RAPPORT SPYWARE TERMINATOR
Résolu
BOUL45
Messages postés
53
Date d'inscription
Statut
Membre
Dernière intervention
-
MoZaIqUe404 Messages postés 386 Date d'inscription Statut Membre -
MoZaIqUe404 Messages postés 386 Date d'inscription Statut Membre -
Bonjour,
VOICI UN RAPPORT DE SPYWARE TERMINATOR ;
JE ME DEMANDAIS S'IL Y AVAIT QUELQUECHOSE D'INQUIETANT;
MERCI
VOICI UN RAPPORT DE SPYWARE TERMINATOR ;
JE ME DEMANDAIS S'IL Y AVAIT QUELQUECHOSE D'INQUIETANT;
MERCI
Configuration: Windows XP Internet Explorer 7.0
9 réponses
-
-
Je trouve ce rapport un peu .. Comment dire, vide !
:)
TùTù-
HA OUI! DESOLE
Logfile of Spyware Terminator v2.3.0.487 (db:2.008.019.000)
Scan Time: 19/08/2008 23:20:47 length: 1385 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 97114 (Critical:21)
Filter: No System items, No Safe items, No Invalid items
Running Processes
aawservice.exe [Lavasoft] : C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
aswUpdSv.exe [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
ashServ.exe [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\ashServ.exe
FTRTSVC.exe [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
HPZipm12.exe [HP] : C:\WINDOWS\system32\HPZipm12.exe
kpf4ss.exe [Sunbelt Software] : C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
msnmsgr.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
kpf4gui.exe [Sunbelt Software] : C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
kpf4gui.exe [Sunbelt Software] : C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
usnsvc.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\usnsvc.exe
GestionnaireInternet.exe [France Télécom R&D] : C:\Program Files\Wanadoo\GestionnaireInternet.exe
ComComp.exe [France Télécom R&D] : C:\Program Files\Wanadoo\ComComp.exe
Toaster.exe [France Telecom R&D] : C:\Program Files\Wanadoo\Toaster.exe
Inactivity.exe : C:\Program Files\Wanadoo\Inactivity.exe
PollingModule.exe : C:\Program Files\Wanadoo\PollingModule.exe
AlertModule.exe : C:\WINDOWS\system32\AlertModule\AlertModule.exe
Watch.exe [France Télécom R&D] : C:\Program Files\Wanadoo\Watch.exe
emule.exe https://www.emule-project.net/home/perl/general.cgi?l=1 : C:\Program Files\eChanblard\emule.exe
SearchSettings.exe [Vendio Services, Inc.] : C:\Program Files\Search Settings\SearchSettings.exe
WOOBrowser.exe : C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe
DownloadManager.exe : C:\Program Files\Wanadoo\WOOBrowser\DownloadManager.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.ustart.org
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
02 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - [Safer Networking Limited] : C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
02 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - [Microsoft Corporation] : C:\Program Files\Windows Live Toolbar\msntb.dll
02 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - [Vendio Services, Inc.] : C:\Program Files\Search Settings\kb127\SearchSettings.dll
Toolbars
03 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
03 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - [Microsoft Corporation] : C:\Program Files\Windows Live Toolbar\msntb.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, msnmsgr : [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SearchSettings : [Vendio Services, Inc.] : C:\Program Files\Search Settings\SearchSettings.exe
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : C:\WINDOWS\system32\lsdelete.exe
Shell Extensions
- {2F603045-309F-11CF-9774-0020AFD0CFF6} - [Synaptics, Inc.] : C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : C:\Program Files\Real\RealPlayer\rpshell.dll
RecordNow! SendToExt - {DEE12703-6333-4D4E-8F34-738C4DCC2E04} - : C:\Apps\RecordNow\shlext.dll
Microsoft Office Outlook - {00020D75-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL
Outlook File Icon Extension - {0006F045-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL
Mes dossiers de partage - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
avast - {472083B0-C522-11CF-8763-00608CC02F24} - [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\ashShell.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Services
23 - [Lavasoft] : C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [ALWIL Software] : C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
23 - [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
23 - [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\ashServ.exe
23 - [VIA Technologies, Inc.] : C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
23 - [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
23 - [Sunbelt Software] : C:\WINDOWS\system32\drivers\fwdrv.sys
23 - [Sunbelt Software] : C:\WINDOWS\system32\drivers\khips.sys
23 - [Printing Communications Assoc., Inc. (PCAUSA)] : C:\WINDOWS\system32\PCANDIS5.SYS
23 - [HP] : C:\WINDOWS\system32\HPZipm12.exe
23 - [Sunbelt Software] : C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
23 - [Avira GmbH] : C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23 - [Synaptics, Inc.] : C:\WINDOWS\system32\DRIVERS\SynTP.sys
23 - [Promise Technology, Inc.] : C:\WINDOWS\system32\DRIVERS\ultra.sys
23 - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\usnsvc.exe
23 - [Copyright (C) VIA/S3 Graphics Co, Ltd.] : C:\WINDOWS\system32\DRIVERS\vtmini.sys
Threat Files
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_def.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_over.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_def.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_over.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_def.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_over.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindIt.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindItHot.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findithotxp.png
