST\Scheduler.exe
size: 872448
MD5: C1915A84502B38D548D0C9351DFF3E47
PID: 1068 (1748) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 062F3DB9AFA9C3CE0DA52F28595C0C6D
PID: 1188 ( 804) C:\PROGRA~1\McAfee\MANAGE~1\Agent\myAgtTry.exe
size: 283968
MD5: 2D686AD2D484EAB06FF539CD554D2B5F
PID: 1236 (1748) C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe
size: 1600008
MD5: 0DBE31AA907D14E87500F7388186A961
PID: 1324 (1748) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 1292 (1748) C:\Program Files\Ares\Ares.exe
size: 1004544
MD5: D1EA7694103F5D5CF11148F9B3864C45
PID: 1376 (1748) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
PID: 1420 (1196) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 1352 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1552 ( 896) C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe
size: 571912
MD5: 7BC545EEA6313E973E475786C0BEF21F
PID: 1700 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1744 ( 896) C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
size: 112152
MD5: 213822072085B5BBAD9AF30AB577D817
PID: 1740 (1748) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 39408
MD5: 5D61BE7DB55B026A5D61A3EED09D0EAD
PID: 1980 ( 896) c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
size: 29178224
MD5: D07C9575726797B0E9069E1108A1C483
PID: 2208 (1748) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 214360
MD5: D9335549EAE48B14FB66EFCB6FFAE736
PID: 2264 ( 896) C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
size: 218432
MD5: 3CEF896965EED2504B1E7F93D80B461C
PID: 2312 ( 896) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 2380 ( 896) C:\Program Files\PDF Complete\pdfsvc.exe
size: 576024
MD5: C7AEFF5113DFEA823A2F50133249E2B8
PID: 2420 ( 896) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 2452 ( 896) C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
size: 185632
MD5: A6A7AD767BF5141665F5C675F671B3E1
PID: 2500 (1236) C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSMonitor.exe
size: 604680
MD5: 87D090696C0BA44A95E9A428B1967DF3
PID: 2588 ( 896) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
size: 226656
MD5: D358E077A0A05D9B12DA22D137EE8464
PID: 2668 ( 896) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
size: 89968
MD5: 54902536AAD0E9B99BC65F89C0CAF93F
PID: 3580 (1248) C:\WINDOWS\system32\wuauclt.exe
size: 51224
MD5: E654B78D2F1D791B30D0ED9A8195EC22
PID: 3688 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 3864 (1076) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 227840
MD5: 51A548A604AEC2C362CA503B0CB03831
PID: 1072 ( 896) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 3448 (1748) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 480 (3448) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 1200 (1076) C:\Program Files\Windows Live\Toolbar\wltuser.exe
size: 224632
MD5: 731F05B5C01B3CA9B813561C0B90E722
PID: 3240 ( 556) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 2140 (1112) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 3852 ( 896) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
size: 1179232
MD5: 72A238DFB53A945C7686987A41E36DE2
PID: 2752 (1076) C:\WINDOWS\system32\wbem\unsecapp.exe
size: 16896
MD5: E77B97D96A89DE67DEC6AD76F92C3655
PID: 2324 (3852) C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
size: 788368
MD5: 3ACF4EF79AFC707AFB5D92EA26EAB6AA
PID: 1408 (1748) C:\WINDOWS\system32\osk.exe
size: 216576
MD5: A398264A074A5604A4D6D0A5D54B57E7
PID: 3996 (1408) C:\WINDOWS\system32\MSSWCHX.EXE
size: 6656
MD5: EFD54F044894E26BACE07A8C7B29B798
PID: 2136 (1076) C:\Program Files\Windows Live\Contacts\wlcomm.exe
size: 27512
MD5: 654480EA67078C7B4C6C8BA871B07D5D
PID: 684 (3448) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 3720 (3448) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 2148 (3448) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 01/11/2009 12:00:25
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.google.fr/?gws_rd=ssl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-comm.msn.com&ocid=HPDHP&pc=CMDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr/?ocid=iehp
HKEY_LOCAL_MACHIN
Logfile created: 01/11/2009 11:43:26
Lavasoft Ad-Aware version: 8.1.0
User performing scan: Administrateur
*********************** Definitions database information ***********************
Lavasoft definition file: 149.83
Genotype definition file version: 2009/10/28 15:48:12
******************************** Scan results: *********************************
Scan profile name: Analyse complète (ID: full)
Objects scanned: 73080
Objects detected: 14
Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 0
Folders.........: 0
