Logo GNT
Actualités Tests & Guides Bons Plans
Twitter iPhone pliant OnePlus 11 PS5 Disney+ Orange Livebox Windows 11
Entraide Sécurité Sécurité Virus Comment se débarrasser de xpuupdate.exe ??

Comment se débarrasser de xpuupdate.exe ??

30 réponses
Avatar
Beep Beep
Bonjour,

Un exécutable nommé xpuupdate.exe ( http://cjoint.com/?hmlbyoSyFw )
est arrivé, je ne sais comment sur mon PC...

Si j'essaie de le supprimer j'ai cette fenêtre (
http://cjoint.com/?hmleRWHJts ) :

Impossible de supprimer xpuupdate : accès refusé.
Vérifier que le disque n'est pas plein ou protégé en écriture, et que
le fichier n'est pas utilisé actuellement

Si quelqu'un peut me guider pour le supprimer...

Merci

--
L'adulte ne croit pas au Père Noël. Il vote.
/Pierre Desproges/
Signaler un problème avec ce contenu

10 réponses

Supprimer
Cette action est irreversible, confirmez la suppression du commentaire ?
Signaler le commentaire

Veuillez sélectionner un problème

Nudité
Violence
Harcèlement
Fraude
Vente illégale
Discours haineux
Terrorisme
Autre
1 2 3
Avatar
Jacques Bratières
Le Thu, 12 Jul 2007 11:11:24 +0200, Beep Beep a
écrit:

Bonjour,

Un exécutable nommé xpuupdate.exe ( http://cjoint.com/?hmlbyoSyFw )
est arrivé, je ne sais comment sur mon PC...

Si j'essaie de le supprimer j'ai cette fenêtre (
http://cjoint.com/?hmleRWHJts ) :

Impossible de supprimer xpuupdate : accès refusé.
Vérifier que le disque n'est pas plein ou protégé en écriture, et que le
fichier n'est pas utilisé actuellement

Si quelqu'un peut me guider pour le supprimer...

Merci

Antivirus ou antispyware , hijackthis



--
J.Bratières

Avatar
houba
Bonjour ° Bonsoir, le Thu, 12 Jul 2007 11:11:24 +0200, Beep Beep
a wroté:

Bonjour,

Un exécutable nommé xpuupdate.exe ( http://cjoint.com/?hmlbyoSyFw )
est arrivé, je ne sais comment sur mon PC...


trojan.downloader.xxx.
J'en ai eu un downloader.bagle il y a une semaine, extrêmement vicieux
et coriace à dégommer.
http://www.spywareremove.com/removexpuupdateexe.html

--
VaN.

Avatar
Beep Beep
Le Thu, 12 Jul 2007 11:11:24 +0200, Beep Beep a
écrit:

Bonjour,

Un exécutable nommé xpuupdate.exe ( http://cjoint.com/?hmlbyoSyFw )
est arrivé, je ne sais comment sur mon PC...

Si j'essaie de le supprimer j'ai cette fenêtre (
http://cjoint.com/?hmleRWHJts ) :

Impossible de supprimer xpuupdate : accès refusé.
Vérifier que le disque n'est pas plein ou protégé en écriture, et que le
fichier n'est pas utilisé actuellement

Si quelqu'un peut me guider pour le supprimer...

Merci

Antivirus ou antispyware , hijackthis



Hijackthis me donne ça :