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\finditxp.png
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logo.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logoxp.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\contexts\error.xml
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\contexts\related.xml
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\contexts\travel.xml
Advanced Files Report
%PROGRAMFILES%\Lavasoft\Ad-Aware\aawservice.exe [Lavasoft] [Ad-Aware Service] MD5=17067069B9A7865028C1F2E6971D0CCC SIZE=611664
%PROGRAMFILES%\Lavasoft\Ad-Aware\CEAPI.dll [Lavasoft] [CEAPI Dynamic Link Library] MD5=4E0BC5EA2FAF42E7702F80BC69EF7EAB SIZE=804200
%PROGRAMFILES%\Lavasoft\Ad-Aware\PKArchive85u.dll [PKWARE, Inc.] [PKWARE Archive API] MD5=46374252AFA0A37F4F7AF528F6F16B96 SIZE=907096
%PROGRAMFILES%\Wanadoo\Inactivity.dll [Bibliothèque de liaison dynamique Inactivity] MD5=01516C007C86B7C1FCB31D2CD119FF12 SIZE=28672
%PROGRAMFILES%\Spybot - Search & Destroy\SDHelper.dll [Safer Networking Limited] [Spybot - Search & Destroy] MD5=3024DF2915AED376971635DB06DC25CF SIZE=1562448
%COMMONFILES%\Adobe\Acrobat\ActiveX\PDFShell.FRA [Adobe Systems, Inc.] [Adobe PDF Shell Extension] MD5=17C964594AC92EE0B67D9EA08F8A8FD0 SIZE=311296
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%PROGRAMFILES%\Alwil Software\Avast4\ashShell.dll [ALWIL Software] [avast! Antivirus] MD5=6B418CD914E9580BDAEBA17D62A19198 SIZE=73912
%COMMONFILES%\Ahead\Lib\AdvrCntr.dll [Ahead Software AG] [AdvrCntr Module] MD5=5B9FCBD5136926A43051F2E22D7C4126 SIZE=938050
%PROGRAMFILES%\Alwil Software\Avast4\aswUpdSv.exe [ALWIL Software] [avast! Antivirus] MD5=E2323AD197689D607EBC52137B4DFB2E SIZE=16056
%PROGRAMFILES%\Alwil Software\Avast4\aswCmnS.dll [ALWIL Software] [avast! Antivirus] MD5=EE5868C228DACB015014DCB9810023C6 SIZE=192512
%PROGRAMFILES%\Alwil Software\Avast4\aswCmnOS.dll [ALWIL Software] [avast! Antivirus] MD5=0BC8734A59FC998B58F4515F57A719C4 SIZE=86016
%PROGRAMFILES%\Alwil Software\Avast4\aswCmnB.dll [ALWIL Software] [avast! Antivirus] MD5=1DC8FE93BE7598CD2CB7FB61087806BC SIZE=131072
%PROGRAMFILES%\Alwil Software\Avast4\ashServ.exe [ALWIL Software] [avast! Antivirus] MD5=58E57D723BD437049F74408016E1735D SIZE=147640
%PROGRAMFILES%\Alwil Software\Avast4\aswAux.dll [ALWIL Software] [avast! Antivirus] MD5=D863C000468302E4366A7976507848D3 SIZE=659456
%PROGRAMFILES%\Alwil Software\Avast4\aswEngin.dll [ALWIL Software] [avast! Antivirus] MD5=ED5313B3E140CAF8401645CE3C1913B3 SIZE=1245184
%PROGRAMFILES%\Alwil Software\Avast4\aswScan.dll [ALWIL Software] [avast! Antivirus] MD5=D3C726477CB93ED06171BD99CACE431A SIZE=81920
%PROGRAMFILES%\Alwil Software\Avast4\ashBase.dll [ALWIL Software] [avast! Antivirus] MD5=1B3B652ECD4B2C282088BA15BC5D2487 SIZE=229376
%PROGRAMFILES%\Alwil Software\Avast4\ashTask.dll [ALWIL Software] [avast! Antivirus] MD5=BE93124A24A7A837470433C7CBC99B73 SIZE=118784
%PROGRAMFILES%\Alwil Software\Avast4\aswInteg.dll [ALWIL Software] [avast! Antivirus] MD5=362372D8BCCA1B4B729146C17EC1A837 SIZE=22528
%PROGRAMFILES%\Alwil Software\Avast4\aswIdle.dll [ALWIL Software] [avast! Antivirus] MD5=DBE791D6555444145732F6886DEDA4FC SIZE=8888
%PROGRAMFILES%\Alwil Software\Avast4\Aavm4h.dll [ALWIL Software] [avast! Antivirus] MD5=2DB5AAF0474202C9A99BD7135FE56540 SIZE=221184
%PROGRAMFILES%\Alwil Software\Avast4\AavmRpch.dll [ALWIL Software] [avast! Antivirus] MD5=62C82FCE08A754D4D07696D69F71F091 SIZE=20992
%PROGRAMFILES%\Alwil Software\Avast4\French\Base.dll [ALWIL Software] [avast! Antivirus] MD5=056DECD877CD89F32EFDF65BD21AD3CD SIZE=98304
%PROGRAMFILES%\Alwil Software\Avast4\AhResMai.dll [ALWIL Software] [avast! Antivirus] MD5=8126A86FF9804C334310D9A3DE0B1710 SIZE=35840
%PROGRAMFILES%\Alwil Software\Avast4\ahResMes.dll [ALWIL Software] [avast! Antivirus] MD5=A00E4B36F115DB6CCF9DCBD9C365117A SIZE=32768
%PROGRAMFILES%\Alwil Software\Avast4\AhResNS.dll [ALWIL Software] [avast! Antivirus] MD5=27A0A86B093A77A59147D44B0181F61F SIZE=31744
%PROGRAMFILES%\Alwil Software\Avast4\AhResOut.dll [ALWIL Software] [avast! Antivirus] MD5=AEA39A3D680C7252FC72973284661AEF SIZE=29696
%PROGRAMFILES%\Alwil Software\Avast4\ahResP2P.dll [ALWIL Software] [avast! Antivirus] MD5=4694638E7FD2813D5E67E348B66CA54B SIZE=33280
%PROGRAMFILES%\Alwil Software\Avast4\AhResStd.dll [ALWIL Software] [avast! Antivirus] MD5=AF4F229D6B3BD322F1487D0AA5F159D4 SIZE=43008
%PROGRAMFILES%\Alwil Software\Avast4\AhResWS.dll [ALWIL Software] [avast! Antivirus] MD5=6C413DD6E2614281D70C2DDE48F9621B SIZE=53248
%PROGRAMFILES%\Alwil Software\Avast4\ashSSqlt.dll [ALWIL Software] [avast! Antivirus] MD5=78608D4A2E163D5F4F428019786171E0 SIZE=233472
%PROGRAMFILES%\Alwil Software\Avast4\aswRes.dll [ALWIL Software] [avast! Antivirus] MD5=0AA903A5261E63524DF9DFC93031CC89 SIZE=147456
%SYSDIR%\hpzlnt12.dll [HP] [HP DeskJet] MD5=52417880AC75AC4B7F4E5C3B54CA6621 SIZE=139345
%SYSDIR%\FTRTSVC.exe [France Telecom] [FTRTSVC NT Service] MD5=D1261099E03EEE90976EA19002995B89 SIZE=40960
%SYSDIR%\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%SYSDIR%\HPZipm12.exe [HP] [HP PML] MD5=9D84376931440F3679BEEF2A414FA493 SIZE=69632
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kpf4ss.exe [Sunbelt Software] [Sunbelt Personal Firewall] MD5=7234E4B852F8FA0C48FF0E4FD7394490 SIZE=1234480
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoFoundation.dll MD5=8342EA2FB9B9DED9634D5E684A81AF0A SIZE=859648
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoXML.dll MD5=668AAB2221F2C588A2200543CCF14FEA SIZE=470016
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoExt.dll MD5=50764019F146982007AC5DEF44971708 SIZE=18432
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kfe.dll [Sunbelt Software] [Sunbelt Firewall Engine] MD5=1BF7BF45A32B1C6028674EEF384846B9 SIZE=382512
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\LIBEAY32.dll MD5=96373C802D27D4F942B3D8E24F1CBDCE SIZE=827392