LSPs............: 0
Cookies.........: 14
Browser hijacks.: 0
MRU objects.....: 0
Removed items:
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408991 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408943 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Scan and cleaning complete: Finished correctly after 921 seconds
*********************************** Settings ***********************************
Scan profile:
ID: full, enabled:1, value: Analyse complète
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: useantivirus, enabled:0, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
ID: heuristicslevel, enabled:1, value: mild, domain: medium,mild,strict
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:0, value: Daily 1
ID: time, enabled:0, value: Sat Oct 31 19:39:00 2009
ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:0
ID: monday, enabled:0, value: false
ID: tuesday, enabled:0, value: false
ID: wednesday, enabled:0, value: false
ID: thursday, enabled:0, value: false
ID: friday, enabled:0, value: false
ID: saturday, enabled:0, value: false
ID: sunday, enabled:0, value: false
ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:0, value:
ID: auto_deal_with_infections, enabled:0, value: false
ID: updatedaily2, enabled:0, value: Daily 2
ID: time, enabled:0, value: Sat Oct 31 01:39:00 2009
ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:0
ID: monday, enabled:0, value: false
ID: tuesday, enabled:0, value: false
ID: wednesday, enabled:0, value: false
ID: thursday, enabled:0, value: false
ID: friday, enabled:0, value: false
ID: saturday, enabled:0, value: false
ID: sunday, enabled:0, value: false
ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:0, value:
ID: auto_deal_with_infections, enabled:0, value: false
ID: updatedaily3, enabled:0, value: Daily 3
ID: time, enabled:0, value: Sat Oct 31 07:39:00 2009
ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:0
ID: monday, enabled:0, value: false
ID: tuesday, enabled:0, value: false
ID: wednesday, enabled:0, value: false
ID: thursday, enabled:0, value: false
ID: friday, enabled:0, value: false
ID: saturday, enabled:0, value: false
ID: sunday, enabled:0, value: false
ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:0, value:
ID: auto_deal_with_infections, enabled:0, value: false
ID: updatedaily4, enabled:0, value: Daily 4
ID: time, enabled:0, value: Sat Oct 31 13:39:00 2009
ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:0
ID: monday, enabled:0, value: false
ID: tuesday, enabled:0, value: false
ID: wednesday, enabled:0, value: false
ID: thursday, enabled:0, value: false
ID: friday, enabled:0, value: false
ID: saturday, enabled:0, value: false
ID: sunday, enabled:0, value: false
ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:0, value:
ID: auto_deal_with_infections, enabled:0, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Sat Oct 31 19:39:00 2009
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: true
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:0, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:0, value: true
ID: networkprotection, enabled:0, value: true
ID: layers, enabled:1
ID: useantivirus, enabled:0, value: true
ID: usespywareheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
****************************** System information ******************************
Computer name: ZIZOUNE
Processor name: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Processor identifier: x86 Family 6 Model 23 Stepping 6
Processor speed: ~2499MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 5894, number of processors 2, processor features: [MMX,SSE,SSE2]
Physical memory available: 1235300352 bytes
Physical memory total: 2110889984 bytes
Virtual memory available: 1985560576 bytes
Virtual memory total: 2147352576 bytes
Memory load: 41%
Microsoft Windows XP Professional Service Pack 2 (build 2600)
Windows startup mode:
Running processes:
PID: 756 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT
PID: 816 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 840 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT
PID: 896 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT
PID: 908 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT
PID: 1076 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1152 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1248 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1332 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1492 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1748 name: C:\WINDOWS\Explorer.EXE owner: Administrateur domain: ZIZOUNE
PID: 1832 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT
PID: 1860 name: C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe owner: <UNKNOWN> domain: <UNKNOWN>
PID: 576 name: C:\WINDOWS\system32\igfxtray.exe owner: Administrateur domain: ZIZOUNE
PID: 584 name: C:\WINDOWS\system32\hkcmd.exe owner: Administrateur domain: ZIZOUNE
PID: 592 name: C:\WINDOWS\system32\igfxpers.exe owner: Administrateur domain: ZIZOUNE
PID: 636 name: C:\WINDOWS\system32\igfxsrvc.exe owner: Administrateur domain: ZIZOUNE
PID: 980 name: C:\WINDOWS\SMINST\Scheduler.exe owner: Administrateur domain: ZIZOUNE
PID: 1068 name: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe owner: Administrateur domain: ZIZOUNE
PID: 1188 name: C:\PROGRA~1\McAfee\MANAGE~1\Agent\myAgtTry.exe owner: Administrateur domain: ZIZOUNE
PID: 1236 name: C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe owner: <UNKNOWN> domain: <UNKNOWN>
PID: 1324 name: C:\WINDOWS\system32\ctfmon.exe owner: Administrateur domain: ZIZOUNE
PID: 1292 name: C:\Program Files\Ares\Ares.exe owner: Administrateur domain: ZIZOUNE
PID: 1376 name: C:\Program Files\Windows Live\Messenger\msnmsgr.exe owner: Administrateur domain: ZIZOUNE
PID: 1420 name: C:\Program Files\Internet Explorer\IEXPLORE.EXE owner: Administrateur domain: ZIZOUNE
PID: 1352 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1552 name: C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe owner: <UNKNOWN> domain: <UNKNOWN>
PID: 1700 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1744 name: C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe owner: SYSTEM domain: AUTORITE NT
PID: 1740 name: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe owner: Administrateur domain: ZIZOUNE
PID: 1980 name: c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 2208 name: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe owner: Administrateur domain: ZIZOUNE
PID: 2264 name: C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe owner: SYSTEM domain: AUTORITE NT
PID: 2312 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2380 name: C:\Program Files\PDF Complete\pdfsvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 2420 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2452 name: C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe owner: SYSTEM domain: AUTORITE NT
PID: 2500 name: C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSMonitor.exe owner: Administrateur domain: ZIZOUNE
PID: 2588 name: C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe owner: SYSTEM domain: AUTORITE NT
PID: 2668 name: c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe owner: SYSTEM domain: AUTORITE NT
PID: 3580 name: C:\WINDOWS\system32\wuauclt.exe owner: Administrateur domain: ZIZOUNE
PID: 3688 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 3864 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT
PID: 1072 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 3448 name: C:\Program Files\Internet Explorer\iexplore.exe owner: Administrateur domain: ZIZOUNE
PID: 480 name: C:\Program Files\Internet Explorer\iexplore.exe owner: Administrateur domain: ZIZOUNE
PID: 1200 name: C:\Program Files\Windows Live\Toolbar\wltuser.exe owner: Administrateur domain: ZIZOUNE
PID: 3240 name: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe owner: Administrateur domain: ZIZOUNE
PID: 2140 name: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe owner: Administrateur domain: ZIZOUNE
PID: 3852 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT
PID: 1896 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Administrateur domain: ZIZOUNE
PID: 2752 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT
PID: 2324 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Administrateur domain: ZIZOUNE
Startup items:
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
imagepath: Pré-chargeur Browseui
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Démon de cache des catégories de composant
Name: CTFMON.EXE
imagepath: C:\WINDOWS\system32\CTFMON.EXE
Name: IgfxTray
imagepath: C:\WINDOWS\system32\igfxtray.exe
Name: HotKeysCmds
imagepath: C:\WINDOWS\system32\hkcmd.exe
Name: Persistence
imagepath: C:\WINDOWS\system32\igfxpers.exe
Name: WatchDog
imagepath: C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe
Name: PDF Complete
imagepath: C:\Program Files\PDF Complete\pdfsty.exe
Name: SetRefresh
imagepath: C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
Name: MVS Splash
imagepath: C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
Name: McAfee Managed Services Tray
imagepath: "C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe"
Name: Recguard
imagepath: C:\WINDOWS\Sminst\Recguard.exe
Name: Reminder
