Sujet Précédent Sujet Suivant

Msn plantage du systeme

fmasterp Messages postés 18 Statut Membre -  
fmasterp Messages postés 18 Statut Membre -
Bonjour
J'ai un grand souci et votre aide me sera tres precieuse.
Mon systeme plante a chaque fois que je lance msn. Je pensais au depart que c'était juste un pobleme de version puisque j'utilisais la 7.5, alors j'ai installé la version 8 beta et ca ne s'arrange pas. Je crains d'avoir attraper un virus pourtant mon anti virus ne me signale rien d'anormale. Aidez moi s'il vous plait
A voir également:

17 réponses

Réponse 1 / 17
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour,

Eviter les doublons SVP : msn plantage du systeme?CCMSESSID=efc2574e64221bf77c30566f2f47f341

Ensuite une petite lecture concernant MSN et surtout la version 8
internet recapitulatif msn

Si pas de soluce, procéder au nettoyage comme suit :
virus methode preliminaire de desinfection version fr

Bon courage
A++
0
Réponse 2 / 17
fmasterp Messages postés 18 Statut Membre
 
merci pour votre aide. Je vais m'y mettre des que je me libere de mon boulot et je vous tiens informé
0
Réponse 3 / 17
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re,

3 rapports à coller ici :

Si pas de soluce, procéder au nettoyage comme suit :
virus methode preliminaire de desinfection version fr

Bon courage
A++
0
Réponse 4 / 17
fmasterp Messages postés 18 Statut Membre
 
re bonjour
J'ai installé ewido, mais j'arrive pas a l'utiliser pour scanner mon disque pour cause de redemmarage intempestifs. Alors je vais scanner en ligne avec bitdefender online et je vous envoi le rapport.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
fmasterp Messages postés 18 Statut Membre
 
re bonjour
J'ai installé ewido, mais j'arrive pas a l'utiliser pour scanner mon disque pour cause de redemmarage intempestifs. Alors je vais scanner en ligne avec bitdefender online et je vous envoi le rapport.
0
Réponse 6 / 17
fmasterp Messages postés 18 Statut Membre
 
Suite aux plantage successif, vous m'avez demandez de vous poster les différents rapports d'analyse.
Je n'ai pas pu faire l'analyse ewido a cause des redemarrage intempestifs et successifs, j'ai donc fais une analyse bitdefender online avec beaucoup de peine. Voici le rapport d'nalyse

BitDefender Online Scanner

Scan report generated at: Wed, Jun 14, 2006 - 17:34:30

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;

Statistics

Time 03:11:37
Files 657827
Folders 12260
Boot Sectors 6
Archives 3050
Packed Files 60366

Results

Identified Viruses 0
Infected Files 0
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 0

Engines Info

Virus Definitions 387971

Engine build

AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins 13
Archive plugins 39
Unpack plugins 5
E-mail plugins 6
System plugins 1

Scan Settings First Action
Disinfect Second Action

Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions

Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes

Scanned File
Status No virus found.

Logfile of HijackThis v1.99.1
Scan saved at 17:41:57, on 14/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\oracle\ora92\bin\omtsreco.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
D:\oracle\ora92\bin\agntsrvc.exe
D:\WINDOWS\system32\cmd.exe
D:\oracle\ora92\bin\dbsnmp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Look 'n' Stop] "D:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AudioDeck] D:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] D:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: MSN Pictures Displayer.lnk = D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: No-IP DUC.lnk = D:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Choisir comme avatar pour Messenger - D:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer ) - https://parici.sopragroup.com/postauthI/epi.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FBB95C0-ECC3-4589-BF00-61C0AB6398A2}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - D:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - D:\Program Files\No-IP\DUC20.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92Agent - Oracle Corporation - D:\oracle\ora92\bin\agntsrvc.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - D:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: OracleOraHome92PagingServer - Unknown owner - D:\oracle\ora92/bin/pagntsrv.exe
O23 - Service: OracleOraHome92SNMPPeerEncapsulator - Unknown owner - D:\oracle\ora92\BIN\ENCSVC.EXE
O23 - Service: OracleOraHome92SNMPPeerMasterAgent - Unknown owner - D:\oracle\ora92\BIN\AGNTSVC.EXE
O23 - Service: OracleOraHome92TNSListener - Unknown owner - D:\oracle\ora92\BIN\TNSLSNR.exe
O23 - Service: OracleServiceBDD - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: OracleServiceBFBD - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - D:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

Je ne sais pas si avec ceci, ca va aider a resoudre mon prbleme
0
Réponse 7 / 17
fmasterp Messages postés 18 Statut Membre
 
Suite aux plantage successif, vous m'avez demandez de vous poster les différents rapports d'analyse.
Je n'ai pas pu faire l'analyse ewido a cause des redemarrage intempestifs et successifs, j'ai donc fais une analyse bitdefender online avec beaucoup de peine. Voici le rapport d'nalyse

BitDefender Online Scanner

Scan report generated at: Wed, Jun 14, 2006 - 17:34:30

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;

Statistics

Time 03:11:37
Files 657827
Folders 12260
Boot Sectors 6
Archives 3050
Packed Files 60366

Results

Identified Viruses 0
Infected Files 0
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 0

Engines Info

Virus Definitions 387971

Engine build

AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins 13
Archive plugins 39
Unpack plugins 5
E-mail plugins 6
System plugins 1

Scan Settings First Action
Disinfect Second Action

Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions

Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes

Scanned File
Status No virus found.

Logfile of HijackThis v1.99.1
Scan saved at 17:41:57, on 14/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\oracle\ora92\bin\omtsreco.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
D:\oracle\ora92\bin\agntsrvc.exe
D:\WINDOWS\system32\cmd.exe
D:\oracle\ora92\bin\dbsnmp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar:
0
fmasterp Messages postés 18 Statut Membre
 
Finalement j'ai pu faire une analyse ewido en mode sans echec et voici le rapport



---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 19:53:29, 14/06/2006
+ Somme de contrôle: 1F4DD02E

+ Résultats du scan:

D:\Documents and Settings\MASTER\Application Data\ShopperReports -> Adware.HotBar : Nettoyer et sauvegarder
D:\Documents and Settings\MASTER\Application Data\ShopperReports\cs -> Adware.HotBar : Nettoyer et sauvegarder
D:\Documents and Settings\MASTER\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Nettoyer et sauvegarder
D:\Documents and Settings\MASTER\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Nettoyer et sauvegarder
D:\Documents and Settings\MASTER\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Nettoyer et sauvegarder
:mozilla.24:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.26:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.27:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.28:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.29:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.30:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.31:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.34:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.42:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.43:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.44:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.45:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.46:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.47:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.50:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.51:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.52:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.64:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.65:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.77:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
:mozilla.81:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.82:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.83:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.84:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.85:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.93:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.94:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.106:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.107:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.108:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.109:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.110:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.111:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.149:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.157:D:\Documents and Settings\PARRAIN\Application Data\Mozilla\Firefox\Profiles\1bdlll0o.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
D:\Documents and Settings\PARRAIN\Cookies\parrain@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
D:\Documents and Settings\PARRAIN\Cookies\parrain@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
D:\Documents and Settings\PARRAIN\Cookies\parrain@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
D:\Documents and Settings\PARRAIN\Cookies\parrain@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
D:\Documents and Settings\PARRAIN\Cookies\parrain@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
D:\Documents and Settings\PARRAIN\Cookies\parrain@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
D:\Documents and Settings\PARRAIN\Cookies\parrain@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
D:\Program Files\RealVNC\VNC4\winvnc4.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.4110 : Nettoyer et sauvegarder
D:\Program Files\RealVNC\VNC4\wm_hooks.dll -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.4 : Nettoyer et sauvegarder
F:\DOC-Backup 02 02 2006(bis)\Documents and Settings\Master\Cookies\master@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
F:\DOC-Backup 02 02 2006(bis)\Documents and Settings\Master\Cookies\master@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
F:\DOC-Backup 02 02 2006(bis)\Documents and Settings\Master\Cookies\master@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
F:\DOC-Backup 02 02 2006(bis)\Documents and Settings\Master\Cookies\master@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
F:\DOC-Backup 02 02 2006(bis)\Documents and Settings\Master\Cookies\master@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder


::Fin du rapport



itDefender Online Scanner


Scan report generated at: Wed, Jun 14, 2006 - 17:34:30

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;

Statistics

Time 03:11:37
Files 657827
Folders 12260
Boot Sectors 6
Archives 3050
Packed Files 60366

Results

Identified Viruses 0
Infected Files 0
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 0


Engines Info

Virus Definitions 387971

Engine build

AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins 13
Archive plugins 39
Unpack plugins 5
E-mail plugins 6
System plugins 1

Scan Settings First Action
Disinfect Second Action

Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions

Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes

Scanned File
Status No virus found.






Logfile of HijackThis v1.99.1
Scan saved at 20:03:38, on 14/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\savedump.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\No-IP\DUC20.exe
D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Program Files\Soft4Ever\looknstop\looknstop.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\dumprep.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\oracle\ora92\BIN\TNSLSNR.exe
D:\Program Files\No-IP\DUC20.exe
d:\oracle\ora92\bin\ORACLE.EXE
D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
d:\oracle\ora92\bin\ORACLE.EXE
D:\oracle\ora92\bin\oradim.exe
D:\oracle\ora92\bin\oradim.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\system32\imapi.exe
D:\Program Files\Alwil Software\Avast4\setup\avast.setup
D:\WINDOWS\System32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Look 'n' Stop] "D:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AudioDeck] D:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] D:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: MSN Pictures Displayer.lnk = D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: No-IP DUC.lnk = D:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Choisir comme avatar pour Messenger - D:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer ) - https://parici.sopragroup.com/postauthI/epi.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FBB95C0-ECC3-4589-BF00-61C0AB6398A2}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - D:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - D:\Program Files\No-IP\DUC20.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92Agent - Oracle Corporation - D:\oracle\ora92\bin\agntsrvc.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - D:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: OracleOraHome92PagingServer - Unknown owner - D:\oracle\ora92/bin/pagntsrv.exe
O23 - Service: OracleOraHome92SNMPPeerEncapsulator - Unknown owner - D:\oracle\ora92\BIN\ENCSVC.EXE
O23 - Service: OracleOraHome92SNMPPeerMasterAgent - Unknown owner - D:\oracle\ora92\BIN\AGNTSVC.EXE
O23 - Service: OracleOraHome92TNSListener - Unknown owner - D:\oracle\ora92\BIN\TNSLSNR.exe
O23 - Service: OracleServiceBDD - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: OracleServiceBFBD - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - D:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
0
fmasterp Messages postés 18 Statut Membre
 
Bonjour
Y a-t-il quelqu'un ici qui pourrai m'aider a interpreter les différents rapport s'il vous plait?
0
Réponse 8 / 17
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut,

Essaie ceci :

B - spybot version 1.4

(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

Tu refais un Hitjack

A+

ps : période d'exam pour les d'jeunes donc moins de bénévoles sur le forum....
0
fmasterp Messages postés 18 Statut Membre
 
Voici le rapport spybot

--- Search result list ---
Hotbar: Réglages (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E}

Hotbar: Barre d'outils IE (Valeur du registre, fixed)
HKEY_USERS\S-1-5-21-1085031214-616249376-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{74CC49F7-EB32-4A08-B204-948962A6E3DB}

Hotbar: Dossier Programme (Répertoire, fixed)
D:\Program Files\HbTools_Icons\

Comet Cursors: Interface (IFileInfo) (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F7D6F8-A844-4F29-B9C7-294721D91C10}

Avenue A, Inc.: Cookie traceur (Internet Explorer: PARRAIN) (Cookie, fixed)


DoubleClick: Cookie traceur (Internet Explorer: PARRAIN) (Cookie, fixed)


Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)


Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)


Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)


Avenue A, Inc.: Cookie traceur (Firefox: default) (Cookie, fixed)


DoubleClick: Cookie traceur (Firefox: default) (Cookie, fixed)


HitBox: Cookie traceur (Firefox: default) (Cookie, fixed)


MediaPlex: Cookie traceur (Firefox: default) (Cookie, fixed)


ValueClick: Cookie traceur (Firefox: default) (Cookie, fixed)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-06-16 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-06-10 Includes\Cookies.sbi (*)
2006-06-10 Includes\Dialer.sbi (*)
2006-06-10 Includes\Hijackers.sbi (*)
2006-06-10 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-06-10 Includes\Malware.sbi (*)
2006-06-10 Includes\PUPS.sbi (*)
2006-06-10 Includes\Revision.sbi (*)
2006-06-10 Includes\Security.sbi (*)
2006-06-10 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-06-10 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899589)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905915)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913446)


--- Startup entries list ---
Located: HK_LM:Run, Look 'n' Stop
command: "D:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
file: D:\Program Files\Soft4Ever\looknstop\looknstop.exe
size: 364612
MD5: 5610de290eb113c6471d41696ec5714b

Located: HK_LM:Run, NeroFilterCheck
command: D:\WINDOWS\system32\NeroCheck.exe
file: D:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90

Located: HK_CU:Run, CTFMON.EXE
command: D:\WINDOWS\system32\ctfmon.exe
file: D:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64e41e8fee655b03e3f19ded21ba5118

