Iinternet Explorer bloqué avec router wifi

Anam3000 -  
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonsoir,
J'utilise un routeur sagem 3304wifi (+ethernet). Au début l'internet était très lent après plus rien ne s'affiche: message: impossible d'afficher la page... je crois bien qu'il s'agit d'un virus.
Avec l'autre modem USB ca marche.
Merci pour jeter un coup d'oeil sur le rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42, on 2010-12-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\SAGEM\SAGEM F@st 3304\SAGEM WiFi manager\WLANUTL.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\TDdownload\antivirus\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.menara.ma/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Abonnés - {52004374-72DE-4AC6-BC02-1033E79FA772} - http://abonne.menara.ma (file missing) (HKCU)
O16 - DPF: Microsoft WFC Forms Designer -
O16 - DPF: Visual Studio 6 Extensibility Libraries -
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BA66EC1-3F6A-49DD-A359-CBAA1290469F} (ToonsXYJ Control) - http://comics.yahoo.co.jp/component/ToonsXYJ.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{04A54072-077C-4E4D-9575-D3A14D8C8761}: NameServer = 62.251.229.237 62.251.229.223
O17 - HKLM\System\CS2\Services\Tcpip\..\{04A54072-077C-4E4D-9575-D3A14D8C8761}: NameServer = 62.251.229.237 62.251.229.223
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

--
End of file - 8320 bytes

16 réponses

  1. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonsoir,

    je règlerai son compte à ce malade Programmeur42 après.

    ===

    Anam, fais ceci :

    Télécharge la dernière version de ZHPDiag

    Enregistre le sur ton Bureau.

    Une fois le téléchargement achevé,fais un double clic sur ZHPDiag.exe et suis les instructions.

    N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

    pour Xp :Double clique sur le raccourci ZHPDiag sur ton Bureau.

    pour vista et Seven : fais un clic droit sur le raccourci ZHPDiag sur ton Bureau et choisis "exécuter en tant qu'administrateur".

    /|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix.

    1) Double clic sur l'icône de ZHPFix.

    Clic sur HOSTFix.

    Réponds non à la question Quitter ?

    Sélectionne le texte du rapport apparu avec la souris puis clique sur l'appareil photo pour copier ces lignes.

    Ouvre une réponse à ce post et colle les dans ta réponse par Ctrl V

    2) Fais redémarrer l'ordi.

    Double clique sur l'icône de ZHPdiag sur ton Bureau

    Clique sur la loupe pour lancer l'analyse.

    Laisse l'outil travailler, il peut être assez long.

    Ferme ZHPDiag en fin d'analyse.

    Pour transmettre le rapport clique sur Cijoint

    Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).

    Sélectionne le fichier ZHPDiag.txt.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.
    2
  2. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    déjà une bonne chose de faite.

    Donc la suite (redémarrage de l'ordi et ZHPDiag).
    1
  3. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Re,

    une vérification :

    Clique sur parcourir et cherche ce fichier : c:\program files\google\googletoolbar1.dll

    Clique sur Send File.

    Un rapport va s'élaborer ligne à ligne.

    Attends la fin. Il doit comprendre la taille du fichier envoyé.

    Sauvegarde le rapport avec le bloc-note.

    Copie le dans ta réponse.

    Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

    ===

    Pourquoi tu es encore au SP2 ?

    ===

    Mets à jour Acrobat Reader 5.0 :

    https://www.commentcamarche.net/telecharger/bureautique/2625-adobe-reader/

    ===

    Mets à jour ta console java :

    Télécharge JavaRa.zip de Paul McLain et Fred de Vries.

    http://raproducts.org/click/click.php?id=1

    * Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
    * Double-clique sur le répertoire JavaRa.
    * Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
    * Choisis Français puis clique sur Select.
    * Clique sur Recherche de mises à jour.
    * Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
    * Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
    * L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
    * Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
    * Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
    * Ferme l'application.

    Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
    --
    @+
    Science sans conscience n'est que ruine de l'âme. Rabelais
    1
  4. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Re,

    il me semble que tu n'as pas fait réanalyser le fichier.

    Ni répondu à mes questions.
    1
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Programmeur42
     
    Bonjour,
    je crois que c'est ton binaire qui foire. Trop de 0, pas assez de 1.
    T'es bon pour tout formater, et encore, si ça fait longtemps tu va carrément avoir à changer d'ordi.
    0
    1. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
       
      (pas) salut

      C'est dans ta tête qu'il y a trop de 0.