imagepath: C:\WINDOWS\Creator\Remind_XP.exe
Name: Scheduler
imagepath: C:\WINDOWS\SMINST\Scheduler.exe
Name: HP Software Update
imagepath: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Name: hpqSRMon
imagepath: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
Name: Link date regs bits
imagepath: C:\Documents and Settings\All Users\Application Data\hold gpl link date\exit proc.exe
Name: AVGIDS
imagepath: "C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe"
Name:
imagepath: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
Name:
location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
imagepath: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Name:
imagepath: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\desktop.ini
Bootexecute items:
Name:
imagepath: autocheck autochk *
Running services:
Name: ALG
displayname: Service de la passerelle de la couche Application
Name: AudioSrv
displayname: Audio Windows
Name: AVGIDSAgent
displayname: AVGIDSAgent
Name: AVGIDSWatcher
displayname: AVGIDSWatcher
Name: BITS
displayname: Service de transfert intelligent en arrière-plan
Name: CryptSvc
displayname: Services de cryptographie
Name: DcomLaunch
displayname: Lanceur de processus serveur DCOM
Name: Dhcp
displayname: Client DHCP
Name: dmserver
displayname: Gestionnaire de disque logique
Name: Dnscache
displayname: Client DNS
Name: ERSvc
displayname: Service de rapport d'erreurs
Name: Eventlog
displayname: Journal des événements
Name: EventSystem
displayname: Système d'événements de COM+
Name: FastUserSwitchingCompatibility
displayname: Compatibilité avec le Changement rapide d'utilisateur
Name: helpsvc
displayname: Aide et support
Name: HidServ
displayname: HID Input Service
Name: hpqcxs08
displayname: hpqcxs08
Name: hpqddsvc
displayname: Service HP CUE DeviceDiscovery
Name: IviRegMgr
displayname: IviRegMgr
Name: lanmanserver
displayname: Serveur
Name: lanmanworkstation
displayname: Station de travail
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LmHosts
displayname: Assistance TCP/IP NetBIOS
Name: MSSQL$MSSMLBIZ
displayname: SQL Server (MSSMLBIZ)
Name: myAgtSvc
displayname: Service de protection contre les virus et les logiciels espions McAfee
Name: Net Driver HPZ12
displayname: Net Driver HPZ12
Name: Netman
displayname: Connexions réseau
Name: Nla
displayname: NLA (Network Location Awareness)
Name: pdfcDispatcher
displayname: PDF Document Manager
Name: PlugPlay
displayname: Plug-and-Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Services IPSEC
Name: ProtectedStorage
displayname: Emplacement protégé
Name: PSI_SVC_2
displayname: Protexis Licensing V2
Name: RasMan
displayname: Gestionnaire de connexions d'accès distant
Name: RemoteRegistry
displayname: Accès à distance au Registre
Name: RpcSs
displayname: Appel de procédure distante (RPC)
Name: SamSs
displayname: Gestionnaire de comptes de sécurité
Name: Schedule
displayname: Planificateur de tâches
Name: SeaPort
displayname: SeaPort
Name: seclogon
displayname: Connexion secondaire
Name: SENS
displayname: Notification d'événement système
Name: SharedAccess
displayname: Pare-feu Windows / Partage de connexion Internet
Name: ShellHWDetection
displayname: Détection matériel noyau
Name: Spooler
displayname: Spouleur d'impression
Name: SQLWriter
displayname: Enregistreur VSS SQL Server
Name: srservice
displayname: Service de restauration système
Name: SSDPSRV
displayname: Service de découvertes SSDP
Name: stisvc
displayname: Acquisition d'image Windows (WIA)
Name: TapiSrv
displayname: Téléphonie
Name: TermService
displayname: Services Terminal Server
Name: Themes
displayname: Thèmes
Name: TrkWks
displayname: Client de suivi de lien distribué
Name: W32Time
displayname: Horloge Windows
Name: WebClient
displayname: WebClient
Name: winmgmt
displayname: Infrastructure de gestion Windows
Name: wscsvc
displayname: Centre de sécurité
Name: wuauserv
displayname: Mises à jour automatiques
Name: WZCSVC
displayname: Configuration automatique sans fil
SPY BOT
--- Search result list ---
Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
DoubleClick: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-10-31 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-09-07 advcheck.dll (1.6.4.18)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2009-10-20 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-10-14 Includes\Dialer.sbi (*)
2009-10-13 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-10-27 Includes\HijackersC.sbi (*)
2009-10-20 Includes\Keyloggers.sbi (*)
2009-10-20 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-10-13 Includes\Malware.sbi (*)