Located: HK_CU:Run, MsnMsgr
command: "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: D:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5278504
MD5: 5476667d81eabb2dc5d4d3a14fb27c0e

Located: Démarrage (utilisateur), No-IP DUC.lnk
command: D:\Program Files\No-IP\DUC20.exe
file: D:\Program Files\No-IP\DUC20.exe
size: 1172992
MD5: 74d679b8f4331e453431efb423aecece

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 02/03/2006 13:53:00
Date (last access): 16/06/2006 11:07:36
Date (last write): 10/11/2005 13:22:12
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 5.0.60.5

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 07/04/2006 00:02:02
Date (last access): 16/06/2006 12:03:04
Date (last write): 07/04/2006 00:02:02
Filesize: 323904
Attributes: archive
MD5: B30FAF9FD36BB993A5FB3A3AFE0E3703
CRC32: 53C1960B
Version: 4.0.246.1

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://www.google.com/intl/fr/toolbar/ie/index.html
info source: TonyKlein
Path: d:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 10/04/2006 23:46:02
Date (last access): 16/06/2006 12:03:04
Date (last write): 14/02/2006 20:06:14
Filesize: 1204224
Attributes: readonly archive
MD5: D91CB7361D7814035F543C7CCAE9DD60
CRC32: 16D568FF
Version: 3.0.131.0



--- ActiveX list ---
{5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer )
DPF name:
CLSID name: Aventail Installer
Installer: D:\WINDOWS\Downloaded Program Files\epi.inf
Codebase: https://parici.sopragroup.com/postauthI/epi.cab
Path: D:\WINDOWS\Downloaded Program Files\
Long name: epi.dll
Short name:
Date (created): 10/04/2006 13:18:38
Date (last access): 16/06/2006 12:00:38
Date (last write): 10/04/2006 13:18:38
Filesize: 218179
Attributes: archive
MD5: 94EF72B7A51217A46CDD4D05A61597FA
CRC32: CF34D507
Version: 8.6.1.184

{9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class)
DPF name:
CLSID name: PhotoPickConvert Class
Installer: D:\WINDOWS\Downloaded Program Files\PhtPkMSN.inf
Codebase: http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
Path: D:\WINDOWS\Downloaded Program Files\
Long name: PhtPkMSN.dll
Short name:
Date (created): 12/04/2005 14:58:46
Date (last access): 16/06/2006 12:00:38
Date (last write): 12/04/2005 14:58:46
Filesize: 77824
Attributes: archive
MD5: 96D1957C46D090566C8243CC6A4D00AF
CRC32: 27BD22B7
Version: 10.0.910.0

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 02/03/2006 13:52:58
Date (last access): 16/06/2006 01:25:22
Date (last write): 10/11/2005 13:22:12
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 02/03/2006 13:52:58
Date (last access): 16/06/2006 12:43:24
Date (last write): 10/11/2005 13:22:12
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5



--- Process list ---
PID: 0 ( 0) [System]
PID: 840 ( 4) \SystemRoot\System32\smss.exe
PID: 928 ( 840) \??\D:\WINDOWS\system32\csrss.exe
PID: 952 ( 840) \??\D:\WINDOWS\system32\winlogon.exe
PID: 996 ( 952) D:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 1016 ( 952) D:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 1164 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1220 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1260 ( 996) D:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1372 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1500 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1760 ( 996) D:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1920 ( 996) D:\Program Files\No-IP\DUC20.exe
size: 1172992
MD5: 74D679B8F4331E453431EFB423AECECE
PID: 1976 ( 996) D:\oracle\ora92\Apache\Apache\apache.exe
size: 4096
MD5: 5C5AFA3DC62A19E00728BDB11C0300A9
PID: 2000 ( 996) D:\oracle\ora92\BIN\TNSLSNR.exe
size: 266192
MD5: 459C752DF82CCBA89B6BD56A7D04C022
PID: 176 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 404 (1976) D:\oracle\ora92\Apache\Apache\apache.exe
size: 4096
MD5: 5C5AFA3DC62A19E00728BDB11C0300A9
PID: 416 ( 996) D:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 820 ( 676) D:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 2A7BD330924252A2FD80344FC949BB72
PID: 1360 ( 820) D:\Program Files\Soft4Ever\looknstop\looknstop.exe
size: 364612
MD5: 5610DE290EB113C6471D41696EC5714B
PID: 1380 ( 820) D:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 1404 ( 820) D:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5278504
MD5: 5476667D81EABB2DC5D4D3A14FB27C0E
PID: 1440 (1260) D:\WINDOWS\system32\wscntfy.exe
size: 13824
MD5: 8558905BA81F6EFAAF9667139BB117DD
PID: 1700 ( 996) D:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 2488 ( 820) D:\Program Files\Mozilla Firefox\firefox.exe
size: 7177325
MD5: 635D94AB57D1B7EDB36B0C4F1A980A88
PID: 1520 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 3184 (1164) D:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: 385D1644E676C96EB07848ADA63E37FA
PID: 3708 (1772) D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 16/06/2006 12:43:24

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
D:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://tchatpassion.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: EWPCA LSP Layered over MSAFD Tcpip [TCP/IP]
GUID: {3A25F0BA-7C65-4861-BD03-CA19D67C624C}
Filename: D:\WINDOWS\system32\betsp.dll

Protocol 6: EWPCA LSP
GUID: {FE350768-F80F-4227-BA7C-7FDB0D22A27B}
Filename: D:\WINDOWS\system32\betsp.dll

Namespace Provider 0: Aventail EWPCA Namespace
GUID: {6F958EE0-98D8-4AA3-99A2-0B65A809E80E}
Filename: D:\WINDOWS\system32\betsp.dll

Namespace Provider 4: Aventail EWPCA Namespace
GUID: {5B5B30AA-3DC9-487F-9159-6222E3527E96}
Filename: D:\WINDOWS\system32\betsp.dll



--- Uninstall list ---
(AddressBook)

Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: D:\Program Files\Adobe\Acrobat 5.0
install source: D:\Documents and Settings\PARRAIN\Local Settings\Temp\pft28A~tmp\
uninstall cmd: D:\WINDOWS\ISUN040C.EXE -f"D:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"D:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link: https://acrobat.adobe.com/us/en/acrobat.html

Advanced eBook Processor (Advanced eBook Processor)
uninstall cmd: D:\PROGRA~1\AEBPR\UNWISE.EXE D:\PROGRA~1\AEBPR\INSTALL.LOG

Azureus 2.4.0.2 (Azureus)
install location: D:\Program Files\Azureus
uninstall cmd: D:\Program Files\Azureus\Uninstall.exe

(Branding)

CleanUp! (CleanUp!)
uninstall cmd: D:\Program Files\CleanUp!\uninstall.exe

(Connection Manager)

Creative PC-CAM Center Lite (Creative PC-CAM Center)
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove

Creative WebCam NX Driver (1.02.01.0827) (Creative PD1110)
uninstall cmd: D:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl

(Creative WebCam Monitor)
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove

(Creative WebCam NX)

Creative DVD Audio Plugin for Audigy Series (CTDVDAudio Plugin)
uninstall cmd: "D:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u

(DirectAnimation)

(DirectDrawEx)

Driver Cleaner 3 3.3 (Driver Cleaner)
uninstall cmd: D:\Program Files\Driver Cleaner\Uninst.exe
publisher: Ruud Ketelaars

(DXM_Runtime)

eMule (eMule)
uninstall cmd: "D:\Program Files\eMule\Uninstall.exe"

EVEREST Ultimate Edition v2.80 2.80 (EVEREST Ultimate Edition_is1)
install location: D:\Program Files\Lavalys\EVEREST Ultimate Edition\
uninstall cmd: "D:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
publisher: Lavalys Inc
help link: http://www.lavalys.com

ewido anti-malware (ewidoantimalware)
install location: D:\Program Files\ewido anti-malware
uninstall cmd: D:\Program Files\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: https://www.avg.com/en-us/free-antivirus-download

File Transfer Plus 1.1 RELEASE (File Transfer Plus_is1)
publisher: RicarDog
contact: support@filetransferplus.com
help link: http://filetransferplus.com/
readme: D:\Program Files\MessengerPlus! 3\Plugins\FileTransferPlus\TransferPlus_Readme.txt

FileZilla Server (remove only) (FileZilla Server)
uninstall cmd: "D:\Program Files\FileZilla Server\uninstall.exe"

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: D:\Program Files\Hijackthis Version Française\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

Hijackthis Version Française (Hijackthis Version Française_is1)
install location: D:\Program Files\Hijackthis Version Française\
uninstall cmd: "D:\Program Files\Hijackthis Version Française\unins000.exe"
publisher: Pc-Help-Bordeaux
help link: http://pchelpbordeaux.free.fr

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

jv16 PowerTools 1.3 (jv16 PowerTools_is1)
uninstall cmd: "D:\Program Files\jv16 PowerTools\unins000.exe"

K!TV 2.3.0.1 (K!TV)
uninstall cmd: D:\Program Files\K!TV\UninstKTV.exe

Correctif Windows XP - KB873339 20041117.092459 (KB873339)
uninstall cmd: D:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/873339

(KB884016)

Correctif Windows XP - KB885250 20050118.202711 (KB885250)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885250

Correctif Windows XP - KB885835 20041027.181713 (KB885835)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885835/ms04-044-vulnerabilities-in-windows-kernel-and-lsass-could-allow-eleva

Correctif Windows XP - KB885836 20041028.173203 (KB885836)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885836/ms04-041-a-vulnerability-in-wordpad-could-allow-code-execution

Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: D:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/886185

Correctif Windows XP - KB887472 20041014.162858 (KB887472)
uninstall cmd: D:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/887472

Correctif Windows XP - KB887742 20041103.095002 (KB887742)
uninstall cmd: D:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/887742

Correctif Windows XP - KB888113 20041116.131036 (KB888113)
uninstall cmd: D:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/888113

Correctif Windows XP - KB888302 20041207.111426 (KB888302)
uninstall cmd: D:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/888302

Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/890046

Correctif Windows XP - KB890859 1 (KB890859)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/890859

Correctif Windows XP - KB891781 20050110.165439 (KB891781)
uninstall cmd: D:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/891781

Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/893756

(KB893803)

Mise à jour pour Windows XP (KB894391) 1 (KB894391)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/894391/

Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896358/ms05-026-a-vulnerability-in-html-help-could-allow-remote-code-executio

Mise à jour de sécurité pour Windows XP (KB896422) 1 (KB896422)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896422/ms05-027-vulnerability-in-server-message-block-could-allow-remote-code

Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

Mise à jour de sécurité pour Windows XP (KB896424) 1 (KB896424)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896424

Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896428

Mise à jour pour Windows XP (KB898461) 1 (KB898461)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/898461/

Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899587

Mise à jour de sécurité pour Windows XP (KB899589) 1 (KB899589)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899589

Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899591

Mise à jour de sécurité pour Windows XP (KB900725) 1 (KB900725)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/900725

Mise à jour de sécurité pour Windows XP (KB901017) 1 (KB901017)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/901017

Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/901214

Mise à jour de sécurité pour Windows XP (KB902400) 1 (KB902400)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/902400/ms05-051-vulnerabilities-in-ms-dtc-and-com-could-allow-remote-code-exe

Mise à jour de sécurité pour Windows XP (KB904706) 2 (KB904706)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/904706

Mise à jour de sécurité pour Windows XP (KB905414) 1 (KB905414)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905414

Mise à jour de sécurité pour Windows XP (KB905749) 1 (KB905749)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905749

Mise à jour de sécurité pour Windows XP (KB905915) 1 (KB905915)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905915

Mise à jour de sécurité pour Windows XP (KB908519) 1 (KB908519)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/908519

Mise à jour pour Windows XP (KB910437) 1 (KB910437)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/910437

Mise à jour de sécurité pour Lecteur Windows Media (KB911564) (KB911564)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911564

Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) (KB911565)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911565

Mise à jour de sécurité pour Windows XP (KB911927) 1 (KB911927)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911927

Mise à jour de sécurité pour Windows XP (KB912919) 1 (KB912919)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/912919

Mise à jour de sécurité pour Windows XP (KB913446) 1 (KB913446)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/913446

K-Lite Codec Pack 2.71 Full 2.71 (KLiteCodecPack_is1)
install location: D:\Program Files\K-Lite Codec Pack\
uninstall cmd: "D:\Program Files\K-Lite Codec Pack\unins000.exe"

Look 'n' Stop 2.05 (Look 'n' Stop 2.05)
uninstall cmd: D:\Program Files\Soft4Ever\looknstop\looknstop -uninst

(MobileOptionPack)

Mozilla Firefox (1.5.0.4) 1.5.0.4 (fr) (Mozilla Firefox (1.5.0.4))
install location: D:\Program Files\Mozilla Firefox
uninstall cmd: D:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.4 (fr)"
publisher: Mozilla

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

MSN Pictures Displayer 3.1 (MSN Pictures Displayer)
uninstall cmd: "D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe" /U
publisher: Sébastien BEGOUIN
help link: https://www.latestgadget.co/