      Va te faire soigner et ne reviens pas sinon je te signalerai à la modération.

      Bye
      0
  7. Anam3000
     
    Merci pour la réponse; Mais sans blague, mon ordi marche impec jusqu'à la semaine dernière quand je venais d'installer ce satané routeur wifi (j'ai désactivé firewall win et laissé le routeur filtrer, j'ai aussi ouvert des ports tcp/udp) sauf l'internet sur ce routeur tout marche impec. je ne crois pas ke c l'ordi.
    0
  8. Anam3000
     
    Merci Lyonnais92 pour ton efficace.
    voici le rapport:

    Rapport de ZHPFix 1.12.3227 par Nicolas Coolman, Update du 16/12/2010
    Fichier d'export Registre :
    Run by saidi at 2010-12-31 11:50:57
    Windows XP Professional Service Pack 2 (Build 2600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
    Contact : nicolascoolman@yahoo.fr

    ========== Fichier HOSTS ==========
    127.0.0.1 => Domaine Supprimé
    127.0.0.166.98.148.65 auto.search.msn.com => Domaine Supprimé
    127.0.0.166.98.148.65 auto.search.msn.es => Domaine Supprimé
    Le fichier Hosts est sain

    ========== Récapitulatif ==========
    4 : Fichier HOSTS

    End of the scan

    bye
    0
  9. Anam3000
     
    bonjour,

    voici le lien de u rap d'analyse:

    http://www.cijoint.fr/cjlink.php?file=cj201012/cijJwKwJOQ.txt

    merci
    0
  10. Anam3000
     
    Voici le rapport et merci

    File name:
    76EAE7AE402335AA2CF425C90E424C00D94FEB02.DLL
    Submission date:
    2010-09-15 07:35:08 (UTC)
    Current status:
    finished
    Result:
    0 /43 (0.0%)

    VT Community

    not reviewed
    Safety score: -
    Compact
    Print results
    Antivirus Version Last Update Result
    AhnLab-V3 2010.09.15.01 2010.09.15 -
    AntiVir 8.2.4.52 2010.09.14 -
    Antiy-AVL 2.0.3.7 2010.09.15 -
    Authentium 5.2.0.5 2010.09.15 -
    Avast 4.8.1351.0 2010.09.14 -
    Avast5 5.0.594.0 2010.09.14 -
    AVG 9.0.0.851 2010.09.14 -
    BitDefender 7.2 2010.09.15 -
    CAT-QuickHeal 11.00 2010.09.15 -
    ClamAV 0.96.2.0-git 2010.09.15 -
    Comodo 6081 2010.09.15 -
    DrWeb 5.0.2.03300 2010.09.15 -
    Emsisoft 5.0.0.37 2010.09.15 -
    eSafe 7.0.17.0 2010.09.14 -
    eTrust-Vet 36.1.7855 2010.09.14 -
    F-Prot 4.6.1.107 2010.09.14 -
    F-Secure 9.0.15370.0 2010.09.15 -
    Fortinet 4.1.143.0 2010.09.15 -
    GData 21 2010.09.15 -
    Ikarus T3.1.1.88.0 2010.09.15 -
    Jiangmin 13.0.900 2010.09.15 -
    K7AntiVirus 9.63.2512 2010.09.14 -
    Kaspersky 7.0.0.125 2010.09.15 -
    McAfee 5.400.0.1158 2010.09.15 -
    McAfee-GW-Edition 2010.1B 2010.09.14 -
    Microsoft 1.6103 2010.09.15 -
    NOD32 5451 2010.09.14 -
    Norman 6.06.06 2010.09.14 -
    nProtect 2010-09-14.01 2010.09.14 -
    Panda 10.0.2.7 2010.09.14 -
    PCTools 7.0.3.5 2010.09.15 -
    Prevx 3.0 2010.09.15 -
    Rising 22.65.02.01 2010.09.15 -
    Sophos 4.57.0 2010.09.15 -
    Sunbelt 6877 2010.09.15 -
    SUPERAntiSpyware 4.40.0.1006 2010.09.15 -
    Symantec 20101.1.1.7 2010.09.15 -
    TheHacker 6.7.0.0.018 2010.09.15 -
    TrendMicro 9.120.0.1004 2010.09.15 -
    TrendMicro-HouseCall 9.120.0.1004 2010.09.15 -
    VBA32 3.12.14.0 2010.09.14 -
    ViRobot 2010.8.25.4006 2010.09.15 -
    VirusBuster 12.65.6.0 2010.09.14 -
    Additional information
    Show all
    MD5 : 6d44e0c3b43d27484fbb355e470c4188
    SHA1 : beede005ed2b232fb033cd90ec6299591b6196dd
    SHA256: 9b8720b850c2e5e2e45c487fdc3fab4eea3d74097433c5c040bc200ed0659269
    ssdeep: 49152:5D2etq5pJhoqnjtUnchHL7AlU7nywwSgRxITnW2SW:x2SU/hoqRfy1RYVSW
    File size : 2436160 bytes
    First seen: 2007-09-16 01:53:40
    Last seen : 2010-09-15 07:35:08
    Magic: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
    TrID:
    58.3% (.AX) DirectShow filter (201555/2/20)
    35.7% (.OCX) Windows OCX File (123521/4/18)
    2.4% (.EXE) Win32 Executable Generic (8527/13/3)
    2.1% (.DLL) Win32 Dynamic Link Library (generic) (7583/30/2)
    0.5% (.EXE) Generic Win/DOS Executable (2002/3)
    sigcheck:
    publisher....: Google Inc.
    copyright....: Copyright _copy_ 2000-2006
    product......: Barre d_outils Google pour IE
    description..: Barre d_outils pour IE
    original name: GoogleNav.dll
    internal name: NavClient-_big_
    file version.: 4, 0, 1601, 4978
    comments.....: n/a
    signers......: Google Inc
    VeriSign Class 3 Code Signing 2004 CA
    Class 3 Public Primary Certification Authority
    signing date.: 9:06 AM 1/20/2007
    verified.....: -
    PEiD: -
    PEInfo: PE structure information