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SSLEAY32.dll MD5=E4DF774312A6C2215D36F42E2CE8D4D8 SIZE=155648
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\curllib.dll [The cURL library, https://curl.se/] [The cURL library] MD5=A019D3B990AAFA370BA360E2886645AC SIZE=233472
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kwsapi.dll [Sunbelt Software] [Sunbelt Firewall Engine] MD5=35F4CAFD167687EC5C2D0F34DCDE6FDC SIZE=91696
%PROGRAMFILES%\Alwil Software\Avast4\French\Lang.dll [ALWIL Software] [avast! Antivirus] MD5=02FDA873282D5EA52492327363E2AE16 SIZE=2568192
%PROGRAMFILES%\alwil software\avast4\ahruimai.dll [ALWIL Software] [avast! Antivirus] MD5=58574CB26DA6A03683A48B85B4AB508A SIZE=65536
%PROGRAMFILES%\Alwil Software\Avast4\ashUInt.dll [ALWIL Software] [avast! Antivirus] MD5=DE8EA5B6B0D9A1BBCFC2FFAEC2E79C6F SIZE=319488
%PROGRAMFILES%\Alwil Software\Avast4\XT1922.dll [Codejock Software] [XTToolkit Dynamic Link Library] MD5=92ACEE03566D4B37788084D4C497E2D8 SIZE=917504
%PROGRAMFILES%\alwil software\avast4\ahruimes.dll [ALWIL Software] [avast! Antivirus] MD5=60F84A8EECFC7FE642B52C3FF52262BC SIZE=36864
%PROGRAMFILES%\alwil software\avast4\ahruins.dll [ALWIL Software] [avast! Antivirus] MD5=640D325DFFBD7EFC166C53A02076BFC0 SIZE=36864
%PROGRAMFILES%\alwil software\avast4\ahruiout.dll [ALWIL Software] [avast! Antivirus] MD5=2E375BD719CDA445A69E05212322823B SIZE=90112
%PROGRAMFILES%\alwil software\avast4\ahruip2p.dll [ALWIL Software] [avast! Antivirus] MD5=4FAF7AD13C5D8326BB982ED0A1E1A83D SIZE=22528
%PROGRAMFILES%\alwil software\avast4\ahruistd.dll [ALWIL Software] [avast! Antivirus] MD5=FF98D5D450484BF787A60AF84DEB1017 SIZE=57344
%PROGRAMFILES%\alwil software\avast4\ahruiws.dll [ALWIL Software] [avast! Antivirus] MD5=CD6F5B7087D7A452FF531D66AA7FDC71 SIZE=49152
%PROGRAMFILES%\Alwil Software\Avast4\French\langmai.dll [ALWIL Software] [avast! Antivirus] MD5=6FAAE58EEC511FAF39603F809B9FC7BD SIZE=61440
%PROGRAMFILES%\Alwil Software\Avast4\ashWsFtr.dll [ALWIL Software] [avast! Antivirus] MD5=C2D83820FB57B7B11EBE6C61BFC66D3C SIZE=61440
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kpf4gui.exe [Sunbelt Software] [Sunbelt Personal Firewall] MD5=A464B1F7249B9893AB3F08CDA55F18E5 SIZE=1967664
%PROGRAMFILES%\Windows Live\Messenger\usnsvc.exe [Microsoft Corporation] [Messenger] MD5=9D19B042A4FD5C02195071EA2FE0C821 SIZE=98328
%PROGRAMFILES%\Wanadoo\GestionnaireInternet.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D17C66B5620142A06B7391BE20C0476 SIZE=819200
%PROGRAMFILES%\Wanadoo\OutilsFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=F0AD5EF11EF655967F3C0A88DF01D5F3 SIZE=24576
%PROGRAMFILES%\Wanadoo\StyleIHM.dll [France Télécom R&D] [Kit Générique - France Télécom R&D.] MD5=CF37736CBAD53E318A683DCA8E669887 SIZE=626688
%PROGRAMFILES%\Wanadoo\WooIHMF.dll [France Télécom R&D] [Gestionnaire Internet] MD5=FF91F43C73ABF326C4203D3E9C478E72 SIZE=282624
%PROGRAMFILES%\wanadoo\skin\default\main\ResourceStyle.dll [Kit Wanadoo] MD5=6D66B152B9BC974B9EA979B1306EDE02 SIZE=1855488
%SYSDIR%\AlertModule\AlertClient.dll [AlertClient Module] MD5=42893D43DB574778E05AE85C2120984F SIZE=36864
%PROGRAMFILES%\Wanadoo\DetectComponent.dll [Bibliothèque de liaison dynamique DetectComponent] MD5=7C0DCEDC849C2780D246977B026AB2E6 SIZE=90112
%PROGRAMFILES%\Wanadoo\SynchroDll.dll [Bibliothèque de liaison dynamique SynchroDll] MD5=57F451645CA64B2A3792A1B2F7629724 SIZE=53248
%PROGRAMFILES%\Wanadoo\ComComp.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D589D0436C4C2D285B3418E79E78A21 SIZE=249856
%PROGRAMFILES%\Wanadoo\WLANManager.dll [France Télécom R&D] [WLANManager] MD5=3984A309960D2173D241CB07CEDABB12 SIZE=90112
%PROGRAMFILES%\Wanadoo\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%SYSDIR%\W32N50.dll [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CF7F176E5DC77FA95AF30FE913957611 SIZE=94208
%PROGRAMFILES%\Wanadoo\GestAppFT.dll [France Télécom R&D] [Kit de Connexion et de Services] MD5=5E1EF37D7CF6658F453B7CFA268DBEE2 SIZE=151552
%PROGRAMFILES%\Wanadoo\ModifFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=B5674B52F1B2026947DC6EF0248F089C SIZE=53248
%PROGRAMFILES%\Wanadoo\PMStub.dll [Bibliothèque de liaison dynamique PMStub] MD5=74D2A4D769D31151E1971AD2FCBCFFDA SIZE=36864
%PROGRAMFILES%\Wanadoo\PhoneManager.dll [Bibliothèque de liaison dynamique PhoneManager] MD5=FC02BFFAC618F14B9446FF371F92CADC SIZE=188416
%PROGRAMFILES%\Wanadoo\NDIS_Gen.dll [France Télécom R&D] [NDIS_Gen] MD5=6D4CF841F793F1B41148A39D88C1615F SIZE=90112
%PROGRAMFILES%\Wanadoo\Toaster.exe [France Telecom R&D] [Application Toaster] MD5=C2D1BD2B433571ECEC29924ACE5D7C62 SIZE=69632
%PROGRAMFILES%\Wanadoo\Inactivity.exe [Application Inactivity] MD5=5F6DBF75D05462EED92B42376E89D9FE SIZE=32768
%PROGRAMFILES%\Wanadoo\PollingModule.exe [Application PollingModule] MD5=EDF02F58940FD56C12357D150F5397C0 SIZE=69632
%SYSDIR%\AlertModule\AlertModule.exe [Application AlertModule] MD5=68E404DB5525373FE0554ED2607F0C82 SIZE=45056
%PROGRAMFILES%\Wanadoo\Watch.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=9A29592CD135F6262C429152F7A8DD4A SIZE=20480
%PROGRAMFILES%\eChanblard\emule.exe https://www.emule-project.net/home/perl/general.cgi?l=1 [eChanblard] MD5=EAD7018D2C5783E5239E50C3DB7CC3EC SIZE=6176768
%PROGRAMFILES%\eChanblard\lang\fr_FR.dll https://www.emule-project.net/home/perl/general.cgi?l=1 [eMule] MD5=34BFAFD7172031ED6058406F5D7F99A7 SIZE=114688
%PROGRAMFILES%\Search Settings\kb127\SearchSettingsRes409.dll [Vendio Services, Inc.] [Search Settings] MD5=547BD4D968137ECCA42598A983E0D2D0 SIZE=50528
%PROGRAMFILES%\Wanadoo\WOOBrowser\WOOBrowser.exe [France Telecom Web Browser] MD5=529BE156D65E9330B0932F628D6C92E6 SIZE=344064
%PROGRAMFILES%\Wanadoo\WOOBrowser\OutilsFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=B4B0DF4B41A938693FFF2F22088DBFDC SIZE=24576
