Aide rapport spybot
Résolu
Hedgedog
Messages postés
82
Statut
Membre
-
Hedgedog Messages postés 82 Statut Membre -
Hedgedog Messages postés 82 Statut Membre -
Bonjour,
j 'ai fait un scan car mon pc rame un peu ces temps ci et je sais pas trop si je dois tout virer...
j'ai obtenu ca:
--- Search result list ---
Hint of the Day: Click the bar at the right of this to see more information! ()
AllInOneTelcom.HotA: [SBI $33458B06] Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-2226494877-3711492840-1806808190-500\Software\gsoft
AllInOneTelcom.HotA: [SBI $A0B82035] Code storage database (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
AllInOneTelcom.HotA: [SBI $DD0008E1] Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
AllInOneTelcom.HotA: [SBI $8375B0A2] Interface (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Interface\{DA9A0B1D-9B7B-11D3-B8A4-00C04F79641C}
PartySluts: [SBI $706393CD] Interface (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Interface\{DA9A0B1F-9B7B-11D3-B8A4-00C04F79641C}
Sysweb Telecom: [SBI $C8CA5408] Module usage (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SysWebTelecomInt.dll
Sysweb Telecom: [SBI $F4199B47] DLL partagée (1 applications) (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\Downloaded Program Files\SysWebTelecomInt.dll
MyWay.MyBar: [SBI $F95E9009] Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{0494D0DE-F8E0-41ad-92A3-14154ECE70AC}
AllInOneTelcom.HotA: Class ID (NSUpdateLiteCtrl Class) (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
FastClick: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
AdRevolver: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
DoubleClick: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
HitBox: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
HitBox: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
Right Media: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
AdRevolver: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
BlueStreak: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
Tradedoubler: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
MediaPlex: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
MediaPlex: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---
2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-07-07 TeaTimer.exe (1.6.0.20)
2008-08-18 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-07-07 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2008-08-05 Includes\Adware.sbi (*)
2008-08-12 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-06-03 Includes\Dialer.sbi (*)
2008-08-05 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-07-30 Includes\Hijackers.sbi (*)
2008-08-12 Includes\HijackersC.sbi (*)
2008-08-05 Includes\Keyloggers.sbi (*)
2008-08-12 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-08-05 Includes\Malware.sbi (*)
2008-08-12 Includes\MalwareC.sbi (*)
2008-08-05 Includes\PUPS.sbi (*)
2008-08-12 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-08-12 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-08-12 Includes\Spyware.sbi (*)
2008-08-12 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2008-08-05 Includes\Trojans.sbi (*)
2008-08-12 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB930494)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Service Pack 3
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security update for Microsoft Data Access Components
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX / DX9 / SP1: Correctif pour DirectX 9 - KB839643
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Player: Correctif pour le Lecteur Windows Media [Voir KB837272 pour plus d'informations]
/ Windows Media Player / SP0: Correctif pour le Lecteur Windows Media [Voir wm828026 pour plus d'informations]
/ Windows Media Player: Windows Media Update 819639
/ Windows Media Player: Windows Media Update 819756
/ Windows Media Player: Windows Media Update 823738
/ Windows Media Player: Windows Media Update 828026
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
/ Internet Explorer 7 (KB950759)
/ WindowsWindows XP - KB873339
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB883939)
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB885884
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890047
/ Windows XP / SP3: Correctif Windows XP - KB890175
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB890923
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066)
/ Windows XP / SP3: Correctif Windows XP - KB893086
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896688)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB896727)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899588)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899589)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB903235)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB904942)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
.... etc ...
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953839)
--- Startup entries list ---
Located: HK_LM:Run, CamMonitor
command: c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
file: c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
size: 90112
MD5: C0DE87745C950F2966394837C3683AE5
Located: HK_LM:Run, CTDVDDet
command: C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
file: C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
size: 45056
MD5: 49530EA45EBD73E2C11C74DFEBC30D57
Located: HK_LM:Run, CTHelper
command: CTHELPER.EXE
file: C:\WINDOWS\SYSTEM32\CTHELPER.EXE
size: 28672
MD5: 04016641AA9EB73F601782B2D97E1243
Located: HK_LM:Run, CTSysVol
command: C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
file: C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
size: 49152
MD5: C88806E6C9AE0AD88D20E1BDA995355A
Located: HK_LM:Run, ehTray
command: C:\WINDOWS\ehome\ehtray.exe
file: C:\WINDOWS\ehome\ehtray.exe
size: 50176
MD5: CB60DA9A802452C984B9BC8D5EE5804A
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\System32\hkcmd.exe
file: C:\WINDOWS\System32\hkcmd.exe
size: 114688
MD5: 3A9978C5CAEC77771FF28EB7A3889639
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 926A397334FE426A6C7657096FE681DB
Located: HK_LM:Run, HPHmon05
command: C:\WINDOWS\System32\hphmon05.exe
file: C:\WINDOWS\System32\hphmon05.exe
size: 483328
MD5: C39FCB57279D2C4D3235D31E43BE4196
Located: HK_LM:Run, HPHUPD05
command: c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
file: c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
size: 49152
MD5: C3B064AA819C684CFEC909F16779F836
Located: HK_LM:Run, hpsysdrv
command: c:\windows\system\hpsysdrv.exe
file: c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4A95F15B706B8FD9EC8715B6401EAB7B
Located: HK_LM:Run, MessengerPlus3
command: "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
file: C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 190024
MD5: B787D9A60FEE9C3732C2E2D4571BB716
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
file: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 28672
MD5: 7EBFAE0A6D73D2D9C9A970A80935FD8F
Located: HK_LM:Run, NBKeyScan
command: "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
file: C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, nod32kui
command: "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
file: C:\Program Files\Eset\nod32kui.exe
size: 917504
MD5: 3F0785BCC78224A50F31FBE794B6337D
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
file: C:\WINDOWS\System32\NvCpl.dll
size: 4734976
MD5: BAF723D65AFD70248AA55C002E943153
Located: HK_LM:Run, nwiz
command: nwiz.exe /installquiet /keeploaded /nodetect
file: C:\WINDOWS\SYSTEM32\nwiz.exe
size: 323584
MD5: 2F0E9779CB5E609EF7272E990A84B040
Located: HK_LM:Run, PS2
command: C:\WINDOWS\system32\ps2.exe
file: C:\WINDOWS\system32\ps2.exe
size: 81920
MD5: C4C523E78774E05D06EFE3E10017CF6D
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 77824
MD5: 5D22B4258489575412F6D18AFFC847A2
Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 212992
MD5: D3CC7A3813123E955B3A497C04B404E2
Located: HK_LM:Run, StorageGuard
command: "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
file: C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
size: 155648
MD5: 4D04EFDCB8548FDB3B29AB9154480B7B
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
size: 144784
MD5: 836DC47E6CAD975304D1D3EB2F516A1C
Located: HK_LM:Run, Sunkist2k
command: C:\Program Files\Multimedia Card Reader\shwicon2k.exe
file: C:\Program Files\Multimedia Card Reader\shwicon2k.exe
size: 139264
MD5: 08FCE2E6B1EDADAB4ABB536426BFC58F
Located: HK_LM:Run, UpdReg
command: C:\WINDOWS\UpdReg.EXE
file: C:\WINDOWS\UpdReg.EXE
size: 90112
MD5: C419DF63E0121D72411285780C2FC6CC
Located: HK_LM:Run, WinampAgent
command: C:\Program Files\Winamp\winampa.exe
file: C:\Program Files\Winamp\winampa.exe
size: 35328
MD5: EA7B08147C0CB85EEB4E48DC3444208E
Located: HK_LM:Run, WOOTASKBARICON
command: C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
file: C:\PROGRA~1\Wanadoo\GestMaj.exe
size: 32768
MD5: 8D6F2C724CFC608872EDE3CC4A7B49B9
Located: HK_LM:Run, WOOWATCH
command: C:\PROGRA~1\Wanadoo\Watch.exe
file: C:\PROGRA~1\Wanadoo\Watch.exe
size: 20480
MD5: 9A29592CD135F6262C429152F7A8DD4A
Located: HK_CU:RunOnce, CMSRegOW.exe
where: .DEFAULT...