    [[ basic data ]]
    entrypointaddress: 0xC5C2C
    timedatestamp....: 0x45B1BC45 (Sat Jan 20 06:52:53 2007)
    machinetype......: 0x14C (Intel I386)

    [[ 6 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0xE3826, 0xE4000, 6.65, 1462df2a2d37f42dd10a1907a83e2f7a
    .rdata, 0xE5000, 0x29B64, 0x2A000, 4.89, d496c4b12492175f1b38571ba29aedf2
    .data, 0x10F000, 0x140ABC, 0xB000, 2.93, 29b0a52b5113dead39a8266b54b9ffc7
    shared, 0x250000, 0x4, 0x1000, 0.0, 620f0b67a91f7f74151bc5be745b7110
    .rsrc, 0x251000, 0x125A38, 0x126000, 6.44, 688cabe5e66216cf4f0623f1b7a9f514
    .reloc, 0x377000, 0xFC9A, 0x10000, 5.85, f1cdcf4dec75c531e1e383ee90fb519c

    [[ 18 import(s) ]]
    advapi32.dll: RegCreateKeyExW, RegDeleteKeyW, RegCloseKey, RegQueryInfoKeyW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegEnumKeyExW, CryptDestroyHash, CryptDestroyKey, RegFlushKey, DeregisterEventSource, ReportEventW, RegisterEventSourceW, GetSidSubAuthority, GetSidSubAuthorityCount, GetSidIdentifierAuthority, IsValidSid, GetAce, AddAce, InitializeSid, InitializeAcl, GetSidLengthRequired, GetTokenInformation, OpenProcessToken, RegEnumValueW, RegSetValueExW, CopySid, GetLengthSid, GetAclInformation, MakeSelfRelativeSD, GetSecurityDescriptorControl, GetSecurityDescriptorLength, RegQueryValueExW, RegDeleteValueW, GetSecurityDescriptorSacl, GetSecurityDescriptorDacl, GetSecurityDescriptorGroup, GetSecurityDescriptorOwner, MakeAbsoluteSD, RegSetKeySecurity, RegGetKeySecurity, FreeSid, CheckTokenMembership, AllocateAndInitializeSid, LookupAccountNameW, ConvertSidToStringSidW, GetUserNameW, RegEnumKeyW, CryptCreateHash, CryptImportKey, CryptVerifySignatureW, CryptHashData, CryptAcquireContextW, CryptReleaseContext, RegOpenKeyExW
    crypt32.dll: CryptDecodeObject, CryptQueryObject, CertEnumCertificatesInStore, CertDuplicateCertificateContext, CertNameToStrW, CertFreeCertificateContext
    gdi32.dll: CreateDCW, LPtoDP, SetMapMode, SelectPalette, SetViewportOrgEx, CreateRectRgnIndirect, GetStretchBltMode, RealizePalette, StretchBlt, CreateHalftonePalette, SetDIBits, CreateDIBSection, SetPixel, SetWindowOrgEx, CreateBitmap, CreatePatternBrush, PatBlt, SetStretchBltMode, GetCurrentObject, GetBkColor, GetTextFaceW, GetTextMetricsW, EnumFontFamiliesExW, GetTextExtentExPointW, GetDeviceCaps, CreateCompatibleBitmap, DeleteDC, DeleteObject, RestoreDC, GetStockObject, CreateSolidBrush, BitBlt, SelectObject, CreateCompatibleDC, CreateFontIndirectW, GetObjectW, GetTextExtentPoint32W, SaveDC, SetBkColor, SetBkMode, SetTextColor, CreateICW, CreatePen, MoveToEx, LineTo, GetLayout, ExtTextOutW, TextOutW
    imagehlp.dll: ImageAddCertificate, ImageGetDigestStream, ImageGetCertificateData, ImageRemoveCertificate, ImageGetCertificateHeader
    imm32.dll: ImmGetCompositionStringW, ImmGetOpenStatus, ImmNotifyIME, ImmReleaseContext, ImmGetContext