Nero 6 Ultra Edition (Nero - Burning Rom!UninstallKey)
uninstall cmd: D:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

(NetMeeting)

No-IP.com DUC (remove only) v2.2.1 (No-IP.com DUC)
uninstall cmd: "D:\Program Files\No-IP\DUC20.exe" -uninstall
publisher: Vitalwerks & No-IP.com
help link: http://www.noip.com/support/

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf

Private Eye (Private Eye)
uninstall cmd: D:\Program Files\Private Eye\uninstall.exe

VNC Free Edition 4.1.1 4.1.1 (RealVNC_is1)
install location: D:\Program Files\RealVNC\VNC4\
uninstall cmd: "D:\Program Files\RealVNC\VNC4\unins000.exe"
publisher: RealVNC Ltd.
help link: https://www.realvnc.com/en/connect/benefits/

(SchedulingAgent)

SciTE 1.57 (SciTE Source Code Editor_is1)
uninstall cmd: "D:\Program Files\SciTE Source Code Editor\unins000.exe"
publisher: Scintilla
help link: https://www.scintilla.org/SciTE.html

Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection D:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
publisher: Macromedia
help link: https://helpx.adobe.com/flash-player.html

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: D:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "D:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

2.2.397 (StuffPlug-NG)
version (major): 2
version (minor): 2
publisher: TheBlasphemer

THE Rename 2.1.6 2.1.6 (THE Rename_is1)
uninstall cmd: "D:\Program Files\THE Rename\unins000.exe"
publisher: Hervé Thouzard
help link: https://www.herve-thouzard.com/therename.phtml

Trillian (Trillian)
uninstall cmd: D:\Program Files\Trillian\trillian.exe /uninstall

VIA Register Tool (VIA Register Tool)
uninstall cmd: D:\WINDOWS\IsUninst.exe -f"D:\Program Files\Your Company Name\VIA Register Tool\Uninst.isu"

VideoLAN VLC media player 0.8.4a 0.8.4a (VLC media player)
uninstall cmd: D:\Program Files\VideoLAN\VLC\uninstall.exe
publisher: VideoLAN Team

Windows Live Safety scanner (Windows Live Safety scanner)
uninstall cmd: RunDll32.exe "D:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT

WinHTTrack Website Copier 3.30 (WinHTTrack Website Copier_is1)
uninstall cmd: "D:\Program Files\WinHTTrack\unins000.exe"
publisher: HTTrack
help link: http://forum.httrack.com

WinISO 5.3 (WinISO_is1)
uninstall cmd: "D:\Program Files\WinISO\unins000.exe"
publisher: WinISO Computing Inc.
help link: http://www.winiso.com

Archiveur WinRAR (WinRAR archiver)
uninstall cmd: D:\Program Files\WinRAR\uninstall.exe

WMPlus 2 (remove only) (WMPlus2)
publisher: X²Software
help link: http://www.x2software.net/wmplus/

TextoWeb_F6 (XBTB05715.XBTB05715Toolbar)
uninstall cmd: regsvr32 /u /s "D:\Program Files\TextoWeb_F6\sfr_toolbar_f6.dll"

Yahoo! Messenger 5.5 (Yahoo! Messenger)
uninstall cmd: D:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE D:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
publisher: Yahoo! Inc.
help link: https://fr.yahoo.com/?p=us

Platform 1.12 ({20D4A895-748C-4D88-871C-FDB1695B0169})
version: 17563648
version (major): 1
version (minor): 12
estimated size: 2648
install date: 20060612
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\Rar$EX00.813\A1u660b\
publisher: VIA Technologies, Inc.
comments: VIA Hyperion Pro Setup Program
contact: http://forums.viaarena.com/
help link: http://www.viaarena.com/
help telephone: NULL
readme: NULL

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "d:\program files\google\googletoolbar2.dll"

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122273
install date: 20060410
install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_06plus-b05/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: https://www.java.com/en/
help link: https://www.java.com/en/
readme: D:\Program Files\Java\jre1.5.0_06\README.txt

WebFldrs XP 9.50.7523 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2568
install date: 20060409
install source: D:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: https://www.microsoft.com/en-us/windows/

Windows Live Messenger 8.0.0689.00 ({6BE6A4E5-D2C3-476F-A46C-0D5264E46798})
version: 134218417
version (major): 8
estimated size: 28941
install date: 20060613
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{6BE6A4E5-D2C3-476F-A46C-0D5264E46798}
publisher: Microsoft Corporation

Microsoft Office XP Professional avec FrontPage 10.0.4330.0 ({9028040C-6000-11D3-8CFE-0050048383C9})
version: 167776490
version (major): 10
estimated size: 193335
install date: 20060413
install location: INSTALLLOCATION
install source: H:\
uninstall cmd: MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us
readme: D:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM

({CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c

SpeedTouch USB Software ({D41FAAA9-8048-4906-86B2-9AADEA1FA0B7})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\Setup.exe" /l040c -Control_Panel

({D43F13A1-1E39-4BD4-9682-DF889FE75421})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c

Windows Live Sign-in Assistant 4.000.246.1 ({F652D238-5F29-42D5-BAF3-0115EF977EC2})
version: 67109110
version (major): 4
estimated size: 1112
install date: 20060613
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
publisher: Microsoft Corporation



--- System Services ---
Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Pilote ACPI Microsoft
Image path: system32\DRIVERS\ACPI.sys
Image size: 188672
Image MD5: 0BD94FBFC14EA3606CD6CA4C0255BAA3
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Start: 4
Type: 1
Error Control: 1

Service (registry key): aeaudio
Image path: system32\drivers\aeaudio.sys
Image size: 4816
Image MD5: 11C04B17ED2ABBB4833694BCD644AC90
Start: 3
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Suppresseur d'écho acoustique (Noyau Microsoft)
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 841F385C6CFAF66B58FBD898722BB4F0
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: AFD
Description: Environnement de prise en charge de réseau AFD
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Aha154x
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Start: 4
Type: 1
Error Control: 1

Service (registry key): AIDA32Driver
Display name: AIDA32Driver
Image path: \??\D:\Program Files\AIDA32 - Enterprise System Information\aida32.sys
Start: 3
Type: 1
Error Control: 1

Service (registry key): alcan5wn
Display name: SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
Image path: system32\DRIVERS\alcan5wn.sys
Image size: 53600
Image MD5: 0940030D5A5869067CCC03E3B0B8DEC7
Start: 3
Type: 1
Error Control: 1

Service (registry key): alcaudsl
Display name: SpeedTouch ADSL Modem ATM Transport
Image path: system32\DRIVERS\alcaudsl.sys
Image size: 70688
Image MD5: 4C9577888C53243E2991456F510488A1
Start: 3
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Avertissement
Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Service de la passerelle de la couche Application
Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: B43CC0F07752D456038CD0268E4D84E9
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Start: 4
Type: 1
Error Control: 1

Service (registry key): AmdK7
Display name: Pilote de processeur AMD K7
Image path: system32\DRIVERS\amdk7.sys
Image size: 41600
Image MD5: C0F59933070392E662B3C2BB2BE77955
Start: 1
Type: 1
Error Control: 1

Service (registry key): amsint
Start: 4
Type: 1
Error Control: 1

Service (registry key): AppMgmt
Display name: Gestion d'applications
Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 3
Type: 32
Error Control: 1

Service (registry key): asc
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3350p
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3550
Start: 4
Type: 1
Error Control: 1

Service (registry key): AsyncMac
Display name: Pilote de média asynchrone RAS
Description: Pilote de média asynchrone RAS
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: 02000ABF34AF4C218C35D257024807D6
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Display name: Contrôleur de disque dur IDE/ESDI standard
Image path: system32\DRIVERS\atapi.sys
Image size: 95360
Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Start: 4
Type: 1
Error Control: 0

Service (registry key): Atmarpc
Display name: Protocole client ATM ARP
Description: Protocole client ATM ARP
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Display name: Audio Windows
Description: Gère les périphériques audio pour les programmes basés sur Windows. Si ce service est arrêté, les périphériques et les effets audio ne fonctionneront pas correctement. Si ce service est désactivé, les services en dépendant explicitement ne démarreront pas.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Display name: Pilote audio Stub
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Start: 3
Type: 1
Error Control: 1

Service (registry key): BattC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Start: 1
Type: 1
Error Control: 1

Service (registry key): BITS
Display name: Service de transfert intelligent en arrière-plan
Description: Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Browser
Display name: Explorateur d'ordinateur
Description: Tient à jour une liste des ordinateurs présents sur le réseau et fournit cette liste aux ordinateurs désignés comme navigateurs. Si ce service est arrêté, la liste ne sera pas mise ou tenue à jour. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): BT848
Display name: Conexant's BtPCI WDM Video Capture
Image path: system32\DRIVERS\BT848.sys
Image size: 371349
Image MD5: 028A7743DFF85BDA7CE9D507FE104CDF
Start: 2
Type: 1
Error Control: 1

Service (registry key): cbidf2k
Start: 4
Type: 1
Error Control: 1

Service (registry key): CCDECODE
Display name: Décodeur sous-titre fermé
Image path: system32\DRIVERS\CCDECODE.sys
Image size: 17024
Image MD5: 6163ED60B684BAB19D3352AB22FC48B2
Start: 3
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Start: 4
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Display name: Pilote de CD-ROM
Image path: system32\DRIVERS\cdrom.sys
Image size: 49536
Image MD5: AF9C19B3100FE010496B1A27181FBF72
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Start: 1
Type: 1
Error Control: 0

Service (registry key): CiSvc
Display name: Service d'indexation
Description: Construit un index des contenus et des propriétés des fichiers sur les ordinateurs locaux et distants ; fournit un accès rapide aux fichiers par le biais d'un langage d'interrogation flexible.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: ABFAC5D58218C0A655DFCAE2D8A535F3
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Display name: Gestionnaire de l'Album
Description: Active le Gestionnaire de l'Album afin de stocker les informations et les partager avec des ordinateurs à distance. Si le service est arrêté, le Gestionnaire de l'Album ne pourra pas partager les informations avec des ordinateurs à distance. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: E42101918C50F754FC15367814FEC11C
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Service (registry key): CmdIde
Start: 4
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Display name: Application système COM+
Description: Gère la configuration et le suivi des composants de base COM+ (Component Object Model) . Si le service est arrêté, la plupart des composants de base COM+ ne fonctionneront pas correctement. Si ce service est désactivé, les services qui en dépendent de manière explicite ne pourront pas démarrer.
Object name: LocalSystem
Image path: D:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: 9B2CE161927038D4CABE0482A14FD052
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Start: 4
Type: 1
Error Control: 1

Service (registry key): CryptSvc
Display name: Services de cryptographie
Description: Fournit trois services de gestion : le service de base de données de catalogue, qui confirme la signature des fichiers Windows; le service de racine protégée, qui ajoute et supprime des certificats d'autorité de certification de racine approuvés et le service Clé, qui fournit une aide dans l'inscription de cet ordinateur pour les certificats. Si ce service est arrêté, ces services de gestion ne fonctionneront pas correctement. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Start: 4
Type: 1
Error Control: 0

Service (registry key): dac960nt
Start: 4
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Display name: Lanceur de processus serveur DCOM
Description: Fournit la fonctionnalité de lancement des services DCOM.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Display name: Client DHCP
Description: Gère la configuration réseau en inscrivant et en mettant à jour les adresses IP et les noms DNS.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Display name: Pilote de disque
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 00CA44E4534865F8A3B64F7C0984BFF0
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Display name: Service d'administration du Gestionnaire de disque logique
Description: Configure les lecteurs de disque durs et les volumes. Le service ne s'exécute que pour les processus de configurations puis s'arrête.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 225280
Image MD5: 647D03A59615FEE96D647D4426F1537E
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Image path: System32\drivers\dmboot.sys
Image size: 800256
Image MD5: E2D3B7620310FE56685F9B15A6B404B3
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Display name: Pilote de Gestionnaire de disque logique
Image path: System32\drivers\dmio.sys
Image size: 154496
Image MD5: C77F5C20AA70197A69AA84BAA9DE43C8
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmload
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmserver
Display name: Gestionnaire de disque logique
Description: Détecte et analyse de nouveaux lecteurs de disque durs et envoie les informations de volume de disque au service gestionnaire administratif de disque logique pour la configuration. Si ce service est arrêté, l'état des disques dynamiques et les informations de configuration peuvent devenir obsolètes. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Display name: Synthétiseur DLS du noyau Microsoft
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: A6F881284AC1150E37D9AE47FF601267
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Display name: Client DNS
Description: Résout et met en cac
0
Réponse 9 / 17
fmasterp Messages postés 18 Statut Membre
 
--- Search result list ---
Hotbar: Réglages (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E}

Hotbar: Barre d'outils IE (Valeur du registre, fixed)
HKEY_USERS\S-1-5-21-1085031214-616249376-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{74CC49F7-EB32-4A08-B204-948962A6E3DB}

Hotbar: Dossier Programme (Répertoire, fixed)
D:\Program Files\HbTools_Icons\

Comet Cursors: Interface (IFileInfo) (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F7D6F8-A844-4F29-B9C7-294721D91C10}