command: "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r
file: C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe
size: 57344
MD5: 736A6D5C68424871A2CC98D328034FC3
Located: HK_CU:RunOnce, SetDefaultMidi
where: .DEFAULT...
command: MIDIDEF.EXE
file: C:\WINDOWS\MIDIDEF.EXE
size: 49152
MD5: 21D25ED782720280391B5BBC2FBAFC8A
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\System32\CTFMON.EXE
file: C:\WINDOWS\System32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\System32\CTFMON.EXE
file: C:\WINDOWS\System32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, BackupNotify
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
file: c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
file: C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, BitTorrent DNA
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: "C:\Program Files\DNA\btdna.exe"
file: C:\Program Files\DNA\btdna.exe
size: 342336
MD5: 4766ADE5D06D78CD2D88D695B6CCCBDB
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, IncrediMail
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
file: C:\PROGRA~1\INCRED~1\bin\IncMail.exe
size: 176171
MD5: E9BED146DC8F7B6066934B12167AE977
Located: HK_CU:Run, MyKey
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\Documents and Settings\Administrateur\Application Data\MyKey\MyKey.exe
file: C:\Documents and Settings\Administrateur\Application Data\MyKey\MyKey.exe
size: 2080768
MD5: 3CE2A5A44E4891840AF198E647346FFE
Located: HK_CU:Run, NVIEW
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: rundll32.exe nview.dll,nViewLoadHook
file: C:\WINDOWS\SYSTEM32\nview.dll
size: 852038
MD5: 13D78AD07ECFD4134DE30A6EB5EAD062
Located: HK_CU:Run, Skype
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
file: C:\Program Files\Skype\Phone\Skype.exe
size: 25370152
MD5: 23E79AF5BACD142F5479477EE12517B3
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2156368
MD5: 08FC1FAD357F053043016597B6559BDC
Located: HK_CU:Run, WOOKIT
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
file: C:\PROGRA~1\Wanadoo\Shell.exe
size: 122880
MD5: 2BD5E1E68614DBC6B320597856ED6EA7
Located: HK_CU:RunOnce, CMSRegOW.exe
where: S-1-5-18...
command: "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r
file: C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe
size: 57344
MD5: 736A6D5C68424871A2CC98D328034FC3
Located: HK_CU:RunOnce, SetDefaultMidi
where: S-1-5-18...
command: MIDIDEF.EXE
file: C:\WINDOWS\MIDIDEF.EXE
size: 49152
MD5: 21D25ED782720280391B5BBC2FBAFC8A
Located: Démarrage (utilisateur), mod_sm.lnk
where: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage...
command: C:\hp\bin\cloaker.exe
file: C:\hp\bin\cloaker.exe
size: 27136
MD5: 6380625DD0480ED60960A149A087C848
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{243B17DE-77C7-46BF-B94B-0B5F309A0E64} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
description: Microsoft Money
classification: Open for discussion
known filename: mnyside.dll
info link: http://www.microsoft.com/money/default.asp
info source: TonyKlein
Path: c:\Program Files\Microsoft Money\System\
Long name: mnyside.dll
Short name:
Date (created): 17/07/2002 18:00:00
Date (last access): 18/08/2008 12:01:46
Date (last write): 17/07/2002 18:00:00
Filesize: 163906
Attributes: archive
MD5: 285985410852E9DE0520081D91034C28
CRC32: 19ED9E66
Version: 11.0.0.716
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 03/06/2008 16:51:46
Date (last access): 18/08/2008 12:01:46
Date (last write): 22/02/2008 04:25:20
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13
{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 20/09/2007 11:30:18
Date (last access): 18/08/2008 12:01:44
Date (last write): 20/09/2007 11:30:18
Filesize: 328752
Attributes: archive
MD5: 59CF5BF6684AFCF906CADAD39B4214DE
CRC32: C363813C
Version: 4.200.520.1
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
description: Microsoft Money
classification: Open for discussion
known filename: mnyviewer.dll
info link: http://www.microsoft.com/money/default.asp
info source: TonyKlein
--- ActiveX list ---
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object)
DPF name:
CLSID name: QuickTime Object
Installer: C:\WINDOWS\Downloaded Program Files\QTPlugin.inf
Codebase: http://www.apple.com/qtactivex/qtplugin.cab
description: Apple Quicktime
classification: Legitimate
known filename: QTPLUGIN.OCX
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\QuickTime\
Long name: QTPlugin.ocx
Short name:
Date (created): 02/03/2004 18:20:34
Date (last access): 18/08/2008 12:01:50
Date (last write): 02/03/2004 18:20:34
Filesize: 327736
Attributes: archive
MD5: CE3D865CCF4267C85934D9B7CA8521F2
CRC32: F9306ACA
Version: 6.4.0.29
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Unknown
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 10/07/2008 16:33:04
Date (last access): 16/08/2008 15:48:32
Date (last write): 17/06/2008 16:23:02
Filesize: 202168
Attributes: archive
MD5: 25F0A729215D2CAF61F0BF5092D07CF9
CRC32: 93C62F10
Version: 11.0.0.458
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 12/07/2005 19:04:22
Date (last access): 18/08/2008 11:41:18
Date (last write): 20/03/2008 18:06:36
Filesize: 1480232
Attributes: archive
MD5: E058C4821D48E0A67F6069CB50818D44
CRC32: 3513AE02
Version: 1.7.69.2
{31435657-9980-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf
Codebase: http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object)
DPF name:
CLSID name: DivXBrowserPlugin Object
Installer: C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf
Codebase: http://download.divx.com/player/DivXBrowserPlugin.cab
Path: C:\Program Files\DivX\DivX Web Player\
Long name: npdivx32.dll
Short name:
Date (created): 26/07/2007 04:50:16
Date (last access): 17/08/2008 20:54:12
Date (last write): 26/07/2007 04:50:16
Filesize: 717312
Attributes: archive
MD5: A13D7CD76E026BA041E9EBA4EEF1EBA0
CRC32: 5932665D
Version: 1.3.1.10
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 22/02/2008 02:33:32
Date (last access): 14/08/2008 17:45:46
Date (last write): 22/02/2008 04:25:20
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
{B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class)
DPF name:
CLSID name: AdSignerLCContrl Class
Installer: C:\WINDOWS\Downloaded Program Files\AdSignerADP.inf
Codebase: https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: AdSignerADP.dll
Short name: ADSIGN~1.DLL
Date (created): 27/03/2007 16:19:32
Date (last access): 15/08/2008 09:58:40
Date (last write): 27/03/2007 16:19:32
Filesize: 408912
Attributes: archive
MD5: 358DF60EB3027F0D3EEF54274BBC37EF
CRC32: 617DBC89
Version: 1.3.5.0
{B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager)
DPF name:
CLSID name: FnacmusicDnl.DnlManager
Installer: C:\WINDOWS\Downloaded Program Files\FnacmusicDnl.INF
Codebase: http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
Path: C:\WINDOWS\Downloaded Program Files\
Long name: FNACMUSICDNL.OCX
Short name: FNACMU~1.OCX
Date (created): 29/03/2007 10:26:46
Date (last access): 14/08/2008 17:45:48
Date (last write): 29/03/2007 10:26:46
Filesize: 12288
Attributes: archive
MD5: C29F3539F2A99D915518ACFA56DC13BD