    kernel32.dll: GetFileTime, GetStringTypeExW, FileTimeToSystemTime, GetSystemTime, SystemTimeToFileTime, CompareFileTime, MapViewOfFile, OpenFileMappingW, GetVersionExA, VirtualAlloc, GetLocaleInfoW, SearchPathW, UnmapViewOfFile, CreateFileMappingW, MapViewOfFileEx, SetEndOfFile, GetProcessTimes, GetSystemTimeAsFileTime, SetFileAttributesW, VerSetConditionMask, VerifyVersionInfoW, LocalAlloc, HeapDestroy, HeapReAlloc, HeapSize, ExitThread, ResumeThread, IsBadReadPtr, GetTimeZoneInformation, FileTimeToLocalFileTime, GetFileInformationByHandle, PeekNamedPipe, GetFileType, VirtualProtect, GetSystemInfo, ExitProcess, RtlUnwind, LCMapStringA, LCMapStringW, GetCPInfo, TlsAlloc, TlsFree, TlsSetValue, TlsGetValue, HeapCreate, VirtualFree, IsBadWritePtr, UnhandledExceptionFilter, SetHandleCount, GetStdHandle, GetStartupInfoA, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetOEMCP, GetStringTypeA, GetStringTypeW, SetStdHandle, GetTimeFormatA, GetDateFormatA, QueryPerformanceCounter, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, IsBadCodePtr, CreateFileA, CompareStringA, CompareStringW, SetEnvironmentVariableA, FreeLibrary, LoadLibraryExW, CreateMutexW, WideCharToMultiByte, ReleaseMutex, SetEvent, CreateProcessW, lstrcpynW, GetTempPathW, FlushFileBuffers, VirtualQuery, GetUserDefaultUILanguage, GetSystemDefaultUILanguage, SetUnhandledExceptionFilter, ExpandEnvironmentStringsW, TryEnterCriticalSection, SetFilePointer, ReadFile, GetPrivateProfileStringW, lstrlenA, EnumResourceNamesW, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, FindFirstFileW, FindNextFileW, FindClose, TerminateProcess, GetExitCodeProcess, GetFileSize, WaitForMultipleObjects, GlobalHandle, GlobalFree, GetTempFileNameW, GlobalSize, GetTickCount, lstrcmpW, MulDiv, GlobalAlloc, GlobalLock, GlobalUnlock, LoadLibraryA, InterlockedExchangeAdd, MultiByteToWideChar, HeapAlloc, GetProcessHeap, HeapFree, FlushInstructionCache, LeaveCriticalSection, EnterCriticalSection, OpenProcess, GetCurrentProcess, DuplicateHandle, GetCurrentThreadId, lstrcatW, CreateEventW, CreateThread, WaitForSingleObject, GetExitCodeThread, CopyFileW, MoveFileExW, RemoveDirectoryW, DeleteFileW, GetCurrentProcessId, Sleep, GetCommandLineW, GetFullPathNameW, OutputDebugStringA, GetModuleFileNameW, LoadLibraryW, WriteFile, CreateFileW, GetFileAttributesW, FormatMessageW, SetLastError, lstrlenW, lstrcmpiW, lstrcpyW, CloseHandle, InterlockedDecrement, InterlockedIncrement, GetLastError, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, DeleteCriticalSection, InitializeCriticalSection, RaiseException, GetVersionExW, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, LocalFree, GetVersion, GetProcAddress, GetModuleHandleW, GetModuleHandleA, GetCommandLineA
    msi.dll: -, -, -, -, -
    msimg32.dll: AlphaBlend
    ole32.dll: CoRevokeClassObject, CoRegisterClassObject, CoInitialize, CoUninitialize, StringFromGUID2, CoCreateInstance, CoInitializeEx, RevokeDragDrop, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoTaskMemAlloc, OleLockRunning, CoGetClassObject, CLSIDFromProgID, CLSIDFromString, RegisterDragDrop, CoCreateGuid, OleRun, CoTaskMemFree, CoInitializeSecurity, OleSaveToStream, CoTaskMemRealloc, OleRegEnumVerbs, OleRegGetUserType, OleRegGetMiscStatus, CreateOleAdviseHolder, OleLoadFromStream, WriteClassStm
    oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
    shell32.dll: ShellExecuteW, ShellExecuteExW, SHGetSpecialFolderLocation, SHGetMalloc, SHGetDesktopFolder, SHGetSpecialFolderPathW, SHGetFolderPathW, -, CommandLineToArgvW, SHFileOperationW
    shlwapi.dll: SHDeleteKeyW, PathFindExtensionW, SHRegGetUSValueW, SHDeleteValueW, SHSetValueW, ColorHLSToRGB, ColorRGBToHLS, SHGetValueW, PathCombineW, UrlGetPartW, SHRegCloseUSKey, SHRegOpenUSKeyW, StrCatBuffA, SHCopyKeyW, PathAppendW, PathIsDirectoryW, StrRetToStrW, SHOpenRegStream2W, PathCanonicalizeW, PathRemoveFileSpecW, PathIsRelativeW, PathFileExistsW