%PROGRAMFILES%\Wanadoo\WOOBrowser\StyleIHM.dll [France Télécom R&D] [Kit Générique - France Télécom R&D.] MD5=B56B882E0FF096B5D338FE69F8C44E6B SIZE=626688
%PROGRAMFILES%\Wanadoo\WOOBrowser\IHMBrowser.dll [Bibliothèque de liaison dynamique IHMBrowser] MD5=7866584CA7D7D600A637405F91F42501 SIZE=49152
%PROGRAMFILES%\Wanadoo\WOOBrowser\skin\Default\main\ResourceStyle.dll [Kit Wanadoo] MD5=47CCD4C2AF8A0C2AE851EAC97B526300 SIZE=270336
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginbubble.dll [Bibliothèque de liaison dynamique plugindll] MD5=0AF3211851269F872469F75BC2BB9CF6 SIZE=40960
%PROGRAMFILES%\Wanadoo\WOOBrowser\plugincore.dll [Bibliothèque de liaison dynamique plugindll] MD5=1A0D86AC680FEDB5F7C1A6E07B744E94 SIZE=180224
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginDashboard.dll [Bibliothèque de liaison dynamique plugindll] MD5=19AB1C1C4B907078066F08CA1215E810 SIZE=155648
%PROGRAMFILES%\Wanadoo\WOOBrowser\PluginDownload.dll [Bibliothèque de liaison dynamique plugindll] MD5=6817CABEBD402EAE5734E4E814DC55A9 SIZE=217088
%PROGRAMFILES%\Wanadoo\WOOBrowser\Ifhelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginFavorites.dll [Bibliothèque de liaison dynamique plugindll] MD5=9B4502FC40C951F44C1B38492107370D SIZE=335872
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginpopup.dll [Bibliothèque de liaison dynamique plugindll] MD5=7E0C298BD0D4ADA92EA49BD7E7770E3A SIZE=180224
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginsearch.dll [Bibliothèque de liaison dynamique plugindll] MD5=721F2BD1FECA605C052992EE6D36C063 SIZE=167936
%PROGRAMFILES%\Wanadoo\WOOBrowser\DashBoard\TotoAtlMod.dll [TotoATLMod Module] MD5=F30A061B2D268175FA8A5451BE1CFC0C SIZE=249856
%SYSDIR%\Macromed\Flash\Flash9e.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=D3C50535C26190FEAD7785A03499C0AC SIZE=2987392
%SYSDIR%\PNCRT.dll [Real Networks, Inc] [RealPlayer/RealServer] MD5=13001EB0A58B4DE96126B16AB15FD8CC SIZE=278528
%COMMONFILES%\Real\Common\pnrs3260.dll [RealNetworks, Inc.] [RealPlayer (32-bit)] MD5=2218031C70D8661EDBD1980253C90329 SIZE=28717
%PROGRAMFILES%\Wanadoo\WOOBrowser\DownloadManager.exe [Application DownloadManager] MD5=3672AF20909A3ACB4F4A611E447DD46E SIZE=155648
%PROGRAMFILES%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Inc.] [Yahoo! Toolbar] MD5=2785037CE05B63D5607C9D5DFB2FEEE4 SIZE=440384
%PROGRAMFILES%\Windows Live Toolbar\msntb.dll [Microsoft Corporation] [Windows Live Toolbar] MD5=CEE1BE1DA21300208D07FBEAE9EA2B51 SIZE=546320
deskpan.dll
%PROGRAMFILES%\Synaptics\SynTP\SynTPCpl.dll [Synaptics, Inc.] [Synaptics Pointing Device Driver] MD5=34818DB9C0F480A02BF5A985DB025C96 SIZE=5591040
%PROGRAMFILES%\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.] [RealPlayer] MD5=F73CB998B4C7F6050D99822D4150A456 SIZE=49198
%SystemDiskRoot%\Apps\RecordNow\shlext.dll [RecordNow!] MD5=449FAEFE093CEEF36FDCC3D920AE437A SIZE=73728
%PROGRAMFILES%\Microsoft Office\OFFICE11\MLSHEXT.DLL [Microsoft Corporation] [Microsoft Office Outlook] MD5=2C52103F83C6AF5617DC574888582D76 SIZE=29272
%PROGRAMFILES%\Microsoft Office\OFFICE11\OLKFSTUB.DLL [Microsoft Corporation] [Microsoft Office Outlook] MD5=96EA89DA972DD842910AA9AA80BC013E SIZE=232536
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%SYSDIR%\drivers\ALCXWDM.SYS [Realtek Semiconductor Corp.] [Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)] MD5=95AA37BEC6C72C277C2CAEAEE736DD2D SIZE=2317504
%SYSDIR%\DRIVERS\aswFsBlk.sys [ALWIL Software] [avast! Antivirus System] MD5=976E2AD5A62044629C2DE2CA8563722A SIZE=20560
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\fetnd5b.sys [VIA Technologies, Inc.] [VIA Rhine Family Fast Ethernet Adapter] MD5=BB82A1128E3873CF3CB304ECD927CCCA SIZE=42496
%SYSDIR%\drivers\fwdrv.sys [Sunbelt Software] [Sunbelt Firewall Engine] MD5=3A3929B7A0EEEF83DF3A6C81E43A1FA9 SIZE=302000
%SYSDIR%\drivers\khips.sys [Sunbelt Software] [Sunbelt Firewall Engine] MD5=D44C0F4FC254344BAD74581632339963 SIZE=72624
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\PCANDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CEEF86CB35ABE95C40A88784F5B631AD SIZE=16128
%SYSDIR%\svchost -k rpcss
%SYSDIR%\DRIVERS\ssmdrv.sys [Avira GmbH] MD5=3D2829FDE1C52FC64DA5413889CE4DEE SIZE=28352
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\DRIVERS\SynTP.sys [Synaptics, Inc.] [Synaptics Pointing Device Driver] MD5=DD43DEF41A17E8167362D6493D11AE80 SIZE=185664
%SYSDIR%\DRIVERS\ultra.sys [Promise Technology, Inc.] [Gestionnaire de miniport ULTRA66 de Promise pour Windows NT] MD5=1B698A51CD528D8DA4FFAED66DFC51B9 SIZE=36736
%SYSDIR%\DRIVERS\vtmini.sys [Copyright (C) VIA/S3 Graphics Co, Ltd.] [UniChrome(Pro) IGP Driver] MD5=949F86F5A8E493574BBB830C3D18E4A9 SIZE=172544
%SYSDIR%\svchost.exe -k WudfServiceGroup
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%COMMONFILES%\Adobe\Updater5\AdobeUpdater.es_ES [Adobe Systems Incorporated] [Adobe Updater] MD5=9CD71F31D3D66802F41CB85FC40E351B SIZE=65728
%SYSDIR%\pxdrv.dll [Sonic Solutions] [Px] MD5=6DA13058867A3CB10F2EFDC69F280366 SIZE=401408
%PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
%PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
%PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
%PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
%PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
End of Report
MERCI
-
-
Logfile of Spyware Terminator v2.3.0.487 (db:2.008.019.000)
Scan Time: 19/08/2008 23:20:47 length: 1385 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 97114 (Critical:21)
Filter: No System items, No Safe items, No Invalid items
Running Processes
aawservice.exe [Lavasoft] : C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
aswUpdSv.exe [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
ashServ.exe [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\ashServ.exe
FTRTSVC.exe [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
HPZipm12.exe [HP] : C:\WINDOWS\system32\HPZipm12.exe