CRC32: 027F55AE
Version: 1.8.0.6
{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02)
DPF name: Environnement d'exécution Java 1.4.1_02
CLSID name: Java Plug-in 1.4.1_02
Installer:
Codebase: https://www.oracle.com/java/technologies/
Path: C:\Program Files\Java\j2re1.4.1_02\bin\
Long name: NPJPI141_02.dll
Short name: NPJPI1~1.DLL
Date (created): 21/08/2003 04:03:20
Date (last access): 14/08/2008 17:45:48
Date (last write): 20/02/2003 23:42:34
Filesize: 61553
Attributes: archive
MD5: E4EFF4ADF1367AA79815A9061E64C0D9
CRC32: A0446F8E
Version: 1.4.1.20
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_04
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_04\bin\
Long name: npjpi160_04.dll
Short name: NPJPI1~1.DLL
Date (created): 14/12/2007 01:59:16
Date (last access): 14/08/2008 17:45:50
Date (last write): 14/12/2007 03:42:38
Filesize: 132496
Attributes: archive
MD5: 58A1C3B13CC79E76F66CA6F8FED3B36A
CRC32: A4EACB48
Version: 6.0.40.12
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 22/02/2008 02:33:32
Date (last access): 18/08/2008 12:03:20
Date (last write): 22/02/2008 04:25:20
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 22/02/2008 02:33:32
Date (last access): 18/08/2008 12:03:20
Date (last write): 22/02/2008 04:25:20
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9e.ocx
Short name:
Date (created): 21/11/2007 02:04:14
Date (last access): 18/08/2008 12:01:54
Date (last write): 21/11/2007 02:04:14
Filesize: 2987392
Attributes: archive
MD5: D3C50535C26190FEAD7785A03499C0AC
CRC32: A77C3E92
Version: 9.0.115.0
{D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object)
DPF name:
CLSID name: CFnacComposantCtrl Object
Installer:
Codebase: http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: FnacComposant.dll
Short name: FNACCO~1.DLL
Date (created): 06/09/2004 11:21:18
Date (last access): 14/08/2008 17:45:50
Date (last write): 06/09/2004 11:21:18
Filesize: 110592
Attributes: archive
MD5: 7F27F99CDF12A1F530ACCCDCEA94DCBB
CRC32: 464DC440
Version: 1.0.0.4
{D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class)
DPF name:
CLSID name: Virtools WebPlayer Class
Installer:
Codebase: http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
Path: C:\Program Files\Virtools\3D Life Player\
Long name: WebPlayer.ocx
Short name: WEBPLA~1.OCX
Date (created): 16/06/2008 15:06:54
Date (last access): 14/08/2008 17:45:50
Date (last write): 16/06/2008 15:06:54
Filesize: 304440
Attributes: archive
MD5: 6487F08E12AA59D76B0106EC5A2775EA
CRC32: E22BC725
Version: 4.0.0.96
{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C} (NSUpdateLiteCtrl Class)
DPF name:
CLSID name: NSUpdateLiteCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\NSupd9x.inf
Codebase: http://204.177.92.201/quickdl/proclaim/NSupd9x.cab
description: All-In-One Telcom
classification: Confirmed as malware
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\System32\
Long name: nsupdate.dll
{EF99BD32-C1FB-11D2-892F-0090271D4F88} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\ycomp5_1_6_0.inf
Codebase: http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
description: Yahoo toolbar
classification: Unknown
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: Patrick M. Kolla
--- Process list ---
PID: 0 ( 0) [System]
PID: 588 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 652 ( 588) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 676 ( 588) \??\C:\WINDOWS\SYSTEM32\winlogon.exe
size: 506368
PID: 720 ( 676) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 732 ( 676) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 908 ( 720) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 996 ( 720) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1104 ( 720) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1220 ( 720) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1284 ( 720) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1484 ( 720) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1784 (1712) C:\WINDOWS\Explorer.EXE
size: 1037312
MD5: D0288319660EDCFED07C7E74C4EA38A5
PID: 1804 ( 720) C:\WINDOWS\System32\drivers\CDAC11BA.EXE
size: 39936
MD5: 3DE014DFC14E8530F3A85572E2763446
PID: 1844 ( 720) C:\WINDOWS\System32\CTSvcCDA.EXE
size: 44032
MD5: 3C8B6609712F4FF78E521F6DCFC4032B
PID: 1872 ( 720) C:\WINDOWS\ehome\ehSched.exe
size: 85504
MD5: 07A6840B51B310A2E40A02A0F46B3D0B
PID: 1944 ( 720) C:\WINDOWS\System32\FTRTSVC.exe
size: 40960
MD5: D1261099E03EEE90976EA19002995B89
PID: 2000 ( 720) C:\Program Files\Eset\nod32krn.exe
size: 495616
MD5: 9B18F31C059C5F061D6C628E0A771EC1
PID: 2032 ( 720) C:\WINDOWS\System32\nvsvc32.exe
size: 73728
MD5: 8E510E18E944A4EF7E1666CF47FCC24D
PID: 300 ( 720) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
size: 100032
MD5: 7768CE75C5CBF0D8F441CE2BBD806B7F
PID: 524 ( 720) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 656 ( 720) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: AB0A7CA90D9E3D6A193905DC1715DED0
PID: 952 ( 720) C:\WINDOWS\System32\MsPMSPSv.exe
size: 53520
MD5: 581176F60885AEF8F78C6E38DCC3CDF9
PID: 2028 ( 720) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 1960 (1784) C:\WINDOWS\ehome\ehtray.exe
size: 50176
MD5: CB60DA9A802452C984B9BC8D5EE5804A
PID: 736 ( 908) C:\WINDOWS\ehome\ehmsas.exe
size: 47104
MD5: 7E93B4B2DD30003AEBE0E8ED202DC963
PID: 2052 (1784) C:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7
PID: 2060 (1784) C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
size: 90112
MD5: C0DE87745C950F2966394837C3683AE5
PID: 2088 (1784) C:\WINDOWS\System32\hphmon05.exe
size: 483328
MD5: C39FCB57279D2C4D3235D31E43BE4196
PID: 2112 (1784) C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4A95F15B706B8FD9EC8715B6401EAB7B
PID: 2376 (1784) C:\WINDOWS\system32\CTHELPER.EXE
size: 28672
MD5: 04016641AA9EB73F601782B2D97E1243
PID: 2400 (1784) C:\Program Files\Multimedia Card Reader\shwicon2k.exe
size: 139264
MD5: 08FCE2E6B1EDADAB4ABB536426BFC58F
PID: 2408 (1784) C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
size: 49152
MD5: C88806E6C9AE0AD88D20E1BDA995355A
PID: 2416 (1784) C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
size: 45056
MD5: 49530EA45EBD73E2C11C74DFEBC30D57
PID: 2436 (1784) C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 28672
MD5: 7EBFAE0A6D73D2D9C9A970A80935FD8F
PID: 2444 (1784) C:\Program Files\QuickTime\qttask.exe
size: 77824
MD5: 5D22B4258489575412F6D18AFFC847A2
PID: 2456 (1784) C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 926A397334FE426A6C7657096FE681DB
PID: 2488 (1784) C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 190024
MD5: B787D9A60FEE9C3732C2E2D4571BB716
PID: 2500 (1784) C:\Program Files\Winamp\winampa.exe
size: 35328
MD5: EA7B08147C0CB85EEB4E48DC3444208E
PID: 2536 (1784) C:\Program Files\Eset\nod32kui.exe
size: 917504
MD5: 3F0785BCC78224A50F31FBE794B6337D
PID: 2664 (1784) C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
size: 144784
MD5: 836DC47E6CAD975304D1D3EB2F516A1C
PID: 2704 (2612) C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
size: 61440
MD5: F9710A77123CC3FD09D062F2AF33E473
PID: 2744 (1784) C:\Documents and Settings\Administrateur\Application Data\MyKey\MyKey.exe