Avenue A, Inc.: Cookie traceur (Internet Explorer: PARRAIN) (Cookie, fixed)

DoubleClick: Cookie traceur (Internet Explorer: PARRAIN) (Cookie, fixed)

Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)

Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)

Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)

Avenue A, Inc.: Cookie traceur (Firefox: default) (Cookie, fixed)

DoubleClick: Cookie traceur (Firefox: default) (Cookie, fixed)

HitBox: Cookie traceur (Firefox: default) (Cookie, fixed)

MediaPlex: Cookie traceur (Firefox: default) (Cookie, fixed)

ValueClick: Cookie traceur (Firefox: default) (Cookie, fixed)

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-06-16 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-06-10 Includes\Cookies.sbi (*)
2006-06-10 Includes\Dialer.sbi (*)
2006-06-10 Includes\Hijackers.sbi (*)
2006-06-10 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-06-10 Includes\Malware.sbi (*)
2006-06-10 Includes\PUPS.sbi (*)
2006-06-10 Includes\Revision.sbi (*)
2006-06-10 Includes\Security.sbi (*)
2006-06-10 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-06-10 Includes\Trojans.sbi (*)

--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899589)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905915)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913446)

--- Startup entries list ---
Located: HK_LM:Run, Look 'n' Stop
command: "D:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
file: D:\Program Files\Soft4Ever\looknstop\looknstop.exe
size: 364612
MD5: 5610de290eb113c6471d41696ec5714b

Located: HK_LM:Run, NeroFilterCheck
command: D:\WINDOWS\system32\NeroCheck.exe
file: D:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90

Located: HK_CU:Run, CTFMON.EXE
command: D:\WINDOWS\system32\ctfmon.exe
file: D:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64e41e8fee655b03e3f19ded21ba5118

Located: HK_CU:Run, MsnMsgr
command: "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: D:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5278504
MD5: 5476667d81eabb2dc5d4d3a14fb27c0e

Located: Démarrage (utilisateur), No-IP DUC.lnk
command: D:\Program Files\No-IP\DUC20.exe
file: D:\Program Files\No-IP\DUC20.exe
size: 1172992
MD5: 74d679b8f4331e453431efb423aecece

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

--- Browser helper object list ---
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 02/03/2006 13:53:00
Date (last access): 16/06/2006 11:07:36
Date (last write): 10/11/2005 13:22:12
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 5.0.60.5

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 07/04/2006 00:02:02
Date (last access): 16/06/2006 12:03:04
Date (last write): 07/04/2006 00:02:02
Filesize: 323904
Attributes: archive
MD5: B30FAF9FD36BB993A5FB3A3AFE0E3703
CRC32: 53C1960B
Version: 4.0.246.1

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://www.google.com/intl/fr/toolbar/ie/index.html
info source: TonyKlein
Path: d:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 10/04/2006 23:46:02
Date (last access): 16/06/2006 12:03:04
Date (last write): 14/02/2006 20:06:14
Filesize: 1204224
Attributes: readonly archive
MD5: D91CB7361D7814035F543C7CCAE9DD60
CRC32: 16D568FF
Version: 3.0.131.0

--- ActiveX list ---
{5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer )
DPF name:
CLSID name: Aventail Installer
Installer: D:\WINDOWS\Downloaded Program Files\epi.inf
Codebase: https://parici.sopragroup.com/postauthI/epi.cab
Path: D:\WINDOWS\Downloaded Program Files\
Long name: epi.dll
Short name:
Date (created): 10/04/2006 13:18:38
Date (last access): 16/06/2006 12:00:38
Date (last write): 10/04/2006 13:18:38
Filesize: 218179
Attributes: archive
MD5: 94EF72B7A51217A46CDD4D05A61597FA
CRC32: CF34D507
Version: 8.6.1.184

{9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class)
DPF name:
CLSID name: PhotoPickConvert Class
Installer: D:\WINDOWS\Downloaded Program Files\PhtPkMSN.inf
Codebase: http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
Path: D:\WINDOWS\Downloaded Program Files\
Long name: PhtPkMSN.dll
Short name:
Date (created): 12/04/2005 14:58:46
Date (last access): 16/06/2006 12:00:38
Date (last write): 12/04/2005 14:58:46
Filesize: 77824
Attributes: archive
MD5: 96D1957C46D090566C8243CC6A4D00AF
CRC32: 27BD22B7
Version: 10.0.910.0

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 02/03/2006 13:52:58
Date (last access): 16/06/2006 01:25:22
Date (last write): 10/11/2005 13:22:12
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 02/03/2006 13:52:58
Date (last access): 16/06/2006 12:43:24
Date (last write): 10/11/2005 13:22:12
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

--- Process list ---
PID: 0 ( 0) [System]
PID: 840 ( 4) \SystemRoot\System32\smss.exe
PID: 928 ( 840) \??\D:\WINDOWS\system32\csrss.exe
PID: 952 ( 840) \??\D:\WINDOWS\system32\winlogon.exe
PID: 996 ( 952) D:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 1016 ( 952) D:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 1164 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1220 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1260 ( 996) D:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1372 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1500 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1760 ( 996) D:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1920 ( 996) D:\Program Files\No-IP\DUC20.exe
size: 1172992
MD5: 74D679B8F4331E453431EFB423AECECE
PID: 1976 ( 996) D:\oracle\ora92\Apache\Apache\apache.exe
size: 4096
MD5: 5C5AFA3DC62A19E00728BDB11C0300A9
PID: 2000 ( 996) D:\oracle\ora92\BIN\TNSLSNR.exe
size: 266192
MD5: 459C752DF82CCBA89B6BD56A7D04C022
PID: 176 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 404 (1976) D:\oracle\ora92\Apache\Apache\apache.exe
size: 4096
MD5: 5C5AFA3DC62A19E00728BDB11C0300A9
PID: 416 ( 996) D:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 820 ( 676) D:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 2A7BD330924252A2FD80344FC949BB72
PID: 1360 ( 820) D:\Program Files\Soft4Ever\looknstop\looknstop.exe
size: 364612
MD5: 5610DE290EB113C6471D41696EC5714B
PID: 1380 ( 820) D:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 1404 ( 820) D:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5278504
MD5: 5476667D81EABB2DC5D4D3A14FB27C0E
PID: 1440 (1260) D:\WINDOWS\system32\wscntfy.exe
size: 13824
MD5: 8558905BA81F6EFAAF9667139BB117DD
PID: 1700 ( 996) D:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 2488 ( 820) D:\Program Files\Mozilla Firefox\firefox.exe
size: 7177325
MD5: 635D94AB57D1B7EDB36B0C4F1A980A88
PID: 1520 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 3184 (1164) D:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: 385D1644E676C96EB07848ADA63E37FA
PID: 3708 (1772) D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 16/06/2006 12:43:24

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
D:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://tchatpassion.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm

--- Winsock Layered Service Provider list ---
Protocol 0: EWPCA LSP Layered over MSAFD Tcpip [TCP/IP]
GUID: {3A25F0BA-7C65-4861-BD03-CA19D67C624C}
Filename: D:\WINDOWS\system32\betsp.dll

Protocol 6: EWPCA LSP
GUID: {FE350768-F80F-4227-BA7C-7FDB0D22A27B}
Filename: D:\WINDOWS\system32\betsp.dll

Namespace Provider 0: Aventail EWPCA Namespace
GUID: {6F958EE0-98D8-4AA3-99A2-0B65A809E80E}
Filename: D:\WINDOWS\system32\betsp.dll

Namespace Provider 4: Aventail EWPCA Namespace
GUID: {5B5B30AA-3DC9-487F-9159-6222E3527E96}
Filename: D:\WINDOWS\system32\betsp.dll

--- Uninstall list ---
(AddressBook)

Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: D:\Program Files\Adobe\Acrobat 5.0
install source: D:\Documents and Settings\PARRAIN\Local Settings\Temp\pft28A~tmp\
uninstall cmd: D:\WINDOWS\ISUN040C.EXE -f"D:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"D:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link: https://acrobat.adobe.com/us/en/acrobat.html

Advanced eBook Processor (Advanced eBook Processor)
uninstall cmd: D:\PROGRA~1\AEBPR\UNWISE.EXE D:\PROGRA~1\AEBPR\INSTALL.LOG

Azureus 2.4.0.2 (Azureus)
install location: D:\Program Files\Azureus
uninstall cmd: D:\Program Files\Azureus\Uninstall.exe

(Branding)

CleanUp! (CleanUp!)
uninstall cmd: D:\Program Files\CleanUp!\uninstall.exe

(Connection Manager)

Creative PC-CAM Center Lite (Creative PC-CAM Center)
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove

Creative WebCam NX Driver (1.02.01.0827) (Creative PD1110)
uninstall cmd: D:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl

(Creative WebCam Monitor)
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove

(Creative WebCam NX)

Creative DVD Audio Plugin for Audigy Series (CTDVDAudio Plugin)
uninstall cmd: "D:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u

(DirectAnimation)

(DirectDrawEx)

Driver Cleaner 3 3.3 (Driver Cleaner)
uninstall cmd: D:\Program Files\Driver Cleaner\Uninst.exe
publisher: Ruud Ketelaars

(DXM_Runtime)

eMule (eMule)
uninstall cmd: "D:\Program Files\eMule\Uninstall.exe"

EVEREST Ultimate Edition v2.80 2.80 (EVEREST Ultimate Edition_is1)
install location: D:\Program Files\Lavalys\EVEREST Ultimate Edition\
uninstall cmd: "D:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
publisher: Lavalys Inc
help link: http://www.lavalys.com

ewido anti-malware (ewidoantimalware)
install location: D:\Program Files\ewido anti-malware
uninstall cmd: D:\Program Files\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: https://www.avg.com/en-us/free-antivirus-download

File Transfer Plus 1.1 RELEASE (File Transfer Plus_is1)
publisher: RicarDog
contact: support@filetransferplus.com
help link: http://filetransferplus.com/
readme: D:\Program Files\MessengerPlus! 3\Plugins\FileTransferPlus\TransferPlus_Readme.txt

FileZilla Server (remove only) (FileZilla Server)
uninstall cmd: "D:\Program Files\FileZilla Server\uninstall.exe"

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: D:\Program Files\Hijackthis Version Française\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

Hijackthis Version Française (Hijackthis Version Française_is1)
install location: D:\Program Files\Hijackthis Version Française\
uninstall cmd: "D:\Program Files\Hijackthis Version Française\unins000.exe"
publisher: Pc-Help-Bordeaux
help link: http://pchelpbordeaux.free.fr

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

jv16 PowerTools 1.3 (jv16 PowerTools_is1)
uninstall cmd: "D:\Program Files\jv16 PowerTools\unins000.exe"

K!TV 2.3.0.1 (K!TV)
uninstall cmd: D:\Program Files\K!TV\UninstKTV.exe

Correctif Windows XP - KB873339 20041117.092459 (KB873339)
uninstall cmd: D:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/873339

(KB884016)

Correctif Windows XP - KB885250 20050118.202711 (KB885250)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885250

Correctif Windows XP - KB885835 20041027.181713 (KB885835)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885835/ms04-044-vulnerabilities-in-windows-kernel-and-lsass-could-allow-eleva

Correctif Windows XP - KB885836 20041028.173203 (KB885836)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885836/ms04-041-a-vulnerability-in-wordpad-could-allow-code-execution

Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: D:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/886185

Correctif Windows XP - KB887472 20041014.162858 (KB887472)
uninstall cmd: D:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/887472

Correctif Windows XP - KB887742 20041103.095002 (KB887742)
uninstall cmd: D:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/887742

Correctif Windows XP - KB888113 20041116.131036 (KB888113)
uninstall cmd: D:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/888113

Correctif Windows XP - KB888302 20041207.111426 (KB888302)
uninstall cmd: D:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/888302

Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/890046

Correctif Windows XP - KB890859 1 (KB890859)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/890859

Correctif Windows XP - KB891781 20050110.165439 (KB891781)
uninstall cmd: D:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/891781

Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/893756

(KB893803)

Mise à jour pour Windows XP (KB894391) 1 (KB894391)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/894391/

Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896358/ms05-026-a-vulnerability-in-html-help-could-allow-remote-code-executio

Mise à jour de sécurité pour Windows XP (KB896422) 1 (KB896422)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896422/ms05-027-vulnerability-in-server-message-block-could-allow-remote-code

Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

Mise à jour de sécurité pour Windows XP (KB896424) 1 (KB896424)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896424

Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896428

Mise à jour pour Windows XP (KB898461) 1 (KB898461)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/898461/

Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899587

Mise à jour de sécurité pour Windows XP (KB899589) 1 (KB899589)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899589

Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899591

Mise à jour de sécurité pour Windows XP (KB900725) 1 (KB900725)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/900725

Mise à jour de sécurité pour Windows XP (KB901017) 1 (KB901017)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/901017

Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/901214

Mise à jour de sécurité pour Windows XP (KB902400) 1 (KB902400)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/902400/ms05-051-vulnerabilities-in-ms-dtc-and-com-could-allow-remote-code-exe

Mise à jour de sécurité pour Windows XP (KB904706) 2 (KB904706)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/904706

Mise à jour de sécurité pour Windows XP (KB905414) 1 (KB905414)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905414