kpf4ss.exe [Sunbelt Software] : C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
msnmsgr.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
kpf4gui.exe [Sunbelt Software] : C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
kpf4gui.exe [Sunbelt Software] : C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
usnsvc.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\usnsvc.exe
GestionnaireInternet.exe [France Télécom R&D] : C:\Program Files\Wanadoo\GestionnaireInternet.exe
ComComp.exe [France Télécom R&D] : C:\Program Files\Wanadoo\ComComp.exe
Toaster.exe [France Telecom R&D] : C:\Program Files\Wanadoo\Toaster.exe
Inactivity.exe : C:\Program Files\Wanadoo\Inactivity.exe
PollingModule.exe : C:\Program Files\Wanadoo\PollingModule.exe
AlertModule.exe : C:\WINDOWS\system32\AlertModule\AlertModule.exe
Watch.exe [France Télécom R&D] : C:\Program Files\Wanadoo\Watch.exe
emule.exe https://www.emule-project.net/home/perl/general.cgi?l=1 : C:\Program Files\eChanblard\emule.exe
SearchSettings.exe [Vendio Services, Inc.] : C:\Program Files\Search Settings\SearchSettings.exe
WOOBrowser.exe : C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe
DownloadManager.exe : C:\Program Files\Wanadoo\WOOBrowser\DownloadManager.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.ustart.org
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
02 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - [Safer Networking Limited] : C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
02 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - [Microsoft Corporation] : C:\Program Files\Windows Live Toolbar\msntb.dll
02 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - [Vendio Services, Inc.] : C:\Program Files\Search Settings\kb127\SearchSettings.dll
Toolbars
03 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - [Yahoo! Inc.] : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
03 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - [Microsoft Corporation] : C:\Program Files\Windows Live Toolbar\msntb.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, msnmsgr : [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SearchSettings : [Vendio Services, Inc.] : C:\Program Files\Search Settings\SearchSettings.exe
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : C:\WINDOWS\system32\lsdelete.exe
Shell Extensions
- {2F603045-309F-11CF-9774-0020AFD0CFF6} - [Synaptics, Inc.] : C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : C:\Program Files\Real\RealPlayer\rpshell.dll
RecordNow! SendToExt - {DEE12703-6333-4D4E-8F34-738C4DCC2E04} - : C:\Apps\RecordNow\shlext.dll
Microsoft Office Outlook - {00020D75-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL
Outlook File Icon Extension - {0006F045-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL
Mes dossiers de partage - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
avast - {472083B0-C522-11CF-8763-00608CC02F24} - [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\ashShell.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
Services
23 - [Lavasoft] : C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [ALWIL Software] : C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
23 - [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
23 - [ALWIL Software] : C:\Program Files\Alwil Software\Avast4\ashServ.exe
23 - [VIA Technologies, Inc.] : C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
23 - [France Telecom] : C:\WINDOWS\system32\FTRTSVC.exe
23 - [Sunbelt Software] : C:\WINDOWS\system32\drivers\fwdrv.sys
23 - [Sunbelt Software] : C:\WINDOWS\system32\drivers\khips.sys
23 - [Printing Communications Assoc., Inc. (PCAUSA)] : C:\WINDOWS\system32\PCANDIS5.SYS
23 - [HP] : C:\WINDOWS\system32\HPZipm12.exe
23 - [Sunbelt Software] : C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
23 - [Avira GmbH] : C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23 - [Synaptics, Inc.] : C:\WINDOWS\system32\DRIVERS\SynTP.sys
23 - [Promise Technology, Inc.] : C:\WINDOWS\system32\DRIVERS\ultra.sys
23 - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\usnsvc.exe
23 - [Copyright (C) VIA/S3 Graphics Co, Ltd.] : C:\WINDOWS\system32\DRIVERS\vtmini.sys
Threat Files
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_def.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_over.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_def.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_over.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_def.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_over.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindIt.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindItHot.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findithotxp.png
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\finditxp.png
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logo.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logoxp.bmp
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\contexts\error.xml
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\contexts\related.xml
<Starware> : C:\Documents and Settings\All Users\Application Data\Starware370\contexts\travel.xml
Advanced Files Report
%PROGRAMFILES%\Lavasoft\Ad-Aware\aawservice.exe [Lavasoft] [Ad-Aware Service] MD5=17067069B9A7865028C1F2E6971D0CCC SIZE=611664
%PROGRAMFILES%\Lavasoft\Ad-Aware\CEAPI.dll [Lavasoft] [CEAPI Dynamic Link Library] MD5=4E0BC5EA2FAF42E7702F80BC69EF7EAB SIZE=804200
%PROGRAMFILES%\Lavasoft\Ad-Aware\PKArchive85u.dll [PKWARE, Inc.] [PKWARE Archive API] MD5=46374252AFA0A37F4F7AF528F6F16B96 SIZE=907096
%PROGRAMFILES%\Wanadoo\Inactivity.dll [Bibliothèque de liaison dynamique Inactivity] MD5=01516C007C86B7C1FCB31D2CD119FF12 SIZE=28672
%PROGRAMFILES%\Spybot - Search & Destroy\SDHelper.dll [Safer Networking Limited] [Spybot - Search & Destroy] MD5=3024DF2915AED376971635DB06DC25CF SIZE=1562448