size: 2080768
MD5: 3CE2A5A44E4891840AF198E647346FFE
PID: 2776 (1784) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 2808 (1784) C:\Program Files\Skype\Phone\Skype.exe
size: 25370152
MD5: 23E79AF5BACD142F5479477EE12517B3
PID: 2828 (2724) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: CDD7140C0EAA754C527B983CCC9993CD
PID: 2944 (1784) C:\Program Files\DNA\btdna.exe
size: 342336
MD5: 4766ADE5D06D78CD2D88D695B6CCCBDB
PID: 3100 ( 908) C:\PROGRA~1\INCRED~1\bin\IMApp.exe
size: 131113
MD5: 384CFD942C143C5B0BED8062108372A0
PID: 3272 (3176) C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
size: 819200
MD5: 5D17C66B5620142A06B7391BE20C0476
PID: 3404 (3272) C:\PROGRA~1\Wanadoo\ComComp.exe
size: 249856
MD5: 5D589D0436C4C2D285B3418E79E78A21
PID: 3508 (3272) C:\PROGRA~1\Wanadoo\Toaster.exe
size: 69632
MD5: C2D1BD2B433571ECEC29924ACE5D7C62
PID: 3524 (3272) C:\PROGRA~1\Wanadoo\Inactivity.exe
size: 32768
MD5: 5F6DBF75D05462EED92B42376E89D9FE
PID: 3556 (3272) C:\PROGRA~1\Wanadoo\PollingModule.exe
size: 69632
MD5: EDF02F58940FD56C12357D150F5397C0
PID: 3796 ( 908) C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
size: 45056
MD5: 68E404DB5525373FE0554ED2607F0C82
PID: 2180 (3404) C:\PROGRA~1\Wanadoo\Watch.exe
size: 20480
MD5: 9A29592CD135F6262C429152F7A8DD4A
PID: 2732 (2808) C:\Program Files\Skype\Plugin Manager\SkypePM.exe
size: 1862088
MD5: 824396A8F11C2038D8CE8A158FA2FDFF
PID: 1048 (3768) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 516 (3768) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2156368
MD5: 08FC1FAD357F053043016597B6559BDC
PID: 292 (1048) C:\WINDOWS\hh.exe
size: 10752
MD5: AAE7C1FFADA35914272FBFA581C34B34
PID: 700 (1048) C:\WINDOWS\hh.exe
size: 10752
MD5: AAE7C1FFADA35914272FBFA581C34B34
PID: 1736 (1048) C:\WINDOWS\hh.exe
size: 10752
MD5: AAE7C1FFADA35914272FBFA581C34B34
PID: 2736 (1784) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 64E376A47763DAEABCDA14BD5B6EA286
PID: 3984 ( 908) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
size: 118336
MD5: 7FA0AA2F3DABA5BEB2C4AC1EEC054EFA
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 18/08/2008 12:03:20
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://srch-fr9.hpwis.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.google.fr
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://srch-fr9.hpwis.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://srch-fr9.hpwis.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr/?ocid=iehp
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: NOD32 protected [MSAFD Tcpip [TCP/IP]]
GUID: {4BD34F75-8D9A-4705-B315-D54CDF508F9E}
Filename: imon.dll
Protocol 1: NOD32 protected [MSAFD Tcpip [UDP/IP]]
GUID: {44C3F42F-400A-41AB-88AE-0C1E7FC24AE7}
Filename: imon.dll
Protocol 2: NOD32 protected [MSAFD Tcpip [RAW/IP]]
GUID: {80A874EF-131D-425D-902D-F15D426E9EF1}
Filename: imon.dll
Protocol 3: NOD32 protected [RSVP UDP Service Provider]
GUID: {0931E4B8-BF5F-4AD5-B33C-1535E5FF9250}
Filename: imon.dll
Protocol 4: NOD32 protected [RSVP TCP Service Provider]
GUID: {1BFBC7C6-8AB2-44E8-A37A-835477508571}
Filename: imon.dll
Protocol 10: NOD32
GUID: {28A4D8DA-E908-4C6F-A926-A66CC7AD3224}
Filename: imon.dll
--- Uninstall list ---
(ABBYY FineReader 5.0 Sprint)
(AddressBook)
Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: C:\Program Files\Adobe\Acrobat 5.0
uninstall cmd: C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link: https://acrobat.adobe.com/us/en/acrobat.html
Adobe Acrobat Reader 3.01 (Adobe Acrobat Reader 3.01)
uninstall cmd: C:\WINDOWS\unin040c.exe -fC:\Acrobat3\Reader\DeIsL1.isu
Adobe Flash Player ActiveX 9.0.115.0 (Adobe Flash Player ActiveX)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: https://helpx.adobe.com/flash-player.html
Adobe Shockwave Player 11 (Adobe Shockwave Player)
version (major): 11
install location: C:\WINDOWS\system32\Adobe\
uninstall cmd: C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
publisher: Adobe Systems, Inc.
help link: https://helpx.adobe.com/shockwave.html
Archos MPG4 Translator V3.0.12 (Archos MPG4 Translator V3.0.12)
uninstall cmd: C:\Program Files\Archos MP4SP\Uninstal.exe
ArtMoney SE v7.05 (ArtMoney)
install location: C:\Program Files\ArtMoney\
uninstall cmd: C:\Program Files\ArtMoney\uninstall.bat
(Audio Stream Recorder2)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF5F498-7FB5-11D6-9963-00A0C92C4EC3}\setup.exe" -l0x40c /remove
(AudioHQ)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x40c /remove
(Automap 9.0)
(Connection Manager)
CoolDecode 2.0 (CoolDecode 2.0)
uninstall cmd: C:\Program Files\QuinqSoft\CoolDecode\Uninstall.exe
Creative Driver (Creative Driver)
uninstall cmd: C:\WINDOWS\system32\ctdrvins /s /u
(Creative MediaSource)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c /remove
(Creative MediaSource Detector)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c /remove
(Creative MediaSource Go!)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c /remove
(Creative Restore Defaults)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x40c /remove
(Diagnostics_Audigy2)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x40c /remove
(DirectAnimation)
(DirectDrawEx)
DVD Ripper 4 4.0.51.0606 (DVD Ripper 4)
uninstall cmd: C:\Program Files\Xilisoft\DVD Ripper 4\Uninstall.exe
publisher: Xilisoft
help link: http://www.xilisoft.com
(DXM_Runtime)
(EAX)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
Contrôle multimédia Microsoft Exchange (EmClient)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSectionEx C:\WINDOWS\Downloaded Program Files\EmClient.inf,Uninstall
publisher: Microsoft Corporation
help link: https://www.microsoft.com/fr-fr/microsoft-365/exchange/email?rtc=1
(Fontcore)
Navigateur Orange (FranceTelecomUninstall_FTBrowser)
install location: C:\PROGRA~1\Wanadoo\WOOBrowser
uninstall cmd: C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl
Gestionnaire Internet (GestionnaireInternet.exe)
uninstall cmd: C:\PROGRA~1\Wanadoo\uninstall.exe
GrabIt 1.7.1 Beta (build 960) (GrabIt_is1)
install date: 20070610
install location: C:\Program Files\GrabIt\
uninstall cmd: "C:\Program Files\GrabIt\unins000.exe"
publisher: Ilan Shemes
help link: http://support.shemes.com/
HP Imaging Device Functions 7.0 7.0 (HP Imaging Device Functions)
uninstall cmd: C:\Program Files\Hewlett-Packard\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true
HP Photo & Imaging 3.0 3.0 (HP Photo & Imaging)
uninstall cmd: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true
HP Solution Center 7.0 7.0 (HP Solution Center & Imaging Support Tools)
uninstall cmd: C:\Program Files\Hewlett-Packard\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true
HP Extended Capabilities 5.3 5.3 (HPExtendedCapabilities)
uninstall cmd: C:\Program Files\Hewlett-Packard\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true
OCR Software by I.R.I.S 7.0 7.0 (HPOCR)
uninstall cmd: C:\Program Files\Hewlett-Packard\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
publisher: HP
help link:
j 'ai fait un scan car mon pc rame un peu ces temps ci et je sais pas trop si je dois tout virer...