    urlmon.dll: CreateURLMoniker
    user32.dll: IsWindowEnabled, GetScrollInfo, DrawFrameControl, SetMenuInfo, GetMessagePos, IsDlgButtonChecked, SystemParametersInfoA, LoadImageW, CharLowerBuffW, MsgWaitForMultipleObjects, PeekMessageW, GetSubMenu, SetMenuItemInfoW, LoadMenuW, MonitorFromRect, GetMonitorInfoW, GetComboBoxInfo, LoadIconW, SendDlgItemMessageW, MapWindowPoints, SetDlgItemTextW, PtInRect, CharUpperBuffW, CheckMenuItem, DrawFocusRect, MessageBoxIndirectW, AppendMenuW, TrackPopupMenu, EnableWindow, EndDialog, MapDialogRect, SetWindowContextHelpId, DialogBoxIndirectParamW, GetClassInfoW, SetParent, GetClassLongW, GetCapture, UpdateWindow, SetWindowsHookExW, RegisterClipboardFormatW, GetDlgCtrlID, ShowCursor, CloseClipboard, GetClipboardData, OpenClipboard, DrawEdge, SetWindowRgn, EqualRect, CharLowerW, GetWindowDC, UnionRect, IsCharAlphaNumericW, wvsprintfW, MonitorFromPoint, IsMenu, SetMenuDefaultItem, GetDoubleClickTime, GetSysColorBrush, EndDeferWindowPos, BeginDeferWindowPos, TrackMouseEvent, TrackPopupMenuEx, CreateMenu, UnhookWindowsHookEx, DestroyCursor, GetMenuStringW, ModifyMenuW, GetForegroundWindow, GetWindowThreadProcessId, CallNextHookEx, IsWindowVisible, GetActiveWindow, MessageBeep, PostThreadMessageW, GetMessageW, TranslateMessage, DispatchMessageW, CharUpperW, CharNextW, InSendMessage, MessageBoxW, UnregisterClassW, GetWindowLongW, SetCursor, LoadCursorW, GetAsyncKeyState, GetSysColor, DestroyMenu, SetWindowLongW, DestroyWindow, GetWindowRect, ScreenToClient, ShowWindow, SetCapture, IsWindow, SendMessageW, SetTimer, KillTimer, BringWindowToTop, SetWindowPos, GetMenuItemID, GetMenuItemCount, InvalidateRect, GetParent, FillRect, FrameRect, SetRectEmpty, PostMessageW, CopyRect, IsRectEmpty, InflateRect, OffsetRect, IntersectRect, EndMenu, WindowFromPoint, GetCursorPos, DeleteMenu, GetMenuState, InsertMenuW, DrawTextW, RegisterClassW, RegisterClassExW, GetClassInfoExW, CreateWindowExW, SystemParametersInfoW, GetSystemMetrics, DialogBoxParamW, GetMenuItemInfoW, InsertMenuItemW, CreatePopupMenu, SetWindowTextW, RemoveMenu, FindWindowExW, ClientToScreen, GetClientRect, GetMenuItemRect, RemovePropW, GetPropW, DefWindowProcW, GetWindowTextW, GetWindowTextLengthW, RegisterWindowMessageW, ReleaseDC, GetDC, CallWindowProcW, DrawTextExW, GetClassNameW, MoveWindow, ReleaseCapture, InvalidateRgn, GetDesktopWindow, EndPaint, BeginPaint, SetFocus, GetWindow, IsChild, GetFocus, DestroyAcceleratorTable, GetDlgItem, RedrawWindow, CreateAcceleratorTableW, SendMessageTimeoutW, GetKeyState, wsprintfW, EnumChildWindows, SetPropW
    wininet.dll: HttpOpenRequestA, InternetSetOptionW, InternetCombineUrlW, InternetSetStatusCallbackA, InternetConnectW, HttpOpenRequestW, ReadUrlCacheEntryStream, RetrieveUrlCacheEntryStreamW, UnlockUrlCacheEntryStream, InternetCreateUrlW, InternetCanonicalizeUrlW, GetUrlCacheEntryInfoW, DeleteUrlCacheEntryW, InternetGetConnectedState, InternetCrackUrlW, InternetCloseHandle, InternetOpenUrlW, InternetOpenW, InternetGetCookieExW, InternetConnectA, InternetReadFile, InternetQueryDataAvailable, HttpSendRequestW, HttpAddRequestHeadersW, HttpQueryInfoW
    winmm.dll: PlaySoundW
    wintrust.dll: WinVerifyTrust
    wsock32.dll: -, -, -, -