Mise à jour de sécurité pour Windows XP (KB905749) 1 (KB905749)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905749

Mise à jour de sécurité pour Windows XP (KB905915) 1 (KB905915)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905915

Mise à jour de sécurité pour Windows XP (KB908519) 1 (KB908519)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/908519

Mise à jour pour Windows XP (KB910437) 1 (KB910437)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/910437

Mise à jour de sécurité pour Lecteur Windows Media (KB911564) (KB911564)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911564

Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) (KB911565)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911565

Mise à jour de sécurité pour Windows XP (KB911927) 1 (KB911927)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911927

Mise à jour de sécurité pour Windows XP (KB912919) 1 (KB912919)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/912919

Mise à jour de sécurité pour Windows XP (KB913446) 1 (KB913446)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/913446

K-Lite Codec Pack 2.71 Full 2.71 (KLiteCodecPack_is1)
install location: D:\Program Files\K-Lite Codec Pack\
uninstall cmd: "D:\Program Files\K-Lite Codec Pack\unins000.exe"

Look 'n' Stop 2.05 (Look 'n' Stop 2.05)
uninstall cmd: D:\Program Files\Soft4Ever\looknstop\looknstop -uninst

(MobileOptionPack)

Mozilla Firefox (1.5.0.4) 1.5.0.4 (fr) (Mozilla Firefox (1.5.0.4))
install location: D:\Program Files\Mozilla Firefox
uninstall cmd: D:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.4 (fr)"
publisher: Mozilla

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

MSN Pictures Displayer 3.1 (MSN Pictures Displayer)
uninstall cmd: "D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe" /U
publisher: Sébastien BEGOUIN
help link: https://www.latestgadget.co/

Nero 6 Ultra Edition (Nero - Burning Rom!UninstallKey)
uninstall cmd: D:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

(NetMeeting)

No-IP.com DUC (remove only) v2.2.1 (No-IP.com DUC)
uninstall cmd: "D:\Program Files\No-IP\DUC20.exe" -uninstall
publisher: Vitalwerks & No-IP.com
help link: http://www.noip.com/support/

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf

Private Eye (Private Eye)
uninstall cmd: D:\Program Files\Private Eye\uninstall.exe

VNC Free Edition 4.1.1 4.1.1 (RealVNC_is1)
install location: D:\Program Files\RealVNC\VNC4\
uninstall cmd: "D:\Program Files\RealVNC\VNC4\unins000.exe"
publisher: RealVNC Ltd.
help link: https://www.realvnc.com/en/connect/benefits/

(SchedulingAgent)

SciTE 1.57 (SciTE Source Code Editor_is1)
uninstall cmd: "D:\Program Files\SciTE Source Code Editor\unins000.exe"
publisher: Scintilla
help link: https://www.scintilla.org/SciTE.html

Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection D:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
publisher: Macromedia
help link: https://helpx.adobe.com/flash-player.html

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: D:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "D:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

2.2.397 (StuffPlug-NG)
version (major): 2
version (minor): 2
publisher: TheBlasphemer

THE Rename 2.1.6 2.1.6 (THE Rename_is1)
uninstall cmd: "D:\Program Files\THE Rename\unins000.exe"
publisher: Hervé Thouzard
help link: https://www.herve-thouzard.com/therename.phtml

Trillian (Trillian)
uninstall cmd: D:\Program Files\Trillian\trillian.exe /uninstall

VIA Register Tool (VIA Register Tool)
uninstall cmd: D:\WINDOWS\IsUninst.exe -f"D:\Program Files\Your Company Name\VIA Register Tool\Uninst.isu"

VideoLAN VLC media player 0.8.4a 0.8.4a (VLC media player)
uninstall cmd: D:\Program Files\VideoLAN\VLC\uninstall.exe
publisher: VideoLAN Team

Windows Live Safety scanner (Windows Live Safety scanner)
uninstall cmd: RunDll32.exe "D:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT

WinHTTrack Website Copier 3.30 (WinHTTrack Website Copier_is1)
uninstall cmd: "D:\Program Files\WinHTTrack\unins000.exe"
publisher: HTTrack
help link: http://forum.httrack.com

WinISO 5.3 (WinISO_is1)
uninstall cmd: "D:\Program Files\WinISO\unins000.exe"
publisher: WinISO Computing Inc.
help link: http://www.winiso.com

Archiveur WinRAR (WinRAR archiver)
uninstall cmd: D:\Program Files\WinRAR\uninstall.exe

WMPlus 2 (remove only) (WMPlus2)
publisher: X²Software
help link: http://www.x2software.net/wmplus/

TextoWeb_F6 (XBTB05715.XBTB05715Toolbar)
uninstall cmd: regsvr32 /u /s "D:\Program Files\TextoWeb_F6\sfr_toolbar_f6.dll"

Yahoo! Messenger 5.5 (Yahoo! Messenger)
uninstall cmd: D:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE D:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
publisher: Yahoo! Inc.
help link: https://fr.yahoo.com/?p=us

Platform 1.12 ({20D4A895-748C-4D88-871C-FDB1695B0169})
version: 17563648
version (major): 1
version (minor): 12
estimated size: 2648
install date: 20060612
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\Rar$EX00.813\A1u660b\
publisher: VIA Technologies, Inc.
comments: VIA Hyperion Pro Setup Program
contact: http://forums.viaarena.com/
help link: http://www.viaarena.com/
help telephone: NULL
readme: NULL

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "d:\program files\google\googletoolbar2.dll"

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122273
install date: 20060410
install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_06plus-b05/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: https://www.java.com/en/
help link: https://www.java.com/en/
readme: D:\Program Files\Java\jre1.5.0_06\README.txt

WebFldrs XP 9.50.7523 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2568
install date: 20060409
install source: D:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: https://www.microsoft.com/en-us/windows/

Windows Live Messenger 8.0.0689.00 ({6BE6A4E5-D2C3-476F-A46C-0D5264E46798})
version: 134218417
version (major): 8
estimated size: 28941
install date: 20060613
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{6BE6A4E5-D2C3-476F-A46C-0D5264E46798}
publisher: Microsoft Corporation

Microsoft Office XP Professional avec FrontPage 10.0.4330.0 ({9028040C-6000-11D3-8CFE-0050048383C9})
version: 167776490
version (major): 10
estimated size: 193335
install date: 20060413
install location: INSTALLLOCATION
install source: H:\
uninstall cmd: MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us
readme: D:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM

({CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c

SpeedTouch USB Software ({D41FAAA9-8048-4906-86B2-9AADEA1FA0B7})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\Setup.exe" /l040c -Control_Panel

({D43F13A1-1E39-4BD4-9682-DF889FE75421})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c

Windows Live Sign-in Assistant 4.000.246.1 ({F652D238-5F29-42D5-BAF3-0115EF977EC2})
version: 67109110
version (major): 4
estimated size: 1112
install date: 20060613
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
publisher: Microsoft Corporation

--- System Services ---
Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Pilote ACPI Microsoft
Image path: system32\DRIVERS\ACPI.sys
Image size: 188672
Image MD5: 0BD94FBFC14EA3606CD6CA4C0255BAA3
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Start: 4
Type: 1
Error Control: 1

Service (registry key): aeaudio
Image path: system32\drivers\aeaudio.sys
Image size: 4816
Image MD5: 11C04B17ED2ABBB4833694BCD644AC90
Start: 3
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Suppresseur d'écho acoustique (Noyau Microsoft)
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 841F385C6CFAF66B58FBD898722BB4F0
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: AFD
Description: Environnement de prise en charge de réseau AFD
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Aha154x
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Start: 4
Type: 1
Error Control: 1

Service (registry key): AIDA32Driver
Display name: AIDA32Driver
Image path: \??\D:\Program Files\AIDA32 - Enterprise System Information\aida32.sys
Start: 3
Type: 1
Error Control: 1

Service (registry key): alcan5wn
Display name: SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
Image path: system32\DRIVERS\alcan5wn.sys
Image size: 53600
Image MD5: 0940030D5A5869067CCC03E3B0B8DEC7
Start: 3
Type: 1
Error Control: 1

Service (registry key): alcaudsl
Display name: SpeedTouch ADSL Modem ATM Transport
Image path: system32\DRIVERS\alcaudsl.sys
Image size: 70688
Image MD5: 4C9577888C53243E2991456F510488A1
Start: 3
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Avertissement
Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Service de la passerelle de la couche Application
Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: B43CC0F07752D456038CD0268E4D84E9
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Start: 4
Type: 1
Error Control: 1

Service (registry key): AmdK7
Display name: Pilote de processeur AMD K7
Image path: system32\DRIVERS\amdk7.sys
Image size: 41600
Image MD5: C0F59933070392E662B3C2BB2BE77955
Start: 1
Type: 1
Error Control: 1

Service (registry key): amsint
Start: 4
Type: 1
Error Control: 1

Service (registry key): AppMgmt
Display name: Gestion d'applications
Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 3
Type: 32
Error Control: 1

Service (registry key): asc
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3350p
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3550
Start: 4
Type: 1
Error Control: 1

Service (registry key): AsyncMac
Display name: Pilote de média asynchrone RAS
Description: Pilote de média asynchrone RAS
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: 02000ABF34AF4C218C35D257024807D6
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Display name: Contrôleur de disque dur IDE/ESDI standard
Image path: system32\DRIVERS\atapi.sys
Image size: 95360
Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Start: 4
Type: 1
Error Control: 0

Service (registry key): Atmarpc
Display name: Protocole client ATM ARP
Description: Protocole client ATM ARP
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Display name: Audio Windows
Description: Gère les périphériques audio pour les programmes basés sur Windows. Si ce service est arrêté, les périphériques et les effets audio ne fonctionneront pas correctement. Si ce service est désactivé, les services en dépendant explicitement ne démarreront pas.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Display name: Pilote audio Stub
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Start: 3
Type: 1
Error Control: 1

Service (registry key): BattC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Start: 1
Type: 1
Error Control: 1

Service (registry key): BITS
Display name: Service de transfert intelligent en arrière-plan
Description: Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Browser
Display name: Explorateur d'ordinateur
Description: Tient à jour une liste des ordinateurs présents sur le réseau et fournit cette liste aux ordinateurs désignés comme navigateurs. Si ce service est arrêté, la liste ne sera pas mise ou tenue à jour. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): BT848
Display name: Conexant's BtPCI WDM Video Capture
Image path: system32\DRIVERS\BT848.sys
Image size: 371349
Image MD5: 028A7743DFF85BDA7CE9D507FE104CDF
Start: 2
Type: 1
Error Control: 1

Service (registry key): cbidf2k
Start: 4
Type: 1
Error Control: 1

Service (registry key): CCDECODE
Display name: Décodeur sous-titre fermé
Image path: system32\DRIVERS\CCDECODE.sys
Image size: 17024
Image MD5: 6163ED60B684BAB19D3352AB22FC48B2
Start: 3
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Start: 4
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Display name: Pilote de CD-ROM
Image path: system32\DRIVERS\cdrom.sys
Image size: 49536
Image MD5: AF9C19B3100FE010496B1A27181FBF72
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Start: 1
Type: 1
Error Control: 0

Service (registry key): CiSvc
Display name: Service d'indexation
Description: Construit un index des contenus et des propriétés des fichiers sur les ordinateurs locaux et distants ; fournit un accès rapide aux fichiers par le biais d'un langage d'interrogation flexible.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: ABFAC5D58218C0A655DFCAE2D8A535F3
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Display name: Gestionnaire de l'Album
Description: Active le Gestionnaire de l'Album afin de stocker les informations et les partager avec des ordinateurs à distance. Si le service est arrêté, le Gestionnaire de l'Album ne pourra pas partager les informations avec des ordinateurs à distance. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: E42101918C50F754FC15367814FEC11C
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Service (registry key): CmdIde
Start: 4
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Display name: Application système COM+
Description: Gère la configuration et le suivi des composants de base COM+ (Component Object Model) . Si le service est arrêté, la plupart des composants de base COM+ ne fonctionneront pas correctement. Si ce service est désactivé, les services qui en dépendent de manière explicite ne pourront pas démarrer.
Object name: LocalSystem
Image path: D:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: 9B2CE161927038D4CABE0482A14FD052
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Start: 4
Type: 1
Error Control: 1

Service (registry key): CryptSvc
Display name: Services de cryptographie
Description: Fournit trois services de gestion : le service de base de données de catalogue, qui confirme la signature des fichiers Windows; le service de racine protégée, qui ajoute et supprime des certificats d'autorité de certification de racine approuvés et le service Clé, qui fournit une aide dans l'inscription de cet ordinateur pour les certificats. Si ce service est arrêté, ces services de gestion ne fonctionneront pas correctement. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Start: 4
Type: 1
Error Control: 0

Service (registry key): dac960nt
Start: 4
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Display name: Lanceur de processus serveur DCOM
Description: Fournit la fonctionnalité de lancement des services DCOM.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Display name: Client DHCP
Description: Gère la configuration réseau en inscrivant et en mettant à jour les adresses IP et les noms DNS.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Display name: Pilote de disque
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 00CA44E4534865F8A3B64F7C0984BFF0
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Display name: Service d'administration du Gestionnaire de disque logique
Description: Configure les lecteurs de disque durs et les volumes. Le service ne s'exécute que pour les processus de configurations puis s'arrête.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 225280
Image MD5: 647D03A59615FEE96D647D4426F1537E
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Image path: System32\drivers\dmboot.sys
Image size: 800256
Image MD5: E2D3B7620310FE56685F9B15A6B404B3
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Display name: Pilote de Gestionnaire de disque logique
Image path: System32\drivers\dmio.sys
Image size: 154496
Image MD5: C77F5C20AA70197A69AA84BAA9DE43C8
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmload
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmserver
Display name: Gestionnaire de disque logique
Description: Détecte et analyse de nouveaux lecteurs de disque durs et envoie les informations de volume de disque au service gestionnaire administratif de disque logique pour la configuration. Si ce service est arrêté, l'état des disques dynamiques et les informations de configuration peuvent devenir obsolètes. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Display name: Synthétiseur DLS du noyau Microsoft
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: A6F881284AC1150E37D9AE47FF601267
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Display name: Client DNS
Description: Résout et met en cache les noms DNS pour cet ordinate
0
Réponse 10 / 17
fmasterp Messages postés 18 Statut Membre
 
s'il vous plait, y a t-il quelqu'un pour m'aider a interpreter ces résultats?