j'ai obtenu ca:
--- Search result list ---
Hint of the Day: Click the bar at the right of this to see more information! ()
AllInOneTelcom.HotA: [SBI $33458B06] Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-2226494877-3711492840-1806808190-500\Software\gsoft
AllInOneTelcom.HotA: [SBI $A0B82035] Code storage database (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
AllInOneTelcom.HotA: [SBI $DD0008E1] Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
AllInOneTelcom.HotA: [SBI $8375B0A2] Interface (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Interface\{DA9A0B1D-9B7B-11D3-B8A4-00C04F79641C}
PartySluts: [SBI $706393CD] Interface (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Interface\{DA9A0B1F-9B7B-11D3-B8A4-00C04F79641C}
Sysweb Telecom: [SBI $C8CA5408] Module usage (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SysWebTelecomInt.dll
Sysweb Telecom: [SBI $F4199B47] DLL partagée (1 applications) (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\Downloaded Program Files\SysWebTelecomInt.dll
MyWay.MyBar: [SBI $F95E9009] Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{0494D0DE-F8E0-41ad-92A3-14154ECE70AC}
AllInOneTelcom.HotA: Class ID (NSUpdateLiteCtrl Class) (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C}
FastClick: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
AdRevolver: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
DoubleClick: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
HitBox: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
HitBox: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
Right Media: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
AdRevolver: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
BlueStreak: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
Tradedoubler: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
MediaPlex: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
MediaPlex: Cookie traceur (Internet Explorer: Administrateur) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---
2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-07-07 TeaTimer.exe (1.6.0.20)
2008-08-18 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-07-07 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2008-08-05 Includes\Adware.sbi (*)
2008-08-12 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-06-03 Includes\Dialer.sbi (*)
2008-08-05 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-07-30 Includes\Hijackers.sbi (*)
2008-08-12 Includes\HijackersC.sbi (*)
2008-08-05 Includes\Keyloggers.sbi (*)
2008-08-12 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-08-05 Includes\Malware.sbi (*)
2008-08-12 Includes\MalwareC.sbi (*)
2008-08-05 Includes\PUPS.sbi (*)
2008-08-12 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-08-12 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-08-12 Includes\Spyware.sbi (*)
2008-08-12 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2008-08-05 Includes\Trojans.sbi (*)
2008-08-12 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB930494)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Service Pack 3
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security update for Microsoft Data Access Components
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX / DX9 / SP1: Correctif pour DirectX 9 - KB839643
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Player: Correctif pour le Lecteur Windows Media [Voir KB837272 pour plus d'informations]
/ Windows Media Player / SP0: Correctif pour le Lecteur Windows Media [Voir wm828026 pour plus d'informations]
/ Windows Media Player: Windows Media Update 819639
/ Windows Media Player: Windows Media Update 819756
/ Windows Media Player: Windows Media Update 823738
/ Windows Media Player: Windows Media Update 828026
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
/ Internet Explorer 7 (KB950759)
/ WindowsWindows XP - KB873339
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB883939)
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB885884
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890047
/ Windows XP / SP3: Correctif Windows XP - KB890175
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB890923
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066)
/ Windows XP / SP3: Correctif Windows XP - KB893086
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896688)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB896727)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899588)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899589)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB903235)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB904942)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
.... etc ...
/ Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953839)
--- Startup entries list ---
Located: HK_LM:Run, CamMonitor
command: c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
file: c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
size: 90112
MD5: C0DE87745C950F2966394837C3683AE5
Located: HK_LM:Run, CTDVDDet
command: C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
file: C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
size: 45056
MD5: 49530EA45EBD73E2C11C74DFEBC30D57
Located: HK_LM:Run, CTHelper
command: CTHELPER.EXE
file: C:\WINDOWS\SYSTEM32\CTHELPER.EXE
size: 28672
MD5: 04016641AA9EB73F601782B2D97E1243
Located: HK_LM:Run, CTSysVol
command: C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
file: C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
size: 49152
MD5: C88806E6C9AE0AD88D20E1BDA995355A
Located: HK_LM:Run, ehTray
command: C:\WINDOWS\ehome\ehtray.exe
file: C:\WINDOWS\ehome\ehtray.exe
size: 50176
MD5: CB60DA9A802452C984B9BC8D5EE5804A
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\System32\hkcmd.exe
file: C:\WINDOWS\System32\hkcmd.exe
size: 114688
MD5: 3A9978C5CAEC77771FF28EB7A3889639
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 926A397334FE426A6C7657096FE681DB
Located: HK_LM:Run, HPHmon05
command: C:\WINDOWS\System32\hphmon05.exe
file: C:\WINDOWS\System32\hphmon05.exe
size: 483328
MD5: C39FCB57279D2C4D3235D31E43BE4196
Located: HK_LM:Run, HPHUPD05
command: c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
file: c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
size: 49152
MD5: C3B064AA819C684CFEC909F16779F836
Located: HK_LM:Run, hpsysdrv
command: c:\windows\system\hpsysdrv.exe
file: c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4A95F15B706B8FD9EC8715B6401EAB7B
Located: HK_LM:Run, MessengerPlus3
command: "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
file: C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 190024
MD5: B787D9A60FEE9C3732C2E2D4571BB716
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
file: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 28672
MD5: 7EBFAE0A6D73D2D9C9A970A80935FD8F
Located: HK_LM:Run, NBKeyScan
command: "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
file: C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, nod32kui
command: "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
file: C:\Program Files\Eset\nod32kui.exe
size: 917504
MD5: 3F0785BCC78224A50F31FBE794B6337D
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
file: C:\WINDOWS\System32\NvCpl.dll
size: 4734976
MD5: BAF723D65AFD70248AA55C002E943153
Located: HK_LM:Run, nwiz
command: nwiz.exe /installquiet /keeploaded /nodetect
file: C:\WINDOWS\SYSTEM32\nwiz.exe
size: 323584
MD5: 2F0E9779CB5E609EF7272E990A84B040
Located: HK_LM:Run, PS2
command: C:\WINDOWS\system32\ps2.exe
file: C:\WINDOWS\system32\ps2.exe
size: 81920
MD5: C4C523E78774E05D06EFE3E10017CF6D
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 77824
MD5: 5D22B4258489575412F6D18AFFC847A2
Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 212992
MD5: D3CC7A3813123E955B3A497C04B404E2
Located: HK_LM:Run, StorageGuard
command: "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
file: C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
size: 155648
MD5: 4D04EFDCB8548FDB3B29AB9154480B7B
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
size: 144784
MD5: 836DC47E6CAD975304D1D3EB2F516A1C
Located: HK_LM:Run, Sunkist2k
command: C:\Program Files\Multimedia Card Reader\shwicon2k.exe
file: C:\Program Files\Multimedia Card Reader\shwicon2k.exe
size: 139264
MD5: 08FCE2E6B1EDADAB4ABB536426BFC58F
Located: HK_LM:Run, UpdReg
command: C:\WINDOWS\UpdReg.EXE
file: C:\WINDOWS\UpdReg.EXE
size: 90112
MD5: C419DF63E0121D72411285780C2FC6CC
Located: HK_LM:Run, WinampAgent
command: C:\Program Files\Winamp\winampa.exe
file: C:\Program Files\Winamp\winampa.exe
size: 35328
MD5: EA7B08147C0CB85EEB4E48DC3444208E
Located: HK_LM:Run, WOOTASKBARICON
command: C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
file: C:\PROGRA~1\Wanadoo\GestMaj.exe
size: 32768
MD5: 8D6F2C724CFC608872EDE3CC4A7B49B9
Located: HK_LM:Run, WOOWATCH
command: C:\PROGRA~1\Wanadoo\Watch.exe
file: C:\PROGRA~1\Wanadoo\Watch.exe
size: 20480
MD5: 9A29592CD135F6262C429152F7A8DD4A
Located: HK_CU:RunOnce, CMSRegOW.exe
where: .DEFAULT...