    [[ 10 export(s) ]]
    BrokerWinMain, DllCanUnloadNow, DllGetClassObject, DllInfoA, DllRegisterServer, DllUnregisterServer, DllUpdated, DllUpdated2, DllVersionStringA, DllVersionStringW

    VT Community

    0

    This file has never been reviewed by any VT Community member. Be the first one to comment on it!

    VirusTotal Team
    0
  11. Anam3000
     
    voici le rap effacement anciennes ver java

    avaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Fri Dec 31 14:47:30 2010

    Found and removed: JavaPlugin.FamilyVersionSupport

    Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

    Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

    Found and removed: JavaScript

    Found and removed: JavaScript Author

    Found and removed: JavaScript1.1

    Found and removed: JavaScript1.1 Author

    Found and removed: JavaScript1.2

    Found and removed: JavaScript1.2 Author

    Found and removed: Software\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}

    Found and removed: Software\Classes\JavaPlugin.160_02

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02

    Found and removed: Software\JavaSoft\Java2D\1.5.0

    Found and removed: Software\JavaSoft\Java2D\1.5.0_03

    Found and removed: Software\JavaSoft\Java2D\1.5.0_13

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\JavaPlugin

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

    Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

    Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

    ------------------------------------

    Finished reporting.
    0
  12. Anam3000
     
    Désolé je n'avais saisi qu'il fallait réanalyser. La réanalyse est en cours, un système d'attente extra lent.
    Pour le sp3 je l'installerai une fois l'ordi nettoyé.
    A+
    0
  13. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Re,

    la réanalyse est si lente ou tu as autre chose à faire (ce qui est naturel) ?

    Si la réanalyse confirme que le fichier est sain, tu peux installer le SP3.

    On verra ensuite, SP3 installé, si ton souci persiste.
    0
    1. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
       
      Bonsoir,

      ici, je "travaille".

      Inutile de polluer le topic.

      J'ai lu.

      merci.
      0
  14. Anam3000
     
    Ok merci le wifi ca marche maintenant, il fallait enlever le cable ethernet.
    ce n'était pas un virus!! Merci quand même.
    0
  15. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    on ne pense jamais assez aux problèmes matériels (désolé).