--- Search result list ---
Hotbar: Réglages (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E}

Hotbar: Barre d'outils IE (Valeur du registre, fixed)
HKEY_USERS\S-1-5-21-1085031214-616249376-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{74CC49F7-EB32-4A08-B204-948962A6E3DB}

Hotbar: Dossier Programme (Répertoire, fixed)
D:\Program Files\HbTools_Icons\

Comet Cursors: Interface (IFileInfo) (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F7D6F8-A844-4F29-B9C7-294721D91C10}

Avenue A, Inc.: Cookie traceur (Internet Explorer: PARRAIN) (Cookie, fixed)

DoubleClick: Cookie traceur (Internet Explorer: PARRAIN) (Cookie, fixed)

Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)

Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)

Advertising.com: Cookie traceur (Firefox: default) (Cookie, fixed)

Avenue A, Inc.: Cookie traceur (Firefox: default) (Cookie, fixed)

DoubleClick: Cookie traceur (Firefox: default) (Cookie, fixed)

HitBox: Cookie traceur (Firefox: default) (Cookie, fixed)

MediaPlex: Cookie traceur (Firefox: default) (Cookie, fixed)

ValueClick: Cookie traceur (Firefox: default) (Cookie, fixed)

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-06-16 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-06-10 Includes\Cookies.sbi (*)
2006-06-10 Includes\Dialer.sbi (*)
2006-06-10 Includes\Hijackers.sbi (*)
2006-06-10 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-06-10 Includes\Malware.sbi (*)
2006-06-10 Includes\PUPS.sbi (*)
2006-06-10 Includes\Revision.sbi (*)
2006-06-10 Includes\Security.sbi (*)
2006-06-10 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-06-10 Includes\Trojans.sbi (*)

--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899589)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905915)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913446)

--- Startup entries list ---
Located: HK_LM:Run, Look 'n' Stop
command: "D:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
file: D:\Program Files\Soft4Ever\looknstop\looknstop.exe
size: 364612
MD5: 5610de290eb113c6471d41696ec5714b

Located: HK_LM:Run, NeroFilterCheck
command: D:\WINDOWS\system32\NeroCheck.exe
file: D:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90

Located: HK_CU:Run, CTFMON.EXE
command: D:\WINDOWS\system32\ctfmon.exe
file: D:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64e41e8fee655b03e3f19ded21ba5118

Located: HK_CU:Run, MsnMsgr
command: "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: D:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5278504
MD5: 5476667d81eabb2dc5d4d3a14fb27c0e

Located: Démarrage (utilisateur), No-IP DUC.lnk
command: D:\Program Files\No-IP\DUC20.exe
file: D:\Program Files\No-IP\DUC20.exe
size: 1172992
MD5: 74d679b8f4331e453431efb423aecece

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

--- Browser helper object list ---
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 02/03/2006 13:53:00
Date (last access): 16/06/2006 11:07:36
Date (last write): 10/11/2005 13:22:12
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 5.0.60.5

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 07/04/2006 00:02:02
Date (last access): 16/06/2006 12:03:04
Date (last write): 07/04/2006 00:02:02
Filesize: 323904
Attributes: archive
MD5: B30FAF9FD36BB993A5FB3A3AFE0E3703
CRC32: 53C1960B
Version: 4.0.246.1

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://www.google.com/intl/fr/toolbar/ie/index.html
info source: TonyKlein
Path: d:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 10/04/2006 23:46:02
Date (last access): 16/06/2006 12:03:04
Date (last write): 14/02/2006 20:06:14
Filesize: 1204224
Attributes: readonly archive
MD5: D91CB7361D7814035F543C7CCAE9DD60
CRC32: 16D568FF
Version: 3.0.131.0

--- ActiveX list ---
{5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer )
DPF name:
CLSID name: Aventail Installer
Installer: D:\WINDOWS\Downloaded Program Files\epi.inf
Codebase: https://parici.sopragroup.com/postauthI/epi.cab
Path: D:\WINDOWS\Downloaded Program Files\
Long name: epi.dll
Short name:
Date (created): 10/04/2006 13:18:38
Date (last access): 16/06/2006 12:00:38
Date (last write): 10/04/2006 13:18:38
Filesize: 218179
Attributes: archive
MD5: 94EF72B7A51217A46CDD4D05A61597FA
CRC32: CF34D507
Version: 8.6.1.184

{9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class)
DPF name:
CLSID name: PhotoPickConvert Class
Installer: D:\WINDOWS\Downloaded Program Files\PhtPkMSN.inf
Codebase: http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
Path: D:\WINDOWS\Downloaded Program Files\
Long name: PhtPkMSN.dll
Short name:
Date (created): 12/04/2005 14:58:46
Date (last access): 16/06/2006 12:00:38
Date (last write): 12/04/2005 14:58:46
Filesize: 77824
Attributes: archive
MD5: 96D1957C46D090566C8243CC6A4D00AF
CRC32: 27BD22B7
Version: 10.0.910.0

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 02/03/2006 13:52:58
Date (last access): 16/06/2006 01:25:22
Date (last write): 10/11/2005 13:22:12
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Path: D:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 02/03/2006 13:52:58
Date (last access): 16/06/2006 12:43:24
Date (last write): 10/11/2005 13:22:12
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

--- Process list ---
PID: 0 ( 0) [System]
PID: 840 ( 4) \SystemRoot\System32\smss.exe
PID: 928 ( 840) \??\D:\WINDOWS\system32\csrss.exe
PID: 952 ( 840) \??\D:\WINDOWS\system32\winlogon.exe
PID: 996 ( 952) D:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 1016 ( 952) D:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 1164 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1220 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1260 ( 996) D:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1372 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1500 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1760 ( 996) D:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1920 ( 996) D:\Program Files\No-IP\DUC20.exe
size: 1172992
MD5: 74D679B8F4331E453431EFB423AECECE
PID: 1976 ( 996) D:\oracle\ora92\Apache\Apache\apache.exe
size: 4096
MD5: 5C5AFA3DC62A19E00728BDB11C0300A9
PID: 2000 ( 996) D:\oracle\ora92\BIN\TNSLSNR.exe
size: 266192
MD5: 459C752DF82CCBA89B6BD56A7D04C022
PID: 176 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 404 (1976) D:\oracle\ora92\Apache\Apache\apache.exe
size: 4096
MD5: 5C5AFA3DC62A19E00728BDB11C0300A9
PID: 416 ( 996) D:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 820 ( 676) D:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 2A7BD330924252A2FD80344FC949BB72
PID: 1360 ( 820) D:\Program Files\Soft4Ever\looknstop\looknstop.exe
size: 364612
MD5: 5610DE290EB113C6471D41696EC5714B
PID: 1380 ( 820) D:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 1404 ( 820) D:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5278504
MD5: 5476667D81EABB2DC5D4D3A14FB27C0E
PID: 1440 (1260) D:\WINDOWS\system32\wscntfy.exe
size: 13824
MD5: 8558905BA81F6EFAAF9667139BB117DD
PID: 1700 ( 996) D:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 2488 ( 820) D:\Program Files\Mozilla Firefox\firefox.exe
size: 7177325
MD5: 635D94AB57D1B7EDB36B0C4F1A980A88
PID: 1520 ( 996) D:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 3184 (1164) D:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: 385D1644E676C96EB07848ADA63E37FA
PID: 3708 (1772) D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 16/06/2006 12:43:24

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
D:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://tchatpassion.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm

--- Winsock Layered Service Provider list ---
Protocol 0: EWPCA LSP Layered over MSAFD Tcpip [TCP/IP]
GUID: {3A25F0BA-7C65-4861-BD03-CA19D67C624C}
Filename: D:\WINDOWS\system32\betsp.dll

Protocol 6: EWPCA LSP
GUID: {FE350768-F80F-4227-BA7C-7FDB0D22A27B}
Filename: D:\WINDOWS\system32\betsp.dll

Namespace Provider 0: Aventail EWPCA Namespace
GUID: {6F958EE0-98D8-4AA3-99A2-0B65A809E80E}
Filename: D:\WINDOWS\system32\betsp.dll

Namespace Provider 4: Aventail EWPCA Namespace
GUID: {5B5B30AA-3DC9-487F-9159-6222E3527E96}
Filename: D:\WINDOWS\system32\betsp.dll

--- Uninstall list ---
(AddressBook)

Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: D:\Program Files\Adobe\Acrobat 5.0
install source: D:\Documents and Settings\PARRAIN\Local Settings\Temp\pft28A~tmp\
uninstall cmd: D:\WINDOWS\ISUN040C.EXE -f"D:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"D:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link: https://acrobat.adobe.com/us/en/acrobat.html

Advanced eBook Processor (Advanced eBook Processor)
uninstall cmd: D:\PROGRA~1\AEBPR\UNWISE.EXE D:\PROGRA~1\AEBPR\INSTALL.LOG

Azureus 2.4.0.2 (Azureus)
install location: D:\Program Files\Azureus
uninstall cmd: D:\Program Files\Azureus\Uninstall.exe

(Branding)

CleanUp! (CleanUp!)
uninstall cmd: D:\Program Files\CleanUp!\uninstall.exe

(Connection Manager)

Creative PC-CAM Center Lite (Creative PC-CAM Center)
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove

Creative WebCam NX Driver (1.02.01.0827) (Creative PD1110)
uninstall cmd: D:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl

(Creative WebCam Monitor)
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove

(Creative WebCam NX)

Creative DVD Audio Plugin for Audigy Series (CTDVDAudio Plugin)
uninstall cmd: "D:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u

(DirectAnimation)

(DirectDrawEx)

Driver Cleaner 3 3.3 (Driver Cleaner)
uninstall cmd: D:\Program Files\Driver Cleaner\Uninst.exe
publisher: Ruud Ketelaars

(DXM_Runtime)

eMule (eMule)
uninstall cmd: "D:\Program Files\eMule\Uninstall.exe"

EVEREST Ultimate Edition v2.80 2.80 (EVEREST Ultimate Edition_is1)
install location: D:\Program Files\Lavalys\EVEREST Ultimate Edition\
uninstall cmd: "D:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
publisher: Lavalys Inc
help link: http://www.lavalys.com

ewido anti-malware (ewidoantimalware)
install location: D:\Program Files\ewido anti-malware
uninstall cmd: D:\Program Files\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: https://www.avg.com/en-us/free-antivirus-download

File Transfer Plus 1.1 RELEASE (File Transfer Plus_is1)
publisher: RicarDog
contact: support@filetransferplus.com
help link: http://filetransferplus.com/
readme: D:\Program Files\MessengerPlus! 3\Plugins\FileTransferPlus\TransferPlus_Readme.txt

FileZilla Server (remove only) (FileZilla Server)
uninstall cmd: "D:\Program Files\FileZilla Server\uninstall.exe"

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: D:\Program Files\Hijackthis Version Française\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

Hijackthis Version Française (Hijackthis Version Française_is1)
install location: D:\Program Files\Hijackthis Version Française\
uninstall cmd: "D:\Program Files\Hijackthis Version Française\unins000.exe"
publisher: Pc-Help-Bordeaux
help link: http://pchelpbordeaux.free.fr

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

jv16 PowerTools 1.3 (jv16 PowerTools_is1)
uninstall cmd: "D:\Program Files\jv16 PowerTools\unins000.exe"

K!TV 2.3.0.1 (K!TV)
uninstall cmd: D:\Program Files\K!TV\UninstKTV.exe

Correctif Windows XP - KB873339 20041117.092459 (KB873339)
uninstall cmd: D:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/873339

(KB884016)

Correctif Windows XP - KB885250 20050118.202711 (KB885250)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885250

Correctif Windows XP - KB885835 20041027.181713 (KB885835)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885835/ms04-044-vulnerabilities-in-windows-kernel-and-lsass-could-allow-eleva