command: "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r
file: C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe
size: 57344
MD5: 736A6D5C68424871A2CC98D328034FC3
Located: HK_CU:RunOnce, SetDefaultMidi
where: .DEFAULT...
command: MIDIDEF.EXE
file: C:\WINDOWS\MIDIDEF.EXE
size: 49152
MD5: 21D25ED782720280391B5BBC2FBAFC8A
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\System32\CTFMON.EXE
file: C:\WINDOWS\System32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\System32\CTFMON.EXE
file: C:\WINDOWS\System32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, BackupNotify
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
file: c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
file: C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, BitTorrent DNA
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: "C:\Program Files\DNA\btdna.exe"
file: C:\Program Files\DNA\btdna.exe
size: 342336
MD5: 4766ADE5D06D78CD2D88D695B6CCCBDB
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
Located: HK_CU:Run, IncrediMail
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
file: C:\PROGRA~1\INCRED~1\bin\IncMail.exe
size: 176171
MD5: E9BED146DC8F7B6066934B12167AE977
Located: HK_CU:Run, MyKey
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\Documents and Settings\Administrateur\Application Data\MyKey\MyKey.exe
file: C:\Documents and Settings\Administrateur\Application Data\MyKey\MyKey.exe
size: 2080768
MD5: 3CE2A5A44E4891840AF198E647346FFE
Located: HK_CU:Run, NVIEW
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: rundll32.exe nview.dll,nViewLoadHook
file: C:\WINDOWS\SYSTEM32\nview.dll
size: 852038
MD5: 13D78AD07ECFD4134DE30A6EB5EAD062
Located: HK_CU:Run, Skype
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
file: C:\Program Files\Skype\Phone\Skype.exe
size: 25370152
MD5: 23E79AF5BACD142F5479477EE12517B3
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2156368
MD5: 08FC1FAD357F053043016597B6559BDC
Located: HK_CU:Run, WOOKIT
where: S-1-5-21-2226494877-3711492840-1806808190-500...
command: C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
file: C:\PROGRA~1\Wanadoo\Shell.exe
size: 122880
MD5: 2BD5E1E68614DBC6B320597856ED6EA7
Located: HK_CU:RunOnce, CMSRegOW.exe
where: S-1-5-18...
command: "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r
file: C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe
size: 57344
MD5: 736A6D5C68424871A2CC98D328034FC3
Located: HK_CU:RunOnce, SetDefaultMidi
where: S-1-5-18...
command: MIDIDEF.EXE
file: C:\WINDOWS\MIDIDEF.EXE
size: 49152
MD5: 21D25ED782720280391B5BBC2FBAFC8A
Located: Démarrage (utilisateur), mod_sm.lnk
where: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage...
command: C:\hp\bin\cloaker.exe
file: C:\hp\bin\cloaker.exe
size: 27136
MD5: 6380625DD0480ED60960A149A087C848
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{243B17DE-77C7-46BF-B94B-0B5F309A0E64} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
description: Microsoft Money
classification: Open for discussion
known filename: mnyside.dll
info link: http://www.microsoft.com/money/default.asp
info source: TonyKlein
Path: c:\Program Files\Microsoft Money\System\
Long name: mnyside.dll
Short name:
Date (created): 17/07/2002 18:00:00
Date (last access): 18/08/2008 12:01:46
Date (last write): 17/07/2002 18:00:00
Filesize: 163906
Attributes: archive
MD5: 285985410852E9DE0520081D91034C28
CRC32: 19ED9E66
Version: 11.0.0.716
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 03/06/2008 16:51:46
Date (last access): 18/08/2008 12:01:46
Date (last write): 22/02/2008 04:25:20
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13
{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 20/09/2007 11:30:18
Date (last access): 18/08/2008 12:01:44
Date (last write): 20/09/2007 11:30:18
Filesize: 328752
Attributes: archive
MD5: 59CF5BF6684AFCF906CADAD39B4214DE
CRC32: C363813C
Version: 4.200.520.1
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
description: Microsoft Money
classification: Open for discussion
known filename: mnyviewer.dll
info link: http://www.microsoft.com/money/default.asp
info source: TonyKlein
--- ActiveX list ---
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object)
DPF name:
CLSID name: QuickTime Object
Installer: C:\WINDOWS\Downloaded Program Files\QTPlugin.inf
Codebase: http://www.apple.com/qtactivex/qtplugin.cab
description: Apple Quicktime
classification: Legitimate
known filename: QTPLUGIN.OCX
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\QuickTime\
Long name: QTPlugin.ocx
Short name:
Date (created): 02/03/2004 18:20:34
Date (last access): 18/08/2008 12:01:50
Date (last write): 02/03/2004 18:20:34
Filesize: 327736
Attributes: archive
MD5: CE3D865CCF4267C85934D9B7CA8521F2
CRC32: F9306ACA
Version: 6.4.0.29
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Unknown
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 10/07/2008 16:33:04
Date (last access): 16/08/2008 15:48:32
Date (last write): 17/06/2008 16:23:02
Filesize: 202168
Attributes: archive
MD5: 25F0A729215D2CAF61F0BF5092D07CF9
CRC32: 93C62F10
Version: 11.0.0.458
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 12/07/2005 19:04:22
Date (last access): 18/08/2008 11:41:18
Date (last write): 20/03/2008 18:06:36
Filesize: 1480232
Attributes: archive
MD5: E058C4821D48E0A67F6069CB50818D44
CRC32: 3513AE02
Version: 1.7.69.2
{31435657-9980-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf
Codebase: http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object)
DPF name:
CLSID name: DivXBrowserPlugin Object
Installer: C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf
Codebase: http://download.divx.com/player/DivXBrowserPlugin.cab
Path: C:\Program Files\DivX\DivX Web Player\
Long name: npdivx32.dll
Short name:
Date (created): 26/07/2007 04:50:16
Date (last access): 17/08/2008 20:54:12
Date (last write): 26/07/2007 04:50:16
Filesize: 717312
Attributes: archive
MD5: A13D7CD76E026BA041E9EBA4EEF1EBA0
CRC32: 5932665D
Version: 1.3.1.10
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 22/02/2008 02:33:32
Date (last access): 14/08/2008 17:45:46
Date (last write): 22/02/2008 04:25:20
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
{B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class)
DPF name:
CLSID name: AdSignerLCContrl Class
Installer: C:\WINDOWS\Downloaded Program Files\AdSignerADP.inf
Codebase: https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: AdSignerADP.dll
Short name: ADSIGN~1.DLL
Date (created): 27/03/2007 16:19:32
Date (last access): 15/08/2008 09:58:40
Date (last write): 27/03/2007 16:19:32
Filesize: 408912
Attributes: archive
MD5: 358DF60EB3027F0D3EEF54274BBC37EF
CRC32: 617DBC89
Version: 1.3.5.0
{B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager)
DPF name:
CLSID name: FnacmusicDnl.DnlManager
Installer: C:\WINDOWS\Downloaded Program Files\FnacmusicDnl.INF
Codebase: http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
Path: C:\WINDOWS\Downloaded Program Files\
Long name: FNACMUSICDNL.OCX
Short name: FNACMU~1.OCX
Date (created): 29/03/2007 10:26:46
Date (last access): 14/08/2008 17:45:48
Date (last write): 29/03/2007 10:26:46