%COMMONFILES%\Adobe\Acrobat\ActiveX\PDFShell.FRA [Adobe Systems, Inc.] [Adobe PDF Shell Extension] MD5=17C964594AC92EE0B67D9EA08F8A8FD0 SIZE=311296
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%PROGRAMFILES%\Alwil Software\Avast4\ashShell.dll [ALWIL Software] [avast! Antivirus] MD5=6B418CD914E9580BDAEBA17D62A19198 SIZE=73912
%COMMONFILES%\Ahead\Lib\AdvrCntr.dll [Ahead Software AG] [AdvrCntr Module] MD5=5B9FCBD5136926A43051F2E22D7C4126 SIZE=938050
%PROGRAMFILES%\Alwil Software\Avast4\aswUpdSv.exe [ALWIL Software] [avast! Antivirus] MD5=E2323AD197689D607EBC52137B4DFB2E SIZE=16056
%PROGRAMFILES%\Alwil Software\Avast4\aswCmnS.dll [ALWIL Software] [avast! Antivirus] MD5=EE5868C228DACB015014DCB9810023C6 SIZE=192512
%PROGRAMFILES%\Alwil Software\Avast4\aswCmnOS.dll [ALWIL Software] [avast! Antivirus] MD5=0BC8734A59FC998B58F4515F57A719C4 SIZE=86016
%PROGRAMFILES%\Alwil Software\Avast4\aswCmnB.dll [ALWIL Software] [avast! Antivirus] MD5=1DC8FE93BE7598CD2CB7FB61087806BC SIZE=131072
%PROGRAMFILES%\Alwil Software\Avast4\ashServ.exe [ALWIL Software] [avast! Antivirus] MD5=58E57D723BD437049F74408016E1735D SIZE=147640
%PROGRAMFILES%\Alwil Software\Avast4\aswAux.dll [ALWIL Software] [avast! Antivirus] MD5=D863C000468302E4366A7976507848D3 SIZE=659456
%PROGRAMFILES%\Alwil Software\Avast4\aswEngin.dll [ALWIL Software] [avast! Antivirus] MD5=ED5313B3E140CAF8401645CE3C1913B3 SIZE=1245184
%PROGRAMFILES%\Alwil Software\Avast4\aswScan.dll [ALWIL Software] [avast! Antivirus] MD5=D3C726477CB93ED06171BD99CACE431A SIZE=81920
%PROGRAMFILES%\Alwil Software\Avast4\ashBase.dll [ALWIL Software] [avast! Antivirus] MD5=1B3B652ECD4B2C282088BA15BC5D2487 SIZE=229376
%PROGRAMFILES%\Alwil Software\Avast4\ashTask.dll [ALWIL Software] [avast! Antivirus] MD5=BE93124A24A7A837470433C7CBC99B73 SIZE=118784
%PROGRAMFILES%\Alwil Software\Avast4\aswInteg.dll [ALWIL Software] [avast! Antivirus] MD5=362372D8BCCA1B4B729146C17EC1A837 SIZE=22528
%PROGRAMFILES%\Alwil Software\Avast4\aswIdle.dll [ALWIL Software] [avast! Antivirus] MD5=DBE791D6555444145732F6886DEDA4FC SIZE=8888
%PROGRAMFILES%\Alwil Software\Avast4\Aavm4h.dll [ALWIL Software] [avast! Antivirus] MD5=2DB5AAF0474202C9A99BD7135FE56540 SIZE=221184
%PROGRAMFILES%\Alwil Software\Avast4\AavmRpch.dll [ALWIL Software] [avast! Antivirus] MD5=62C82FCE08A754D4D07696D69F71F091 SIZE=20992
%PROGRAMFILES%\Alwil Software\Avast4\French\Base.dll [ALWIL Software] [avast! Antivirus] MD5=056DECD877CD89F32EFDF65BD21AD3CD SIZE=98304
%PROGRAMFILES%\Alwil Software\Avast4\AhResMai.dll [ALWIL Software] [avast! Antivirus] MD5=8126A86FF9804C334310D9A3DE0B1710 SIZE=35840
%PROGRAMFILES%\Alwil Software\Avast4\ahResMes.dll [ALWIL Software] [avast! Antivirus] MD5=A00E4B36F115DB6CCF9DCBD9C365117A SIZE=32768
%PROGRAMFILES%\Alwil Software\Avast4\AhResNS.dll [ALWIL Software] [avast! Antivirus] MD5=27A0A86B093A77A59147D44B0181F61F SIZE=31744
%PROGRAMFILES%\Alwil Software\Avast4\AhResOut.dll [ALWIL Software] [avast! Antivirus] MD5=AEA39A3D680C7252FC72973284661AEF SIZE=29696
%PROGRAMFILES%\Alwil Software\Avast4\ahResP2P.dll [ALWIL Software] [avast! Antivirus] MD5=4694638E7FD2813D5E67E348B66CA54B SIZE=33280
%PROGRAMFILES%\Alwil Software\Avast4\AhResStd.dll [ALWIL Software] [avast! Antivirus] MD5=AF4F229D6B3BD322F1487D0AA5F159D4 SIZE=43008
%PROGRAMFILES%\Alwil Software\Avast4\AhResWS.dll [ALWIL Software] [avast! Antivirus] MD5=6C413DD6E2614281D70C2DDE48F9621B SIZE=53248
%PROGRAMFILES%\Alwil Software\Avast4\ashSSqlt.dll [ALWIL Software] [avast! Antivirus] MD5=78608D4A2E163D5F4F428019786171E0 SIZE=233472
%PROGRAMFILES%\Alwil Software\Avast4\aswRes.dll [ALWIL Software] [avast! Antivirus] MD5=0AA903A5261E63524DF9DFC93031CC89 SIZE=147456
%SYSDIR%\hpzlnt12.dll [HP] [HP DeskJet] MD5=52417880AC75AC4B7F4E5C3B54CA6621 SIZE=139345
%SYSDIR%\FTRTSVC.exe [France Telecom] [FTRTSVC NT Service] MD5=D1261099E03EEE90976EA19002995B89 SIZE=40960
%SYSDIR%\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%SYSDIR%\HPZipm12.exe [HP] [HP PML] MD5=9D84376931440F3679BEEF2A414FA493 SIZE=69632
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kpf4ss.exe [Sunbelt Software] [Sunbelt Personal Firewall] MD5=7234E4B852F8FA0C48FF0E4FD7394490 SIZE=1234480
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoFoundation.dll MD5=8342EA2FB9B9DED9634D5E684A81AF0A SIZE=859648
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoXML.dll MD5=668AAB2221F2C588A2200543CCF14FEA SIZE=470016
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\PocoExt.dll MD5=50764019F146982007AC5DEF44971708 SIZE=18432
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kfe.dll [Sunbelt Software] [Sunbelt Firewall Engine] MD5=1BF7BF45A32B1C6028674EEF384846B9 SIZE=382512
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\LIBEAY32.dll MD5=96373C802D27D4F942B3D8E24F1CBDCE SIZE=827392
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\SSLEAY32.dll MD5=E4DF774312A6C2215D36F42E2CE8D4D8 SIZE=155648
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\curllib.dll [The cURL library, https://curl.se/] [The cURL library] MD5=A019D3B990AAFA370BA360E2886645AC SIZE=233472
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kwsapi.dll [Sunbelt Software] [Sunbelt Firewall Engine] MD5=35F4CAFD167687EC5C2D0F34DCDE6FDC SIZE=91696
%PROGRAMFILES%\Alwil Software\Avast4\French\Lang.dll [ALWIL Software] [avast! Antivirus] MD5=02FDA873282D5EA52492327363E2AE16 SIZE=2568192
%PROGRAMFILES%\alwil software\avast4\ahruimai.dll [ALWIL Software] [avast! Antivirus] MD5=58574CB26DA6A03683A48B85B4AB508A SIZE=65536
%PROGRAMFILES%\Alwil Software\Avast4\ashUInt.dll [ALWIL Software] [avast! Antivirus] MD5=DE8EA5B6B0D9A1BBCFC2FFAEC2E79C6F SIZE=319488
%PROGRAMFILES%\Alwil Software\Avast4\XT1922.dll [Codejock Software] [XTToolkit Dynamic Link Library] MD5=92ACEE03566D4B37788084D4C497E2D8 SIZE=917504
%PROGRAMFILES%\alwil software\avast4\ahruimes.dll [ALWIL Software] [avast! Antivirus] MD5=60F84A8EECFC7FE642B52C3FF52262BC SIZE=36864