2009-10-29 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-10-20 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-10-27 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-10-27 Includes\Spyware.sbi (*)
2009-10-27 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-10-27 Includes\Trojans.sbi (*)
2009-10-27 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Security Update (KB953297)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB954155)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB968816)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB973540)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)
/ Windows XP / SP0: Mise à jour pour Windows Internet Explorer 8 (KB975364)
/ Windows XP / SP3: Correctif Windows XP - KB815304
/ Windows XP / SP3: Correctif Windows XP - KB885222
/ Windows XP / SP3: Correctif Windows XP - KB886199
/ Windows XP / SP3: Correctif Windows XP - KB889673
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Correctif Windows XP - KB895246
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Correctif pour Windows XP (KB909095)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB911164)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Correctif pour Windows XP (KB923232)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB925720)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB931836)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB932823-v3)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB958470)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB971032)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB923561)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB946648)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950762)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950974)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951066)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951748)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952004)
/ Windows XP / SP4: Correctif pour Windows XP (KB952117-v2)
/ Windows XP / SP4: Correctif pour Windows XP (KB952287)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952954)
/ Windows XP / SP4: Hotfix for Windows XP (KB954550-v5)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954600)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB955069)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956572)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956802)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956844)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957097)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958644)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958687)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958869)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB959426)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960225)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960803)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960859)
/ Windows XP / SP4: Correctif pour Windows XP (KB961118)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961371-v2)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961501)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB961503)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB967715)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB968389)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB968537)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB969059)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB970238)
/ Windows XP / SP4: Correctif pour Windows XP (KB970653-v3)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971486)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971557)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971633)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971657)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971961)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973346)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973354)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973507)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973525)
/ Windows XP / SP4: Mise à jour pour Windows XP (KB973815)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973869)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB974112)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB974571)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB975025)
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB975467)
/ XML Paper Specification Shared Components Pack 1.0: XML Paper Specification Shared Components Pack 1.0
--- Startup entries list ---
Located: HK_LM:Run, AVGIDS
command: "C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe"