Correctif Windows XP - KB885836 20041028.173203 (KB885836)
uninstall cmd: D:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885836/ms04-041-a-vulnerability-in-wordpad-could-allow-code-execution

Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: D:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/886185

Correctif Windows XP - KB887472 20041014.162858 (KB887472)
uninstall cmd: D:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/887472

Correctif Windows XP - KB887742 20041103.095002 (KB887742)
uninstall cmd: D:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/887742

Correctif Windows XP - KB888113 20041116.131036 (KB888113)
uninstall cmd: D:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/888113

Correctif Windows XP - KB888302 20041207.111426 (KB888302)
uninstall cmd: D:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/888302

Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/890046

Correctif Windows XP - KB890859 1 (KB890859)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/890859

Correctif Windows XP - KB891781 20050110.165439 (KB891781)
uninstall cmd: D:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/891781

Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/893756

(KB893803)

Mise à jour pour Windows XP (KB894391) 1 (KB894391)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/894391/

Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896358/ms05-026-a-vulnerability-in-html-help-could-allow-remote-code-executio

Mise à jour de sécurité pour Windows XP (KB896422) 1 (KB896422)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896422/ms05-027-vulnerability-in-server-message-block-could-allow-remote-code

Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

Mise à jour de sécurité pour Windows XP (KB896424) 1 (KB896424)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896424

Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896428

Mise à jour pour Windows XP (KB898461) 1 (KB898461)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/898461/

Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899587

Mise à jour de sécurité pour Windows XP (KB899589) 1 (KB899589)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899589

Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899591

Mise à jour de sécurité pour Windows XP (KB900725) 1 (KB900725)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/900725

Mise à jour de sécurité pour Windows XP (KB901017) 1 (KB901017)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/901017

Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/901214

Mise à jour de sécurité pour Windows XP (KB902400) 1 (KB902400)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/902400/ms05-051-vulnerabilities-in-ms-dtc-and-com-could-allow-remote-code-exe

Mise à jour de sécurité pour Windows XP (KB904706) 2 (KB904706)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/904706

Mise à jour de sécurité pour Windows XP (KB905414) 1 (KB905414)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905414

Mise à jour de sécurité pour Windows XP (KB905749) 1 (KB905749)
install date: 20060411
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905749

Mise à jour de sécurité pour Windows XP (KB905915) 1 (KB905915)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905915

Mise à jour de sécurité pour Windows XP (KB908519) 1 (KB908519)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/908519

Mise à jour pour Windows XP (KB910437) 1 (KB910437)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/910437

Mise à jour de sécurité pour Lecteur Windows Media (KB911564) (KB911564)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911564

Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) (KB911565)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911565

Mise à jour de sécurité pour Windows XP (KB911927) 1 (KB911927)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911927

Mise à jour de sécurité pour Windows XP (KB912919) 1 (KB912919)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/912919

Mise à jour de sécurité pour Windows XP (KB913446) 1 (KB913446)
install date: 20060410
uninstall cmd: "D:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/913446

K-Lite Codec Pack 2.71 Full 2.71 (KLiteCodecPack_is1)
install location: D:\Program Files\K-Lite Codec Pack\
uninstall cmd: "D:\Program Files\K-Lite Codec Pack\unins000.exe"

Look 'n' Stop 2.05 (Look 'n' Stop 2.05)
uninstall cmd: D:\Program Files\Soft4Ever\looknstop\looknstop -uninst

(MobileOptionPack)

Mozilla Firefox (1.5.0.4) 1.5.0.4 (fr) (Mozilla Firefox (1.5.0.4))
install location: D:\Program Files\Mozilla Firefox
uninstall cmd: D:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.4 (fr)"
publisher: Mozilla

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

MSN Pictures Displayer 3.1 (MSN Pictures Displayer)
uninstall cmd: "D:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe" /U
publisher: Sébastien BEGOUIN
help link: https://www.latestgadget.co/

Nero 6 Ultra Edition (Nero - Burning Rom!UninstallKey)
uninstall cmd: D:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

(NetMeeting)

No-IP.com DUC (remove only) v2.2.1 (No-IP.com DUC)
uninstall cmd: "D:\Program Files\No-IP\DUC20.exe" -uninstall
publisher: Vitalwerks & No-IP.com
help link: http://www.noip.com/support/

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf

Private Eye (Private Eye)
uninstall cmd: D:\Program Files\Private Eye\uninstall.exe

VNC Free Edition 4.1.1 4.1.1 (RealVNC_is1)
install location: D:\Program Files\RealVNC\VNC4\
uninstall cmd: "D:\Program Files\RealVNC\VNC4\unins000.exe"
publisher: RealVNC Ltd.
help link: https://www.realvnc.com/en/connect/benefits/

(SchedulingAgent)

SciTE 1.57 (SciTE Source Code Editor_is1)
uninstall cmd: "D:\Program Files\SciTE Source Code Editor\unins000.exe"
publisher: Scintilla
help link: https://www.scintilla.org/SciTE.html

Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection D:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
publisher: Macromedia
help link: https://helpx.adobe.com/flash-player.html

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: D:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "D:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

2.2.397 (StuffPlug-NG)
version (major): 2
version (minor): 2
publisher: TheBlasphemer

THE Rename 2.1.6 2.1.6 (THE Rename_is1)
uninstall cmd: "D:\Program Files\THE Rename\unins000.exe"
publisher: Hervé Thouzard
help link: https://www.herve-thouzard.com/therename.phtml

Trillian (Trillian)
uninstall cmd: D:\Program Files\Trillian\trillian.exe /uninstall

VIA Register Tool (VIA Register Tool)
uninstall cmd: D:\WINDOWS\IsUninst.exe -f"D:\Program Files\Your Company Name\VIA Register Tool\Uninst.isu"

VideoLAN VLC media player 0.8.4a 0.8.4a (VLC media player)
uninstall cmd: D:\Program Files\VideoLAN\VLC\uninstall.exe
publisher: VideoLAN Team

Windows Live Safety scanner (Windows Live Safety scanner)
uninstall cmd: RunDll32.exe "D:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT

WinHTTrack Website Copier 3.30 (WinHTTrack Website Copier_is1)
uninstall cmd: "D:\Program Files\WinHTTrack\unins000.exe"
publisher: HTTrack
help link: http://forum.httrack.com

WinISO 5.3 (WinISO_is1)
uninstall cmd: "D:\Program Files\WinISO\unins000.exe"
publisher: WinISO Computing Inc.
help link: http://www.winiso.com

Archiveur WinRAR (WinRAR archiver)
uninstall cmd: D:\Program Files\WinRAR\uninstall.exe

WMPlus 2 (remove only) (WMPlus2)
publisher: X²Software
help link: http://www.x2software.net/wmplus/

TextoWeb_F6 (XBTB05715.XBTB05715Toolbar)
uninstall cmd: regsvr32 /u /s "D:\Program Files\TextoWeb_F6\sfr_toolbar_f6.dll"

Yahoo! Messenger 5.5 (Yahoo! Messenger)
uninstall cmd: D:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE D:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
publisher: Yahoo! Inc.
help link: https://fr.yahoo.com/?p=us

Platform 1.12 ({20D4A895-748C-4D88-871C-FDB1695B0169})
version: 17563648
version (major): 1
version (minor): 12
estimated size: 2648
install date: 20060612
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\Rar$EX00.813\A1u660b\
publisher: VIA Technologies, Inc.
comments: VIA Hyperion Pro Setup Program
contact: http://forums.viaarena.com/
help link: http://www.viaarena.com/
help telephone: NULL
readme: NULL

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "d:\program files\google\googletoolbar2.dll"

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122273
install date: 20060410
install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_06plus-b05/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: https://www.java.com/en/
help link: https://www.java.com/en/
readme: D:\Program Files\Java\jre1.5.0_06\README.txt

WebFldrs XP 9.50.7523 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2568
install date: 20060409
install source: D:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: https://www.microsoft.com/en-us/windows/

Windows Live Messenger 8.0.0689.00 ({6BE6A4E5-D2C3-476F-A46C-0D5264E46798})
version: 134218417
version (major): 8
estimated size: 28941
install date: 20060613
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{6BE6A4E5-D2C3-476F-A46C-0D5264E46798}
publisher: Microsoft Corporation

Microsoft Office XP Professional avec FrontPage 10.0.4330.0 ({9028040C-6000-11D3-8CFE-0050048383C9})
version: 167776490
version (major): 10
estimated size: 193335
install date: 20060413
install location: INSTALLLOCATION
install source: H:\
uninstall cmd: MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us
readme: D:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM

({CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c

SpeedTouch USB Software ({D41FAAA9-8048-4906-86B2-9AADEA1FA0B7})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\Setup.exe" /l040c -Control_Panel

({D43F13A1-1E39-4BD4-9682-DF889FE75421})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c

Windows Live Sign-in Assistant 4.000.246.1 ({F652D238-5F29-42D5-BAF3-0115EF977EC2})
version: 67109110
version (major): 4
estimated size: 1112
install date: 20060613
install source: D:\DOCUME~1\PARRAIN\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
publisher: Microsoft Corporation

--- System Services ---
Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Pilote ACPI Microsoft
Image path: system32\DRIVERS\ACPI.sys
Image size: 188672
Image MD5: 0BD94FBFC14EA3606CD6CA4C0255BAA3
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Start: 4
Type: 1
Error Control: 1

Service (registry key): aeaudio
Image path: system32\drivers\aeaudio.sys
Image size: 4816
Image MD5: 11C04B17ED2ABBB4833694BCD644AC90
Start: 3
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Suppresseur d'écho acoustique (Noyau Microsoft)
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 841F385C6CFAF66B58FBD898722BB4F0
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: AFD
Description: Environnement de prise en charge de réseau AFD
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Aha154x
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Start: 4
Type: 1
Error Control: 1

Service (registry key): AIDA32Driver
Display name: AIDA32Driver
Image path: \??\D:\Program Files\AIDA32 - Enterprise System Information\aida32.sys
Start: 3
Type: 1
Error Control: 1

Service (registry key): alcan5wn
Display name: SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
Image path: system32\DRIVERS\alcan5wn.sys
Image size: 53600
Image MD5: 0940030D5A5869067CCC03E3B0B8DEC7
Start: 3
Type: 1
Error Control: 1

Service (registry key): alcaudsl
Display name: SpeedTouch ADSL Modem ATM Transport
Image path: system32\DRIVERS\alcaudsl.sys
Image size: 70688
Image MD5: 4C9577888C53243E2991456F510488A1
Start: 3
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Avertissement
Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Service de la passerelle de la couche Application
Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: B43CC0F07752D456038CD0268E4D84E9
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Start: 4
Type: 1
Error Control: 1

Service (registry key): AmdK7
Display name: Pilote de processeur AMD K7
Image path: system32\DRIVERS\amdk7.sys
Image size: 41600
Image MD5: C0F59933070392E662B3C2BB2BE77955
Start: 1
Type: 1
Error Control: 1

Service (registry key): amsint
Start: 4
Type: 1
Error Control: 1

Service (registry key): AppMgmt
Display name: Gestion d'applications
Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 3
Type: 32
Error Control: 1

Service (registry key): asc
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3350p
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3550
Start: 4
Type: 1
Error Control: 1

Service (registry key): AsyncMac
Display name: Pilote de média asynchrone RAS
Description: Pilote de média asynchrone RAS
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: 02000ABF34AF4C218C35D257024807D6
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Display name: Contrôleur de disque dur IDE/ESDI standard
Image path: system32\DRIVERS\atapi.sys
Image size: 95360
Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Start: 4
Type: 1
Error Control: 0

Service (registry key): Atmarpc
Display name: Protocole client ATM ARP
Description: Protocole client ATM ARP
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Display name: Audio Windows
Description: Gère les périphériques audio pour les programmes basés sur Windows. Si ce service est arrêté, les périphériques et les effets audio ne fonctionneront pas correctement. Si ce service est désactivé, les services en dépendant explicitement ne démarreront pas.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Display name: Pilote audio Stub
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Start: 3
Type: 1
Error Control: 1

Service (registry key): BattC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Start: 1
Type: 1
Error Control: 1

Service (registry key): BITS
Display name: Service de transfert intelligent en arrière-plan
Description: Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Browser
Display name: Explorateur d'ordinateur
Description: Tient à jour une liste des ordinateurs présents sur le réseau et fournit cette liste aux ordinateurs désignés comme navigateurs. Si ce service est arrêté, la liste ne sera pas mise ou tenue à jour. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): BT848
Display name: Conexant's BtPCI WDM Video Capture
Image path: system32\DRIVERS\BT848.sys
Image size: 371349
Image MD5: 028A7743DFF85BDA7CE9D507FE104CDF
Start: 2
Type: 1
Error Control: 1

Service (registry key): cbidf2k
Start: 4
Type: 1
Error Control: 1

Service (registry key): CCDECODE
Display name: Décodeur sous-titre fermé
Image path: system32\DRIVERS\CCDECODE.sys
Image size: 17024
Image MD5: 6163ED60B684BAB19D3352AB22FC48B2
Start: 3
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Start: 4
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Display name: Pilote de CD-ROM
Image path: system32\DRIVERS\cdrom.sys
Image size: 49536
Image MD5: AF9C19B3100FE010496B1A27181FBF72
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Start: 1
Type: 1
Error Control: 0