%PROGRAMFILES%\alwil software\avast4\ahruins.dll [ALWIL Software] [avast! Antivirus] MD5=640D325DFFBD7EFC166C53A02076BFC0 SIZE=36864
%PROGRAMFILES%\alwil software\avast4\ahruiout.dll [ALWIL Software] [avast! Antivirus] MD5=2E375BD719CDA445A69E05212322823B SIZE=90112
%PROGRAMFILES%\alwil software\avast4\ahruip2p.dll [ALWIL Software] [avast! Antivirus] MD5=4FAF7AD13C5D8326BB982ED0A1E1A83D SIZE=22528
%PROGRAMFILES%\alwil software\avast4\ahruistd.dll [ALWIL Software] [avast! Antivirus] MD5=FF98D5D450484BF787A60AF84DEB1017 SIZE=57344
%PROGRAMFILES%\alwil software\avast4\ahruiws.dll [ALWIL Software] [avast! Antivirus] MD5=CD6F5B7087D7A452FF531D66AA7FDC71 SIZE=49152
%PROGRAMFILES%\Alwil Software\Avast4\French\langmai.dll [ALWIL Software] [avast! Antivirus] MD5=6FAAE58EEC511FAF39603F809B9FC7BD SIZE=61440
%PROGRAMFILES%\Alwil Software\Avast4\ashWsFtr.dll [ALWIL Software] [avast! Antivirus] MD5=C2D83820FB57B7B11EBE6C61BFC66D3C SIZE=61440
%PROGRAMFILES%\Sunbelt Software\Personal Firewall\kpf4gui.exe [Sunbelt Software] [Sunbelt Personal Firewall] MD5=A464B1F7249B9893AB3F08CDA55F18E5 SIZE=1967664
%PROGRAMFILES%\Windows Live\Messenger\usnsvc.exe [Microsoft Corporation] [Messenger] MD5=9D19B042A4FD5C02195071EA2FE0C821 SIZE=98328
%PROGRAMFILES%\Wanadoo\GestionnaireInternet.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D17C66B5620142A06B7391BE20C0476 SIZE=819200
%PROGRAMFILES%\Wanadoo\OutilsFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=F0AD5EF11EF655967F3C0A88DF01D5F3 SIZE=24576
%PROGRAMFILES%\Wanadoo\StyleIHM.dll [France Télécom R&D] [Kit Générique - France Télécom R&D.] MD5=CF37736CBAD53E318A683DCA8E669887 SIZE=626688
%PROGRAMFILES%\Wanadoo\WooIHMF.dll [France Télécom R&D] [Gestionnaire Internet] MD5=FF91F43C73ABF326C4203D3E9C478E72 SIZE=282624
%PROGRAMFILES%\wanadoo\skin\default\main\ResourceStyle.dll [Kit Wanadoo] MD5=6D66B152B9BC974B9EA979B1306EDE02 SIZE=1855488
%SYSDIR%\AlertModule\AlertClient.dll [AlertClient Module] MD5=42893D43DB574778E05AE85C2120984F SIZE=36864
%PROGRAMFILES%\Wanadoo\DetectComponent.dll [Bibliothèque de liaison dynamique DetectComponent] MD5=7C0DCEDC849C2780D246977B026AB2E6 SIZE=90112
%PROGRAMFILES%\Wanadoo\SynchroDll.dll [Bibliothèque de liaison dynamique SynchroDll] MD5=57F451645CA64B2A3792A1B2F7629724 SIZE=53248
%PROGRAMFILES%\Wanadoo\ComComp.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=5D589D0436C4C2D285B3418E79E78A21 SIZE=249856
%PROGRAMFILES%\Wanadoo\WLANManager.dll [France Télécom R&D] [WLANManager] MD5=3984A309960D2173D241CB07CEDABB12 SIZE=90112
%PROGRAMFILES%\Wanadoo\IfHelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%SYSDIR%\W32N50.dll [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CF7F176E5DC77FA95AF30FE913957611 SIZE=94208
%PROGRAMFILES%\Wanadoo\GestAppFT.dll [France Télécom R&D] [Kit de Connexion et de Services] MD5=5E1EF37D7CF6658F453B7CFA268DBEE2 SIZE=151552
%PROGRAMFILES%\Wanadoo\ModifFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=B5674B52F1B2026947DC6EF0248F089C SIZE=53248
%PROGRAMFILES%\Wanadoo\PMStub.dll [Bibliothèque de liaison dynamique PMStub] MD5=74D2A4D769D31151E1971AD2FCBCFFDA SIZE=36864
%PROGRAMFILES%\Wanadoo\PhoneManager.dll [Bibliothèque de liaison dynamique PhoneManager] MD5=FC02BFFAC618F14B9446FF371F92CADC SIZE=188416
%PROGRAMFILES%\Wanadoo\NDIS_Gen.dll [France Télécom R&D] [NDIS_Gen] MD5=6D4CF841F793F1B41148A39D88C1615F SIZE=90112
%PROGRAMFILES%\Wanadoo\Toaster.exe [France Telecom R&D] [Application Toaster] MD5=C2D1BD2B433571ECEC29924ACE5D7C62 SIZE=69632
%PROGRAMFILES%\Wanadoo\Inactivity.exe [Application Inactivity] MD5=5F6DBF75D05462EED92B42376E89D9FE SIZE=32768
%PROGRAMFILES%\Wanadoo\PollingModule.exe [Application PollingModule] MD5=EDF02F58940FD56C12357D150F5397C0 SIZE=69632
%SYSDIR%\AlertModule\AlertModule.exe [Application AlertModule] MD5=68E404DB5525373FE0554ED2607F0C82 SIZE=45056
%PROGRAMFILES%\Wanadoo\Watch.exe [France Télécom R&D] [Kit de Connexion et de Services] MD5=9A29592CD135F6262C429152F7A8DD4A SIZE=20480
%PROGRAMFILES%\eChanblard\emule.exe https://www.emule-project.net/home/perl/general.cgi?l=1 [eChanblard] MD5=EAD7018D2C5783E5239E50C3DB7CC3EC SIZE=6176768
%PROGRAMFILES%\eChanblard\lang\fr_FR.dll https://www.emule-project.net/home/perl/general.cgi?l=1 [eMule] MD5=34BFAFD7172031ED6058406F5D7F99A7 SIZE=114688
%PROGRAMFILES%\Search Settings\kb127\SearchSettingsRes409.dll [Vendio Services, Inc.] [Search Settings] MD5=547BD4D968137ECCA42598A983E0D2D0 SIZE=50528
%PROGRAMFILES%\Wanadoo\WOOBrowser\WOOBrowser.exe [France Telecom Web Browser] MD5=529BE156D65E9330B0932F628D6C92E6 SIZE=344064
%PROGRAMFILES%\Wanadoo\WOOBrowser\OutilsFT.dll [France Télécom R&D] [Kit Wanadoo] MD5=B4B0DF4B41A938693FFF2F22088DBFDC SIZE=24576
%PROGRAMFILES%\Wanadoo\WOOBrowser\StyleIHM.dll [France Télécom R&D] [Kit Générique - France Télécom R&D.] MD5=B56B882E0FF096B5D338FE69F8C44E6B SIZE=626688
%PROGRAMFILES%\Wanadoo\WOOBrowser\IHMBrowser.dll [Bibliothèque de liaison dynamique IHMBrowser] MD5=7866584CA7D7D600A637405F91F42501 SIZE=49152
%PROGRAMFILES%\Wanadoo\WOOBrowser\skin\Default\main\ResourceStyle.dll [Kit Wanadoo] MD5=47CCD4C2AF8A0C2AE851EAC97B526300 SIZE=270336
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginbubble.dll [Bibliothèque de liaison dynamique plugindll] MD5=0AF3211851269F872469F75BC2BB9CF6 SIZE=40960
%PROGRAMFILES%\Wanadoo\WOOBrowser\plugincore.dll [Bibliothèque de liaison dynamique plugindll] MD5=1A0D86AC680FEDB5F7C1A6E07B744E94 SIZE=180224
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginDashboard.dll [Bibliothèque de liaison dynamique plugindll] MD5=19AB1C1C4B907078066F08CA1215E810 SIZE=155648
%PROGRAMFILES%\Wanadoo\WOOBrowser\PluginDownload.dll [Bibliothèque de liaison dynamique plugindll] MD5=6817CABEBD402EAE5734E4E814DC55A9 SIZE=217088
%PROGRAMFILES%\Wanadoo\WOOBrowser\Ifhelper.dll [France Télécom R&D] [IfHelper] MD5=A690AE7F4418401815CE3D73D60B8C6F SIZE=36864