file: C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe
size: 1600008
MD5: 0DBE31AA907D14E87500F7388186A961
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 170520
MD5: 5015BC3C77BA5F6258CFA36926E1C1B6
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 062F3DB9AFA9C3CE0DA52F28595C0C6D
Located: HK_LM:Run, hpqSRMon
command: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
size: 80896
MD5: 941A08CBDEEDF16B6C986B6BA7C9A5D0
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 150040
MD5: AA728E422A2B6121B4B19F88FDE62D3F
Located: HK_LM:Run, Link date regs bits
command: C:\Documents and Settings\All Users\Application Data\hold gpl link date\exit proc.exe
file: C:\Documents and Settings\All Users\Application Data\hold gpl link date\exit proc.exe
size: 733184
MD5: A86412CA232FE744D6E6CD2B7BA34555
Located: HK_LM:Run, McAfee Managed Services Tray
command: "C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe"
file: C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe
size: 95552
MD5: DDB263235DDAC7600B43F78C3A4295D0
Located: HK_LM:Run, MVS Splash
command: C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
file: C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
size: 558400
MD5: 4B337A32B39815B699B0756DC79C3740
Located: HK_LM:Run, PDF Complete
command: C:\Program Files\PDF Complete\pdfsty.exe
file: C:\Program Files\PDF Complete\pdfsty.exe
size: 318488
MD5: 75BECACF841636A1FC8367A0CFD69F7D
Located: HK_LM:Run, Persistence
command: C:\WINDOWS\system32\igfxpers.exe
file: C:\WINDOWS\system32\igfxpers.exe
size: 141848
MD5: 10B4967A0D1C71B747221073F23E774F
Located: HK_LM:Run, Recguard
command: C:\WINDOWS\Sminst\Recguard.exe
file: C:\WINDOWS\Sminst\Recguard.exe
size: 1138688
MD5: 6FF047B21A1B7A5934FF63FD5FB22858
Located: HK_LM:Run, Reminder
command: C:\WINDOWS\Creator\Remind_XP.exe
file: C:\WINDOWS\Creator\Remind_XP.exe
size: 761856
MD5: 89649D4C65FA0DECDBF0C7AFCAF6A051
Located: HK_LM:Run, Scheduler
command: C:\WINDOWS\SMINST\Scheduler.exe
file: C:\WINDOWS\SMINST\Scheduler.exe
size: 872448
MD5: C1915A84502B38D548D0C9351DFF3E47
Located: HK_LM:Run, SetRefresh
command: C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
file: C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
size: 525824
MD5: 0FFA9E2711A0228467BF08228D5B620F
Located: HK_LM:Run, WatchDog
command: C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe
file: C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe
size: 200848
MD5: 2602BE7D661AEE9C6DD4AE49CD0F694F
Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, ares
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: "C:\Program Files\Ares\Ares.exe" -h
file: C:\Program Files\Ares\Ares.exe
size: 1004544
MD5: D1EA7694103F5D5CF11148F9B3864C45
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, msnmsgr
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
Located: HK_CU:Run, swg
where: S-1-5-21-2035850193-3256985425-3873012498-500...
command: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 39408
MD5: 5D61BE7DB55B026A5D61A3EED09D0EAD
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: Démarrage (tous utilisateurs), HP Digital Imaging Monitor.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 214360
MD5: D9335549EAE48B14FB66EFCB6FFAE736
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{0347C33E-8762-4905-BF09-768834316C61} (HP Print Enhancer)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: HP Print Enhancer
CLSID name: HP Print Enhancer
Path: C:\Program Files\HP\Digital Imaging\Smart Web Printing\
Long name: hpswp_printenhancer.dll
Short name: HPSWP_~2.DLL
Date (created): 06/11/2007 01:50:44
Date (last access): 01/11/2009 11:14:02
Date (last write): 06/11/2007 01:50:44
Filesize: 322880
Attributes: archive
MD5: 71D5D112FE02384A6FACA6399DBDA914
CRC32: 64574CCD
Version: 100.0.14173.0
{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (Search Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Search Helper
CLSID name: Search Helper
Path: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\
Long name: SearchHelper.dll
Short name: SEARCH~1.DLL
Date (created): 14/01/2009 17:49:24
Date (last access): 01/11/2009 11:14:02
Date (last write): 14/01/2009 17:49:24
Filesize: 92504
Attributes: archive
MD5: C5700CD3293E88BE85C73ECCCE772E9E
CRC32: 4005D5F1
Version: 1.2.118.0
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 22/01/2009 15:41:30
Date (last access): 01/11/2009 11:14:02
Date (last write): 22/01/2009 15:41:30
Filesize: 408448
Attributes: archive
MD5: B7899C3E21B299D7A3C0DA96CAE340BD
CRC32: 288935F8
Version: 5.0.818.5
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://www.google.com/intl/fr/toolbar/ie/index.html