Service (registry key): CiSvc
Display name: Service d'indexation
Description: Construit un index des contenus et des propriétés des fichiers sur les ordinateurs locaux et distants ; fournit un accès rapide aux fichiers par le biais d'un langage d'interrogation flexible.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: ABFAC5D58218C0A655DFCAE2D8A535F3
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Display name: Gestionnaire de l'Album
Description: Active le Gestionnaire de l'Album afin de stocker les informations et les partager avec des ordinateurs à distance. Si le service est arrêté, le Gestionnaire de l'Album ne pourra pas partager les informations avec des ordinateurs à distance. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: E42101918C50F754FC15367814FEC11C
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Service (registry key): CmdIde
Start: 4
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Display name: Application système COM+
Description: Gère la configuration et le suivi des composants de base COM+ (Component Object Model) . Si le service est arrêté, la plupart des composants de base COM+ ne fonctionneront pas correctement. Si ce service est désactivé, les services qui en dépendent de manière explicite ne pourront pas démarrer.
Object name: LocalSystem
Image path: D:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: 9B2CE161927038D4CABE0482A14FD052
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Start: 4
Type: 1
Error Control: 1

Service (registry key): CryptSvc
Display name: Services de cryptographie
Description: Fournit trois services de gestion : le service de base de données de catalogue, qui confirme la signature des fichiers Windows; le service de racine protégée, qui ajoute et supprime des certificats d'autorité de certification de racine approuvés et le service Clé, qui fournit une aide dans l'inscription de cet ordinateur pour les certificats. Si ce service est arrêté, ces services de gestion ne fonctionneront pas correctement. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Start: 4
Type: 1
Error Control: 0

Service (registry key): dac960nt
Start: 4
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Display name: Lanceur de processus serveur DCOM
Description: Fournit la fonctionnalité de lancement des services DCOM.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Display name: Client DHCP
Description: Gère la configuration réseau en inscrivant et en mettant à jour les adresses IP et les noms DNS.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Display name: Pilote de disque
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 00CA44E4534865F8A3B64F7C0984BFF0
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Display name: Service d'administration du Gestionnaire de disque logique
Description: Configure les lecteurs de disque durs et les volumes. Le service ne s'exécute que pour les processus de configurations puis s'arrête.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 225280
Image MD5: 647D03A59615FEE96D647D4426F1537E
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Image path: System32\drivers\dmboot.sys
Image size: 800256
Image MD5: E2D3B7620310FE56685F9B15A6B404B3
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Display name: Pilote de Gestionnaire de disque logique
Image path: System32\drivers\dmio.sys
Image size: 154496
Image MD5: C77F5C20AA70197A69AA84BAA9DE43C8
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmload
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Start: 0
Type: 1
Error Control: 1

Service (registry key): dmserver
Display name: Gestionnaire de disque logique
Description: Détecte et analyse de nouveaux lecteurs de disque durs et envoie les informations de volume de disque au service gestionnaire administratif de disque logique pour la configuration. Si ce service est arrêté, l'état des disques dynamiques et les informations de configuration peuvent devenir obsolètes. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Display name: Synthétiseur DLS du noyau Microsoft
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: A6F881284AC1150E37D9AE47FF601267
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Displa
0
Réponse 11 / 17
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Où en sont tes soucis ??

A++

0
fmasterp Messages postés 18 Statut Membre
 
Merci de venir aux nouvelles.
J'ai eu de nouvaux problemes que j'ai du jeter l'éponge.
Vous m'avez demandez de poster les rapport hijackthis, spybot, ewido, bitdefender online ce que j'ai fais. Mais je n'ai pas eu de réponde des administrateurs sur l'interpretation de ces rapports ou la conduite a tenir surement dû au fait que c'est la période des examens et qu'il y a pas assez de personnel.

J'ai eu entretemps une erreur nv4_disp du a l'installation d'une version obsolete du pilote nvidia. Alors je me suis dis que peut etre mon probleme venais de la au départ.
J'ai desinstallé completement ce pilote eu la version originale que j'ai retrouvé sur son CD n'arrange pas les choses.

Peut etre que ces nouveaux éléments pouront vous aider a m'aider.

Merci encore
0
Réponse 12 / 17
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Slt,

Je t'avais demandé de faire le nettoyage avec spybot.......pas le rapport de spybot........

spybot version 1.4

(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite


As-tu lu la démo ???

voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

Et de coller un Hitjack ensuite...

A++++
0
Réponse 13 / 17
fmasterp Messages postés 18 Statut Membre
 
Bonjour Marie
Comme demandé, voici le rapport Hitjack

Logfile of HijackThis v1.99.1
Scan saved at 11:49:32, on 17/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\No-IP\DUC20.exe
D:\oracle\ora92\bin\omtsreco.exe
D:\oracle\ora92\bin\agntsrvc.exe
D:\WINDOWS\system32\cmd.exe
D:\oracle\ora92\Apache\Apache\apache.exe
D:\oracle\ora92\bin\pagntsrv.exe
D:\oracle\ora92\bin\dbsnmp.exe
D:\oracle\ora92\BIN\ENCSVC.EXE
D:\WINDOWS\system32\cmd.exe
D:\oracle\ora92\BIN\AGNTSVC.EXE
D:\Program Files\Oracle\jre\1.1.8\bin\jre.exe
d:\oracle\ora92\bin\ORACLE.EXE
D:\oracle\ora92\Apache\Apache\apache.exe
d:\oracle\ora92\bin\ORACLE.EXE
D:\WINDOWS\system32\svchost.exe
d:\oracle\ora92\bin\isqlplus
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\WINDOWS\system32\wscntfy.exe
D:\oracle\ora92\jdk\bin\java.exe
D:\oracle\ora92\jdk\bin\java.exe
D:\WINDOWS\system32\mmc.exe
D:\oracle\ora92\BIN\TNSLSNR.exe
D:\Program Files\Oracle\jre\1.1.8\bin\jrew.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\No-IP\DUC20.exe
D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://tchatpassion.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Look 'n' Stop] "D:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: No-IP DUC.lnk.disabled
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Choisir comme avatar pour Messenger - D:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer ) - https://parici.sopragroup.com/postauthI/epi.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FBB95C0-ECC3-4589-BF00-61C0AB6398A2}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - D:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - D:\Program Files\No-IP\DUC20.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92Agent - Oracle Corporation - D:\oracle\ora92\bin\agntsrvc.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - D:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: OracleOraHome92HTTPServer - Unknown owner - D:\oracle\ora92\Apache\Apache\apache.exe" --ntservice (file missing)
O23 - Service: OracleOraHome92PagingServer - Unknown owner - D:\oracle\ora92/bin/pagntsrv.exe
O23 - Service: OracleOraHome92SNMPPeerEncapsulator - Unknown owner - D:\oracle\ora92\BIN\ENCSVC.EXE
O23 - Service: OracleOraHome92SNMPPeerMasterAgent - Unknown owner - D:\oracle\ora92\BIN\AGNTSVC.EXE
O23 - Service: OracleOraHome92TNSListener - Unknown owner - D:\oracle\ora92\BIN\TNSLSNR.exe
O23 - Service: OracleServiceBDD - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: OracleServiceBFBD - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - D:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
0
Réponse 14 / 17
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re,

Je souhaiterai que tu fasses SPYBOT en regardant comme il faut la démo......

spybot version 1.4

(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
pas de rapport.

Ensuite tu refais un Hitjackthis pour supprimer d'autres lignes

A++
0
Réponse 15 / 17
fmasterp Messages postés 18 Statut Membre
 
Bonjour Marie
Comme demandé, voici le rapport Hitjack

Logfile of HijackThis v1.99.1
Scan saved at 11:49:32, on 17/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\No-IP\DUC20.exe
D:\oracle\ora92\bin\omtsreco.exe
D:\oracle\ora92\bin\agntsrvc.exe
D:\WINDOWS\system32\cmd.exe
D:\oracle\ora92\Apache\Apache\apache.exe
D:\oracle\ora92\bin\pagntsrv.exe
D:\oracle\ora92\bin\dbsnmp.exe
D:\oracle\ora92\BIN\ENCSVC.EXE
D:\WINDOWS\system32\cmd.exe
D:\oracle\ora92\BIN\AGNTSVC.EXE
D:\Program Files\Oracle\jre\1.1.8\bin\jre.exe
d:\oracle\ora92\bin\ORACLE.EXE
D:\oracle\ora92\Apache\Apache\apache.exe
d:\oracle\ora92\bin\ORACLE.EXE
D:\WINDOWS\system32\svchost.exe
d:\oracle\ora92\bin\isqlplus
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\WINDOWS\system32\wscntfy.exe
D:\oracle\ora92\jdk\bin\java.exe
D:\oracle\ora92\jdk\bin\java.exe
D:\WINDOWS\system32\mmc.exe
D:\oracle\ora92\BIN\TNSLSNR.exe
D:\Program Files\Oracle\jre\1.1.8\bin\jrew.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\No-IP\DUC20.exe
D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://tchatpassion.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar:
0
Réponse 16 / 17
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Ton log est incomplet remets en un à nouveau.
A+
0
fmasterp Messages postés 18 Statut Membre
 
Voici un nouveau log
Logfile of HijackThis v1.99.1
Scan saved at 00:31:15, on 19/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\No-IP\DUC20.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\oracle\ora92\bin\omtsreco.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Soft4Ever\looknstop\looknstop.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://tchatpassion.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Look 'n' Stop] "D:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: No-IP DUC.lnk.disabled
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://d:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Choisir comme avatar pour Messenger - D:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\betsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer ) - https://parici.sopragroup.com/postauthI/epi.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FBB95C0-ECC3-4589-BF00-61C0AB6398A2}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - D:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - D:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92Agent - Oracle Corporation - D:\oracle\ora92\bin\agntsrvc.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - D:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: OracleOraHome92HTTPServer - Unknown owner - D:\oracle\ora92\Apache\Apache\apache.exe" --ntservice (file missing)
O23 - Service: OracleOraHome92PagingServer - Unknown owner - D:\oracle\ora92/bin/pagntsrv.exe
O23 - Service: OracleOraHome92SNMPPeerEncapsulator - Unknown owner - D:\oracle\ora92\BIN\ENCSVC.EXE
O23 - Service: OracleOraHome92SNMPPeerMasterAgent - Unknown owner - D:\oracle\ora92\BIN\AGNTSVC.EXE
O23 - Service: OracleOraHome92TNSListener - Unknown owner - D:\oracle\ora92\BIN\TNSLSNR.exe
O23 - Service: OracleServiceBFBD - Oracle Corporation - d:\oracle\ora92\bin\ORACLE.EXE
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - D:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
----

Merci de la peine que vous vous donnez pour nous aidez
0
fmasterp Messages postés 18 Statut Membre
 
Voici un nouveau log
Logfile of HijackThis v1.99.1
Scan saved at 00:31:15, on 19/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\No-IP\DUC20.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\oracle\ora92\bin\omtsreco.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Soft4Ever\looknstop\looknstop.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Spybot - Search
0
Réponse 17 / 17
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut,

Smitfraudfix

1°/ - Télécharge le logiciel SmitfraudFix ((crée par S!Ri J)
http://siri.urz.free.fr/Fix/SmitfraudFix.zip et décompresse le.

- Ouvre le dossier "SmitfraudFix" qui sera apparu, double clic sur "Smitfraudfix.cmd", choisis l’option 1, un log va être généré…

Tutorial imagée à lire :
http://siri.urz.free.fr/Fix/SmitfraudFix.php

Copie-COLLE ce dernier dans un message sur le forum.

ENSUITE

2°/ - Démarre en mode sans échec :

Pour cela, tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape ‘Entrée’ sur ton clavier.

Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres, c’est normal !
(Si F8 ne marche pas utilise la touche F5).

3°/ - Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond OUI à tout ;
Sauvegarde le rapport, redémarre en mode normal,
Copie-COLLE le rapport sauvegardé sur le forum.

A++
0
fmasterp Messages postés 18 Statut Membre
 
Bonjour
Voici le rapport 1 de l'analyse SmitfraudFix

SmitFraudFix v2.62

Rapport fait à 9:44:09,18, 19/06/2006
Executé à partir de D:\Documents and Settings\PARRAIN\Bureau\SmitfraudFix(2)\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» D:\


»»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\PARRAIN\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» D:\DOCUME~1\PARRAIN\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» D:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin


je vais relancer le mode sans echec et vous renvoyer le rapport 2.
Marci
0
fmasterp Messages postés 18 Statut Membre
 
Bonjour
Voici le rapport 2 de l'analyse SmitfraudFix fait en mode sans echec

SmitFraudFix v2.62

Rapport fait à 9:56:28,62, 19/06/2006
Executé à partir de D:\Documents and Settings\PARRAIN\Bureau\SmitfraudFix(2)\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin



Marci
0

Discussions similaires

processus inactif du systeme
edsurf64 -
mick8 -

29 réponses
symboles et écritures pour nick msn
Pando -
roro -

20 réponses
Restauration système impossible activer protection du systeme C:
Kate1993 -
Bigfoot -

7 réponses