Filesize: 12288
Attributes: archive
MD5: C29F3539F2A99D915518ACFA56DC13BD
CRC32: 027F55AE
Version: 1.8.0.6
{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02)
DPF name: Environnement d'exécution Java 1.4.1_02
CLSID name: Java Plug-in 1.4.1_02
Installer:
Codebase: https://www.oracle.com/java/technologies/
Path: C:\Program Files\Java\j2re1.4.1_02\bin\
Long name: NPJPI141_02.dll
Short name: NPJPI1~1.DLL
Date (created): 21/08/2003 04:03:20
Date (last access): 14/08/2008 17:45:48
Date (last write): 20/02/2003 23:42:34
Filesize: 61553
Attributes: archive
MD5: E4EFF4ADF1367AA79815A9061E64C0D9
CRC32: A0446F8E
Version: 1.4.1.20
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_04
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_04\bin\
Long name: npjpi160_04.dll
Short name: NPJPI1~1.DLL
Date (created): 14/12/2007 01:59:16
Date (last access): 14/08/2008 17:45:50
Date (last write): 14/12/2007 03:42:38
Filesize: 132496
Attributes: archive
MD5: 58A1C3B13CC79E76F66CA6F8FED3B36A
CRC32: A4EACB48
Version: 6.0.40.12
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 22/02/2008 02:33:32
Date (last access): 18/08/2008 12:03:20
Date (last write): 22/02/2008 04:25:20
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 22/02/2008 02:33:32
Date (last access): 18/08/2008 12:03:20
Date (last write): 22/02/2008 04:25:20
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9e.ocx
Short name:
Date (created): 21/11/2007 02:04:14
Date (last access): 18/08/2008 12:01:54
Date (last write): 21/11/2007 02:04:14
Filesize: 2987392
Attributes: archive
MD5: D3C50535C26190FEAD7785A03499C0AC
CRC32: A77C3E92
Version: 9.0.115.0
{D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object)
DPF name:
CLSID name: CFnacComposantCtrl Object
Installer:
Codebase: http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: FnacComposant.dll
Short name: FNACCO~1.DLL
Date (created): 06/09/2004 11:21:18
Date (last access): 14/08/2008 17:45:50
Date (last write): 06/09/2004 11:21:18
Filesize: 110592
Attributes: archive
MD5: 7F27F99CDF12A1F530ACCCDCEA94DCBB
CRC32: 464DC440
Version: 1.0.0.4
{D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class)
DPF name:
CLSID name: Virtools WebPlayer Class
Installer:
Codebase: http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
Path: C:\Program Files\Virtools\3D Life Player\
Long name: WebPlayer.ocx
Short name: WEBPLA~1.OCX
Date (created): 16/06/2008 15:06:54
Date (last access): 14/08/2008 17:45:50
Date (last write): 16/06/2008 15:06:54
Filesize: 304440
Attributes: archive
MD5: 6487F08E12AA59D76B0106EC5A2775EA
CRC32: E22BC725
Version: 4.0.0.96
{DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C} (NSUpdateLiteCtrl Class)
DPF name:
CLSID name: NSUpdateLiteCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\NSupd9x.inf
Codebase: http://204.177.92.201/quickdl/proclaim/NSupd9x.cab
description: All-In-One Telcom
classification: Confirmed as malware
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\System32\
Long name: nsupdate.dll
{EF99BD32-C1FB-11D2-892F-0090271D4F88} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\ycomp5_1_6_0.inf
Codebase: http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
description: Yahoo toolbar
classification: Unknown
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: Patrick M. Kolla
--- Process list ---
PID: 0 ( 0) [System]
PID: 588 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 652 ( 588) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 676 ( 588) \??\C:\WINDOWS\SYSTEM32\winlogon.exe
size: 506368
PID: 720 ( 676) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 732 ( 676) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 908 ( 720) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 996 ( 720) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1104 ( 720) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1220 ( 720) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1284 ( 720) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1484 ( 720) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1784 (1712) C:\WINDOWS\Explorer.EXE
size: 1037312
MD5: D0288319660EDCFED07C7E74C4EA38A5
PID: 1804 ( 720) C:\WINDOWS\System32\drivers\CDAC11BA.EXE
size: 39936
MD5: 3DE014DFC14E8530F3A85572E2763446
PID: 1844 ( 720) C:\WINDOWS\System32\CTSvcCDA.EXE
size: 44032
MD5: 3C8B6609712F4FF78E521F6DCFC4032B
PID: 1872 ( 720) C:\WINDOWS\ehome\ehSched.exe
size: 85504
MD5: 07A6840B51B310A2E40A02A0F46B3D0B
PID: 1944 ( 720) C:\WINDOWS\System32\FTRTSVC.exe
size: 40960
MD5: D1261099E03EEE90976EA19002995B89
PID: 2000 ( 720) C:\Program Files\Eset\nod32krn.exe
size: 495616
MD5: 9B18F31C059C5F061D6C628E0A771EC1
PID: 2032 ( 720) C:\WINDOWS\System32\nvsvc32.exe
size: 73728
MD5: 8E510E18E944A4EF7E1666CF47FCC24D
PID: 300 ( 720) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
size: 100032
MD5: 7768CE75C5CBF0D8F441CE2BBD806B7F
PID: 524 ( 720) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 656 ( 720) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: AB0A7CA90D9E3D6A193905DC1715DED0
PID: 952 ( 720) C:\WINDOWS\System32\MsPMSPSv.exe
size: 53520
MD5: 581176F60885AEF8F78C6E38DCC3CDF9
PID: 2028 ( 720) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 1960 (1784) C:\WINDOWS\ehome\ehtray.exe
size: 50176
MD5: CB60DA9A802452C984B9BC8D5EE5804A
PID: 736 ( 908) C:\WINDOWS\ehome\ehmsas.exe
size: 47104
MD5: 7E93B4B2DD30003AEBE0E8ED202DC963
PID: 2052 (1784) C:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7
PID: 2060 (1784) C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
size: 90112
MD5: C0DE87745C950F2966394837C3683AE5
PID: 2088 (1784) C:\WINDOWS\System32\hphmon05.exe
size: 483328
MD5: C39FCB57279D2C4D3235D31E43BE4196
PID: 2112 (1784) C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4A95F15B706B8FD9EC8715B6401EAB7B
PID: 2376 (1784) C:\WINDOWS\system32\CTHELPER.EXE
size: 28672
MD5: 04016641AA9EB73F601782B2D97E1243
PID: 2400 (1784) C:\Program Files\Multimedia Card Reader\shwicon2k.exe
size: 139264
MD5: 08FCE2E6B1EDADAB4ABB536426BFC58F
PID: 2408 (1784) C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
size: 49152
MD5: C88806E6C9AE0AD88D20E1BDA995355A
PID: 2416 (1784) C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
size: 45056
MD5: 49530EA45EBD73E2C11C74DFEBC30D57
PID: 2436 (1784) C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 28672
MD5: 7EBFAE0A6D73D2D9C9A970A80935FD8F
PID: 2444 (1784) C:\Program Files\QuickTime\qttask.exe
size: 77824
MD5: 5D22B4258489575412F6D18AFFC847A2
PID: 2456 (1784) C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 926A397334FE426A6C7657096FE681DB
PID: 2488 (1784) C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 190024
MD5: B787D9A60FEE9C3732C2E2D4571BB716
PID: 2500 (1784) C:\Program Files\Winamp\winampa.exe
size: 35328
MD5: EA7B08147C0CB85EEB4E48DC3444208E
PID: 2536 (1784) C:\Program Files\Eset\nod32kui.exe
size: 917504
MD5: 3F0785BCC78224A50F31FBE794B6337D
PID: 2664 (1784) C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
size: 144784
MD5: 836DC47E6CAD975304D1D3EB2F516A1C
PID: 2704 (2612) C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
size: 61440
MD5: F9710A77123CC3FD09D062F2AF33E473