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginFavorites.dll [Bibliothèque de liaison dynamique plugindll] MD5=9B4502FC40C951F44C1B38492107370D SIZE=335872
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginpopup.dll [Bibliothèque de liaison dynamique plugindll] MD5=7E0C298BD0D4ADA92EA49BD7E7770E3A SIZE=180224
%PROGRAMFILES%\Wanadoo\WOOBrowser\pluginsearch.dll [Bibliothèque de liaison dynamique plugindll] MD5=721F2BD1FECA605C052992EE6D36C063 SIZE=167936
%PROGRAMFILES%\Wanadoo\WOOBrowser\DashBoard\TotoAtlMod.dll [TotoATLMod Module] MD5=F30A061B2D268175FA8A5451BE1CFC0C SIZE=249856
%SYSDIR%\Macromed\Flash\Flash9e.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=D3C50535C26190FEAD7785A03499C0AC SIZE=2987392
%SYSDIR%\PNCRT.dll [Real Networks, Inc] [RealPlayer/RealServer] MD5=13001EB0A58B4DE96126B16AB15FD8CC SIZE=278528
%COMMONFILES%\Real\Common\pnrs3260.dll [RealNetworks, Inc.] [RealPlayer (32-bit)] MD5=2218031C70D8661EDBD1980253C90329 SIZE=28717
%PROGRAMFILES%\Wanadoo\WOOBrowser\DownloadManager.exe [Application DownloadManager] MD5=3672AF20909A3ACB4F4A611E447DD46E SIZE=155648
%PROGRAMFILES%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Inc.] [Yahoo! Toolbar] MD5=2785037CE05B63D5607C9D5DFB2FEEE4 SIZE=440384
%PROGRAMFILES%\Windows Live Toolbar\msntb.dll [Microsoft Corporation] [Windows Live Toolbar] MD5=CEE1BE1DA21300208D07FBEAE9EA2B51 SIZE=546320
deskpan.dll
%PROGRAMFILES%\Synaptics\SynTP\SynTPCpl.dll [Synaptics, Inc.] [Synaptics Pointing Device Driver] MD5=34818DB9C0F480A02BF5A985DB025C96 SIZE=5591040
%PROGRAMFILES%\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.] [RealPlayer] MD5=F73CB998B4C7F6050D99822D4150A456 SIZE=49198
%SystemDiskRoot%\Apps\RecordNow\shlext.dll [RecordNow!] MD5=449FAEFE093CEEF36FDCC3D920AE437A SIZE=73728
%PROGRAMFILES%\Microsoft Office\OFFICE11\MLSHEXT.DLL [Microsoft Corporation] [Microsoft Office Outlook] MD5=2C52103F83C6AF5617DC574888582D76 SIZE=29272
%PROGRAMFILES%\Microsoft Office\OFFICE11\OLKFSTUB.DLL [Microsoft Corporation] [Microsoft Office Outlook] MD5=96EA89DA972DD842910AA9AA80BC013E SIZE=232536
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%SYSDIR%\drivers\ALCXWDM.SYS [Realtek Semiconductor Corp.] [Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)] MD5=95AA37BEC6C72C277C2CAEAEE736DD2D SIZE=2317504
%SYSDIR%\DRIVERS\aswFsBlk.sys [ALWIL Software] [avast! Antivirus System] MD5=976E2AD5A62044629C2DE2CA8563722A SIZE=20560
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\fetnd5b.sys [VIA Technologies, Inc.] [VIA Rhine Family Fast Ethernet Adapter] MD5=BB82A1128E3873CF3CB304ECD927CCCA SIZE=42496
%SYSDIR%\drivers\fwdrv.sys [Sunbelt Software] [Sunbelt Firewall Engine] MD5=3A3929B7A0EEEF83DF3A6C81E43A1FA9 SIZE=302000
%SYSDIR%\drivers\khips.sys [Sunbelt Software] [Sunbelt Firewall Engine] MD5=D44C0F4FC254344BAD74581632339963 SIZE=72624
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\PCANDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=CEEF86CB35ABE95C40A88784F5B631AD SIZE=16128
%SYSDIR%\svchost -k rpcss
%SYSDIR%\DRIVERS\ssmdrv.sys [Avira GmbH] MD5=3D2829FDE1C52FC64DA5413889CE4DEE SIZE=28352
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\DRIVERS\SynTP.sys [Synaptics, Inc.] [Synaptics Pointing Device Driver] MD5=DD43DEF41A17E8167362D6493D11AE80 SIZE=185664
%SYSDIR%\DRIVERS\ultra.sys [Promise Technology, Inc.] [Gestionnaire de miniport ULTRA66 de Promise pour Windows NT] MD5=1B698A51CD528D8DA4FFAED66DFC51B9 SIZE=36736
%SYSDIR%\DRIVERS\vtmini.sys [Copyright (C) VIA/S3 Graphics Co, Ltd.] [UniChrome(Pro) IGP Driver] MD5=949F86F5A8E493574BBB830C3D18E4A9 SIZE=172544
%SYSDIR%\svchost.exe -k WudfServiceGroup
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%COMMONFILES%\Adobe\Updater5\AdobeUpdater.es_ES [Adobe Systems Incorporated] [Adobe Updater] MD5=9CD71F31D3D66802F41CB85FC40E351B SIZE=65728
%SYSDIR%\pxdrv.dll [Sonic Solutions] [Px] MD5=6DA13058867A3CB10F2EFDC69F280366 SIZE=401408
%PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
%PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
%PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
%PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
%PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
End of Report
DESOLE -
Tout ça sont des pages anglaise ou américaine est-ce normal ?!
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.ustart.org
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
Tu peut me faire un scan hijackthis stp!
-
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:21:43, on 20/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\eChanblard\emule.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\Wanadoo\WOOBRO~1\DownloadManager.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\RunOnce: [DebutUninstall] cmd.exe /C rmdir /S /Q "C:\Program Files\NCH Software\Debut"
O4 - HKLM\..\RunOnce: [DebutUninstall2] cmd.exe /C rmdir /Q "C:\Program Files\NCH Software"
O4 - HKLM\..\RunOnce: [DebutUninstall3] cmd.exe /C rmdir /S /Q "C:\Documents and Settings\THYBAUT BOULAIS\Application Data\Program Files\Debut"
O4 - HKLM\..\RunOnce: [DebutUninstall4] cmd.exe /C rmdir /Q "C:\Documents and Settings\THYBAUT BOULAIS\Application Data\Program Files"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-7fc9b26bb3812e3d.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.0.15.0/ImageUploader5.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
-
-
Ok mais enfaite mise a part c'est page non française je voit rien d'inquiétant
je voit que tu as avast le scanne ne révele rien d'anormal (trojan..etc..?)
Sinon y'avait des problémes en particulier ton PC? -
Derient mais c'est ligne que je t'es montrés c'est bizare
quand tu lance google tu tombe bien sur un site français ?!aucun probléme dans t'es recherche ?! -
Dernière astuce : Pour désactiver la touche MAJ c'est celle au dessus de Ctrl !
Sacrebleu! Arrétez les majuscules !
;)
TùTù
N'oublie pas le statut " Résolu" -