info source: TonyKlein
Path: C:\Program Files\Google\Google Toolbar\
Long name: GoogleToolbar.dll
Short name: GOOGLE~1.DLL
Date (created): 27/10/2009 19:27:50
Date (last access): 01/11/2009 11:14:02
Date (last write): 27/10/2009 19:27:46
Filesize: 259696
Attributes: archive
MD5: B2A3EE0D6570BAE9BD90892E0009A6AB
CRC32: 230192E8
Version: 6.1.1715.1442
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\
Long name: swg.dll
Short name:
Date (created): 27/10/2009 19:34:46
Date (last access): 01/11/2009 11:13:52
Date (last write): 27/10/2009 19:34:46
Filesize: 762864
Attributes: archive
MD5: 927558FA159FED54852692D729039E67
CRC32: EE7BD555
Version: 5.3.4501.1418
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (Google Dictionary Compression sdch)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Google Dictionary Compression sdch
CLSID name: Google Dictionary Compression sdch
Path: C:\Program Files\Google\Google Toolbar\Component\
Long name: fastsearch_A8904FB862BD9564.dll
Short name: FASTSE~1.DLL
Date (created): 27/10/2009 19:27:46
Date (last access): 01/11/2009 11:14:04
Date (last write): 27/10/2009 19:27:46
Filesize: 470512
Attributes: archive
MD5: E35BCCB1D1D96F8E5B09C72AF70EC3F6
CRC32: 73C702FE
Version: 1.0.610.27482
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (Windows Live Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Live Toolbar Helper
Path: C:\Program Files\Windows Live\Toolbar\
Long name: wltcore.dll
Short name:
Date (created): 06/02/2009 18:17:46
Date (last access): 01/11/2009 11:14:04
Date (last write): 06/02/2009 18:17:46
Filesize: 1068904
Attributes: archive
MD5: 28455424E3C8B81661C5A40E18066BB1
CRC32: E5BA354B
Version: 14.0.8064.206
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} (SingleInstance Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SingleInstance Class
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn\
Long name: YTSingleInstance.dll
Short name: YTSING~1.DLL
Date (created): 28/07/2008 10:47:42
Date (last access): 01/11/2009 11:14:04
Date (last write): 28/07/2008 10:47:42
Filesize: 160496
Attributes: archive
MD5: F64C4241FE5E519F62C47C361DC671D7
CRC32: 5F6F96A7
Version: 2008.7.28.1
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} (HP Smart BHO Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: HP Smart BHO Class
CLSID name: HP Smart BHO Class
Path: C:\Program Files\HP\Digital Imaging\Smart Web Printing\
Long name: hpswp_BHO.dll
Short name: HPSWP_~1.DLL
Date (created): 06/11/2007 01:50:44
Date (last access): 01/11/2009 11:14:04
Date (last write): 06/11/2007 01:50:44
Filesize: 542016
Attributes: archive
MD5: 4A8A49921534B030B27F16FC68FBA1DC
CRC32: DC81D3CD
Version: 100.0.14173.0
--- ActiveX list ---
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\swdir.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 31/07/2009 13:41:42
Date (last access): 01/11/2009 11:14:48
Date (last write): 31/07/2009 13:41:42
Filesize: 206264
Attributes: archive
MD5: 1C3973D5F67549C32B23DC730A48E16B
CRC32: DC797A8F
Version: 11.5.1.601
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10/06/2008 00:32:34
Date (last access): 01/11/2009 11:14:48
Date (last write): 10/06/2008 02:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10/06/2008 00:32:34
Date (last access): 01/11/2009 11:14:48
Date (last write): 10/06/2008 02:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10/06/2008 00:32:34
Date (last access): 01/11/2009 11:14:48
Date (last write): 10/06/2008 02:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
Codebase: http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
--- Process list ---
PID: 0 ( 0) [System]
PID: 756 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 816 ( 756) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 840 ( 756) \??\C:\WINDOWS\system32\winlogon.exe
size: 506368
PID: 896 ( 840) C:\WINDOWS\system32\services.exe
size: 111104
MD5: 51A24094F076961A7FF73E5F7E991D68
PID: 908 ( 840) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 1076 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1152 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1248 ( 896) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1332 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1492 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1748 (1732) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 2A7BD330924252A2FD80344FC949BB72
PID: 1832 ( 896) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DF9FC62AD51CB082B0AE371919A232CB
PID: 1860 ( 896) C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe
size: 5641736
MD5: 5A2355BEBDD8230CFABA3A4CFEB95971