PID: 2744 (1784) C:\Documents and Settings\Administrateur\Application Data\MyKey\MyKey.exe
size: 2080768
MD5: 3CE2A5A44E4891840AF198E647346FFE
PID: 2776 (1784) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 2808 (1784) C:\Program Files\Skype\Phone\Skype.exe
size: 25370152
MD5: 23E79AF5BACD142F5479477EE12517B3
PID: 2828 (2724) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: CDD7140C0EAA754C527B983CCC9993CD
PID: 2944 (1784) C:\Program Files\DNA\btdna.exe
size: 342336
MD5: 4766ADE5D06D78CD2D88D695B6CCCBDB
PID: 3100 ( 908) C:\PROGRA~1\INCRED~1\bin\IMApp.exe
size: 131113
MD5: 384CFD942C143C5B0BED8062108372A0
PID: 3272 (3176) C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
size: 819200
MD5: 5D17C66B5620142A06B7391BE20C0476
PID: 3404 (3272) C:\PROGRA~1\Wanadoo\ComComp.exe
size: 249856
MD5: 5D589D0436C4C2D285B3418E79E78A21
PID: 3508 (3272) C:\PROGRA~1\Wanadoo\Toaster.exe
size: 69632
MD5: C2D1BD2B433571ECEC29924ACE5D7C62
PID: 3524 (3272) C:\PROGRA~1\Wanadoo\Inactivity.exe
size: 32768
MD5: 5F6DBF75D05462EED92B42376E89D9FE
PID: 3556 (3272) C:\PROGRA~1\Wanadoo\PollingModule.exe
size: 69632
MD5: EDF02F58940FD56C12357D150F5397C0
PID: 3796 ( 908) C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
size: 45056
MD5: 68E404DB5525373FE0554ED2607F0C82
PID: 2180 (3404) C:\PROGRA~1\Wanadoo\Watch.exe
size: 20480
MD5: 9A29592CD135F6262C429152F7A8DD4A
PID: 2732 (2808) C:\Program Files\Skype\Plugin Manager\SkypePM.exe
size: 1862088
MD5: 824396A8F11C2038D8CE8A158FA2FDFF
PID: 1048 (3768) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 516 (3768) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2156368
MD5: 08FC1FAD357F053043016597B6559BDC
PID: 292 (1048) C:\WINDOWS\hh.exe
size: 10752
MD5: AAE7C1FFADA35914272FBFA581C34B34
PID: 700 (1048) C:\WINDOWS\hh.exe
size: 10752
MD5: AAE7C1FFADA35914272FBFA581C34B34
PID: 1736 (1048) C:\WINDOWS\hh.exe
size: 10752
MD5: AAE7C1FFADA35914272FBFA581C34B34
PID: 2736 (1784) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 64E376A47763DAEABCDA14BD5B6EA286
PID: 3984 ( 908) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
size: 118336
MD5: 7FA0AA2F3DABA5BEB2C4AC1EEC054EFA
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 18/08/2008 12:03:20
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://srch-fr9.hpwis.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.google.fr
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://srch-fr9.hpwis.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://srch-fr9.hpwis.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr/?ocid=iehp
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: NOD32 protected [MSAFD Tcpip [TCP/IP]]
GUID: {4BD34F75-8D9A-4705-B315-D54CDF508F9E}
Filename: imon.dll
Protocol 1: NOD32 protected [MSAFD Tcpip [UDP/IP]]
GUID: {44C3F42F-400A-41AB-88AE-0C1E7FC24AE7}
Filename: imon.dll
Protocol 2: NOD32 protected [MSAFD Tcpip [RAW/IP]]
GUID: {80A874EF-131D-425D-902D-F15D426E9EF1}
Filename: imon.dll
Protocol 3: NOD32 protected [RSVP UDP Service Provider]
GUID: {0931E4B8-BF5F-4AD5-B33C-1535E5FF9250}
Filename: imon.dll
Protocol 4: NOD32 protected [RSVP TCP Service Provider]
GUID: {1BFBC7C6-8AB2-44E8-A37A-835477508571}
Filename: imon.dll
Protocol 10: NOD32
GUID: {28A4D8DA-E908-4C6F-A926-A66CC7AD3224}
Filename: imon.dll
--- Uninstall list ---
(ABBYY FineReader 5.0 Sprint)
(AddressBook)
Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: C:\Program Files\Adobe\Acrobat 5.0
uninstall cmd: C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link: https://acrobat.adobe.com/us/en/acrobat.html
Adobe Acrobat Reader 3.01 (Adobe Acrobat Reader 3.01)
uninstall cmd: C:\WINDOWS\unin040c.exe -fC:\Acrobat3\Reader\DeIsL1.isu
Adobe Flash Player ActiveX 9.0.115.0 (Adobe Flash Player ActiveX)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: https://helpx.adobe.com/flash-player.html
Adobe Shockwave Player 11 (Adobe Shockwave Player)
version (major): 11
install location: C:\WINDOWS\system32\Adobe\
uninstall cmd: C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
publisher: Adobe Systems, Inc.
help link: https://helpx.adobe.com/shockwave.html
Archos MPG4 Translator V3.0.12 (Archos MPG4 Translator V3.0.12)
uninstall cmd: C:\Program Files\Archos MP4SP\Uninstal.exe
ArtMoney SE v7.05 (ArtMoney)
install location: C:\Program Files\ArtMoney\
uninstall cmd: C:\Program Files\ArtMoney\uninstall.bat
(Audio Stream Recorder2)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF5F498-7FB5-11D6-9963-00A0C92C4EC3}\setup.exe" -l0x40c /remove
(AudioHQ)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x40c /remove
(Automap 9.0)
(Connection Manager)
CoolDecode 2.0 (CoolDecode 2.0)
uninstall cmd: C:\Program Files\QuinqSoft\CoolDecode\Uninstall.exe
Creative Driver (Creative Driver)
uninstall cmd: C:\WINDOWS\system32\ctdrvins /s /u
(Creative MediaSource)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c /remove
(Creative MediaSource Detector)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c /remove
(Creative MediaSource Go!)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c /remove
(Creative Restore Defaults)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x40c /remove
(Diagnostics_Audigy2)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x40c /remove
(DirectAnimation)
(DirectDrawEx)
DVD Ripper 4 4.0.51.0606 (DVD Ripper 4)
uninstall cmd: C:\Program Files\Xilisoft\DVD Ripper 4\Uninstall.exe
publisher: Xilisoft
help link: http://www.xilisoft.com
(DXM_Runtime)
(EAX)
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
Contrôle multimédia Microsoft Exchange (EmClient)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSectionEx C:\WINDOWS\Downloaded Program Files\EmClient.inf,Uninstall
publisher: Microsoft Corporation
help link: https://www.microsoft.com/fr-fr/microsoft-365/exchange/email?rtc=1
(Fontcore)
Navigateur Orange (FranceTelecomUninstall_FTBrowser)
install location: C:\PROGRA~1\Wanadoo\WOOBrowser
uninstall cmd: C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl
Gestionnaire Internet (GestionnaireInternet.exe)
uninstall cmd: C:\PROGRA~1\Wanadoo\uninstall.exe
GrabIt 1.7.1 Beta (build 960) (GrabIt_is1)
install date: 20070610
install location: C:\Program Files\GrabIt\
uninstall cmd: "C:\Program Files\GrabIt\unins000.exe"
publisher: Ilan Shemes
help link: http://support.shemes.com/
HP Imaging Device Functions 7.0 7.0 (HP Imaging Device Functions)
uninstall cmd: C:\Program Files\Hewlett-Packard\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true
HP Photo & Imaging 3.0 3.0 (HP Photo & Imaging)
uninstall cmd: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true
HP Solution Center 7.0 7.0 (HP Solution Center & Imaging Support Tools)
uninstall cmd: C:\Program Files\Hewlett-Packard\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true
HP Extended Capabilities 5.3 5.3 (HPExtendedCapabilities)
uninstall cmd: C:\Program Files\Hewlett-Packard\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true
OCR Software by I.R.I.S 7.0 7.0 (HPOCR)
uninstall cmd: C:\Program Files\Hewlett-Packard\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
publisher: HP
help link:
A voir également:
- Aide rapport spybot
- Spybot - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