    Par contre,

    - l'installation du SP3 est très importante pour évfiter des ennuis (comblement de failles de sécurité)

    - il y a de petits restes (dont un adware)

    - il faut supprimer ZHPDiag (c'est un outil qui évolue et dont il faut toujours télécharger et installer la dernière version);

    ===

    Pour les restes :

    Copie dans le Presse-papier les lignes ci-dessous (sélectionne les avec la souris et fais simultanément Ctrl et C)

    [HKCU\Software\Conduit]
    [HKLM\Software\PopCap]
    O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2010-12-30 - 18:38:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\tmp.txt   [0]
    O51 - MPSK:{ab279766-aa51-11dc-9e84-000802cbf9df}\Shell\AutoRun\command - Clé orpheline
    O51 - MPSK:{c4fed3c8-df33-11dd-8265-4d6564696130}\Shell\AutoRun\command - Clé orpheline


    Déconnecte toi d'Internet et ferme toutes les applications ouvertes.

    Pour Xp : Double clique sur l'icône ZHPFix.exe sur ton Bureau.

    Pour Vista : Clique droit sur l'icône ZHPFix.exe sur ton Bureau,
    puis sélectionne 'Exécuter en tant qu'administrateur'.

    Clique successivement sur l'icône H (pour effacer le rapport qui s'est affiché) puis sur l'icône de la malette cachée par la feuille.

    Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

    Clique sur OK, ce qui fait apparaître un carré à gauche de chaque ligne.

    Clique sur "Tous" puis sur "Nettoyer".

    Laisse l'outil travailler.

    Si il te demande de redémarrer l'ordi pour achever le nettoyage, fais le immédiatement.

    Le rapport d'exécution va apparaître dans la fenêtre.

    Copie le dans ta réponse.

    ===

    Je préfère vérifier la bonne exécution de ces instructions avant de faire supprimer ZHPDiag.
    0
  16. Anam3000
     
    bonsoir,
    Voila j'ai supprimé l'adware (voir ci-joint le rapport). au passage je signale que j'avais fais plein de scans en ligne ou par prog local et j'ai éradiqué plein de bestioles qui était apparemment pas nocives puisque mon système tournait sans probs.
    De toute façon je vais installer le SP3. Je ne voulais pas installer le vista qui un peu fort pour ma bécane.
    Merci pour l'aide.

    Rapport de ZHPFix 1.12.3227 par Nicolas Coolman, Update du 16/12/2010
    Fichier d'export Registre : C:\ZHPExportRegistry-2011-01-01-20-19-11.txt
    Run by saidi at 2011-01-01 20:19:11
    Windows XP Professional Service Pack 2 (Build 2600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
    Contact : nicolascoolman@yahoo.fr

    ========== Clé(s) du Registre ==========
    HKCU\Software\Conduit => Clé supprimée avec succès
    HKLM\Software\PopCap => Clé supprimée avec succès
    O51 - MPSK:{ab279766-aa51-11dc-9e84-000802cbf9df}\Shell\AutoRun\command - Clé orpheline => Clé supprimée avec succès
    O51 - MPSK:{c4fed3c8-df33-11dd-8265-4d6564696130}\Shell\AutoRun\command - Clé orpheline => Clé supprimée avec succès

    ========== Fichier(s) ==========
    c:\windows\system32\tmp.txt => Supprimé et mis en quarantaine

    ========== Récapitulatif ==========
    4 : Clé(s) du Registre
    1 : Fichier(s)

    End of the scan
    0
  17. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonsoir,

    si tu décides de changer d'OS Windows, achète Windows 7 et pas Vista.

    ===

    Pour nettoyer les outils :

    Pour Xp : Double clique sur l'icône ZHPFix.exe sur ton Bureau.

    Clique sur le A rouge (Nettoyeur de Tools).

    Clique sur Nettoyer.

    Fais redémarrer l'ordi pour terminer le nettoyage.

    ===

    Je te suggère d'installer un parefeu plus efficace que celui de Xp.

    Mon choix est On line armor :

    tutoriel et lien de téléchargement ici :

    https://www.malekal.com/tutorial-online-armor-free/

    Tu en as d'autres (comodo et Kerio en particulier) si celui-ci ne te plais pas.

    Normalement, l'installation et la désinstallation désactive/réactive le parefeu de Windows.

    Tu peux vérifier par démarrer, Panneau de configuration, parefeu Windows.
    0