PID: 576 (1748) C:\WINDOWS\system32\igfxtray.exe
size: 150040
MD5: AA728E422A2B6121B4B19F88FDE62D3F
PID: 584 (1748) C:\WINDOWS\system32\hkcmd.exe
size: 170520
MD5: 5015BC3C77BA5F6258CFA36926E1C1B6
PID: 592 (1748) C:\WINDOWS\system32\igfxpers.exe
size: 141848
MD5: 10B4967A0D1C71B747221073F23E774F
PID: 636 (1076) C:\WINDOWS\system32\igfxsrvc.exe
size: 256536
MD5: B8A9B4BDD01297C4A84EE8BA6F9FD130
PID: 980 (1748) C:\WINDOWS\SMINST\Scheduler.exe
size: 872448
MD5: C1915A84502B38D548D0C9351DFF3E47
PID: 1068 (1748) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 062F3DB9AFA9C3CE0DA52F28595C0C6D
PID: 1188 ( 804) C:\PROGRA~1\McAfee\MANAGE~1\Agent\myAgtTry.exe
size: 283968
MD5: 2D686AD2D484EAB06FF539CD554D2B5F
PID: 1236 (1748) C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe
size: 1600008
MD5: 0DBE31AA907D14E87500F7388186A961
PID: 1324 (1748) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 1292 (1748) C:\Program Files\Ares\Ares.exe
size: 1004544
MD5: D1EA7694103F5D5CF11148F9B3864C45
PID: 1376 (1748) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
PID: 1420 (1196) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 1352 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1552 ( 896) C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe
size: 571912
MD5: 7BC545EEA6313E973E475786C0BEF21F
PID: 1700 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1744 ( 896) C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
size: 112152
MD5: 213822072085B5BBAD9AF30AB577D817
PID: 1740 (1748) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 39408
MD5: 5D61BE7DB55B026A5D61A3EED09D0EAD
PID: 1980 ( 896) c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
size: 29178224
MD5: D07C9575726797B0E9069E1108A1C483
PID: 2208 (1748) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 214360
MD5: D9335549EAE48B14FB66EFCB6FFAE736
PID: 2264 ( 896) C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
size: 218432
MD5: 3CEF896965EED2504B1E7F93D80B461C
PID: 2312 ( 896) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 2380 ( 896) C:\Program Files\PDF Complete\pdfsvc.exe
size: 576024
MD5: C7AEFF5113DFEA823A2F50133249E2B8
PID: 2420 ( 896) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 2452 ( 896) C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
size: 185632
MD5: A6A7AD767BF5141665F5C675F671B3E1
PID: 2500 (1236) C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSMonitor.exe
size: 604680
MD5: 87D090696C0BA44A95E9A428B1967DF3
PID: 2588 ( 896) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
size: 226656
MD5: D358E077A0A05D9B12DA22D137EE8464
PID: 2668 ( 896) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
size: 89968
MD5: 54902536AAD0E9B99BC65F89C0CAF93F
PID: 3580 (1248) C:\WINDOWS\system32\wuauclt.exe
size: 51224
MD5: E654B78D2F1D791B30D0ED9A8195EC22
PID: 3688 ( 896) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 3864 (1076) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 227840
MD5: 51A548A604AEC2C362CA503B0CB03831
PID: 1072 ( 896) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 3448 (1748) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 480 (3448) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 1200 (1076) C:\Program Files\Windows Live\Toolbar\wltuser.exe
size: 224632
MD5: 731F05B5C01B3CA9B813561C0B90E722
PID: 3240 ( 556) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 2140 (1112) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 3852 ( 896) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
size: 1179232
MD5: 72A238DFB53A945C7686987A41E36DE2
PID: 2752 (1076) C:\WINDOWS\system32\wbem\unsecapp.exe
size: 16896
MD5: E77B97D96A89DE67DEC6AD76F92C3655
PID: 2324 (3852) C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
size: 788368
MD5: 3ACF4EF79AFC707AFB5D92EA26EAB6AA
PID: 1408 (1748) C:\WINDOWS\system32\osk.exe
size: 216576
MD5: A398264A074A5604A4D6D0A5D54B57E7
PID: 3996 (1408) C:\WINDOWS\system32\MSSWCHX.EXE
size: 6656
MD5: EFD54F044894E26BACE07A8C7B29B798
PID: 2136 (1076) C:\Program Files\Windows Live\Contacts\wlcomm.exe
size: 27512
MD5: 654480EA67078C7B4C6C8BA871B07D5D
PID: 684 (3448) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 3720 (3448) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 2148 (3448) C:\Program Files\Internet Explorer\iexplore.exe
size: 638816
MD5: B60DDDD2D63CE41CB8C487FCFBB6419E
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 01/11/2009 12:00:25
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.google.fr/?gws_rd=ssl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-comm.msn.com&ocid=HPDHP&pc=CMDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr/?ocid=iehp
HKEY_LOCAL_MACHIN