Logfile of HijackThis v1.99.1
Scan saved at 14:48:56, on 12/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32savedump.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32ZoneLabsvsmon.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32FTRTSVC.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesASUSProbeAsusProb.exe
C:Program FilesClassic PhoneToolsCapFax.EXE
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:Program FilesJavajre1.6.0_01binjusched.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Program FilesTomTom HOMETomTomHOME.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSALCWZRD.EXE
C:WINDOWSALCMTR.EXE
C:Program FilesQuickTimeqttask.exe
C:PROGRA~1WanadooTaskBarIcon.exe
C:Program FilesZone LabsZoneAlarmzlclient.exe
C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe
C:Program FilesAdobeReader 8.0ReaderReader_sl.exe
C:WINDOWSsystem32xpuupdate.exe
C:Program FilesOFFICE One6.5OFFICE One PDF
ManagerOoPDFSettingsv6.exe
C:Program FilesPinnacleShared FilesInstantCDDVDPCLETray.exe
C:Program FilesPinnacleInstantCDDVDInstantWriteiwctrl.exe
C:Program FilesX'nBeep 1.0XnBeep.exe
C:WINDOWSsystem32ctfmon.exe
C:PROGRA~1WanadooGestionnaireInternet.exe
C:WINDOWSsystem32ntvdm.exe
C:Program FilesNikonPictureProjectNkbMonitor.exe
C:PROGRA~1WanadooComComp.exe
C:Program FilesOFFICE One6.5programsoffice.exe
C:PROGRA~1MagenticbinMgApp.exe
C:PROGRA~1WanadooToaster.exe
C:PROGRA~1WanadooInactivity.exe
C:PROGRA~1WanadooPollingModule.exe
C:WINDOWSSystem32ALERTM~1ALERTM~1.EXE
C:WINDOWSsystem32wuauclt.exe
C:PROGRA~1INCRED~1binIMApp.exe
C:PROGRA~1WanadooWatch.exe
C:Documents and SettingsAll UsersMenu
DémarrerProgrammesSécuritéHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://mystart.incredimail.com/french
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title =
Orange
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName
= Liens
R3 - URLSearchHook: Search Class -
{08C06D61-F1F3-4799-86F8-BE1A89362C85} -
C:PROGRA~1WanadooSEARCH~1.DLL
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D}
- C:Program FilesAskTBarSrchAstt1.binA5SRCHAS.DLL (file missing)
O2 - BHO: Yahoo! Toolbar Helper -
{02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program
FilesYahoo!CompanionInstallscpn0yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper -
{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:Program
FilesCanonEasy-WebPrintEWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.6.0_01binssv.dll
O2 - BHO: Ask Search Assistant BHO -
{9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:Program
FilesAskTBarSrchAstt1.binA5SRCHAS.DLL (file missing)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} -
C:Program FilesXiNetTransport 2NTIEHelper.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} -
C:Program FilesAskTBarbar1.binASKTBAR.DLL (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} -
C:Program FilesAskTBarbar1.binASKTBAR.DLL (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} -
C:Program FilesCanonEasy-WebPrintToolband.dll
O4 - HKLM..Run: [Raccourci vers la page des propriétés de High
Definition Audio] HDAudPropShortcut.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [ASUS Probe] C:Program FilesASUSProbeAsusProb.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [CapFax] C:Program FilesClassic
PhoneToolsCapFax.EXE
O4 - HKLM..Run: [RemoteControl] "C:Program
FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [PinnacleDriverCheck]
C:WINDOWSsystem32PSDrvCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program
FilesJavajre1.6.0_01binjusched.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [TomTomHOME.exe] "C:Program FilesTomTom
HOMETomTomHOME.exe" -s
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WanadooGestMaj.exe
TaskBarIcon.exe
O4 - HKLM..Run: [wconf32] C:WINDOWSsystem32wconf32.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [BOOT] C:Program FilesISSENDISISSENDIS WebUpdate
v6issendiswebupdatev6.exe /BOOT
O4 - HKLM..Run: [ZoneAlarm Client] "C:Program FilesZone
LabsZoneAlarmzlclient.exe"
O4 - HKLM..Run: [OpwareSE2] "C:Program
FilesScanSoftOmniPageSE2.0OpwareSE2.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program
FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [Windows Updater Servc]
C:WINDOWSsystem32xpuupdate.exe
O4 - HKLM..Run: [OoPDFSettingsv6.exe] C:Program FilesOFFICE
One6.5OFFICE One PDF ManagerOoPDFSettingsv6.exe
O4 - HKCU..Run: [InstantTray] C:Program FilesPinnacleShared
FilesInstantCDDVDPCLETray.exe
O4 - HKCU..Run: [IW_Drop_Icon] C:Program
FilesPinnacleInstantCDDVDInstantWriteiwctrl.exe /DropDisc
O4 - HKCU..Run: [IncrediMail] C:Program
FilesIncrediMailbinIncMail.exe /c
O4 - HKCU..Run: [WOOKIT] C:PROGRA~1WanadooShell.exe
appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU..Run: [X'nBeep] C:Program FilesX'nBeep 1.0XnBeep.exe
O4 - HKCU..Run: [Magentic] C:PROGRA~1MagenticbinMagentic.exe /c
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:Program FilesFichiers communsAheadLibNMBgMonitor.exe"
O4 - Startup: OFFICE One 6.5.lnk = C:Program FilesOFFICE
One6.5programquickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O4 - Global Startup: Ne m'oublie pas !.lnk = C:MicroAppCartes
d'AnniversaireREMIND.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:Program
FilesNikonPictureProjectNkbMonitor.exe
O8 - Extra context menu item: &Télécharger avec NetTransport -
C:Program FilesXiNetTransport 2NTAddLink.html
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste
d'impressions - res://C:Program
FilesCanonEasy-WebPrintToolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide -
res://C:Program FilesCanonEasy-WebPrintToolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:Program
FilesCanonEasy-WebPrintToolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser -
res://C:Program FilesCanonEasy-WebPrintToolband.dll/RC_Preview.html
O8 - Extra context menu item: Tout t&élécharger avec NetTransport -
C:Program FilesXiNetTransport 2NTAddList.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
-{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.6.0_01binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.6.0_01binssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -
%windir%bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -
{85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file
missing)
O9 - Extra button: eBay - Homepage -
{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:Program
FilesIrfanViewEbayEbay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE
Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 -
HKLMSystemCCSServicesTcpip..{42F48949-8DE6-4DE1-BC01-00A96FBA39D1}:
NameServer = 85.255.113.116,85.255.112.80
O17 - HKLMSystemCS1ServicesTcpipParameters: NameServer =
85.255.113.116 85.255.112.80
O17 -
HKLMSystemCS1ServicesTcpip..{42F48949-8DE6-4DE1-BC01-00A96FBA39D1}:
NameServer = 85.255.113.116,85.255.112.80
O17 - HKLMSystemCS4ServicesTcpipParameters: NameServer =
85.255.113.116 85.255.112.80
O17 -
HKLMSystemCS4ServicesTcpip..{42F48949-8DE6-4DE1-BC01-00A96FBA39D1}:
NameServer = 85.255.113.116,85.255.112.80
O17 - HKLMSystemCCSServicesTcpipParameters: NameServer =
85.255.113.116 85.255.112.80
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software
- C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: NBService - Unknown owner - C:Program FilesNeroNero
7Nero BackItUpNBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:Program
FilesFichiers communsAheadLibNMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:WINDOWSsystem32ZoneLabsvsmon.exe

--
L'adulte ne croit pas au Père Noël. Il vote.
/Pierre Desproges/


Avatar
Beep Beep
Bonjour ° Bonsoir, le Thu, 12 Jul 2007 11:11:24 +0200, Beep Beep
a wroté:

Bonjour,

Un exécutable nommé xpuupdate.exe ( http://cjoint.com/?hmlbyoSyFw )
est arrivé, je ne sais comment sur mon PC...


trojan.downloader.xxx.
J'en ai eu un downloader.bagle il y a une semaine, extrêmement vicieux
et coriace à dégommer.
http://www.spywareremove.com/removexpuupdateexe.html


Merci après avoir sappuyé sur le bouton "Start Scan" j'obtiens ce
résultat : http://cjoint.com/?hmpiieZjxY

Je ne suis pas très doué en anglais :(
Que dois-je faire maintenant ??

Merci

--
L'adulte ne croit pas au Père Noël. Il vote.
/Pierre Desproges/


Avatar
***FRGE***
*Bonjour* *Beep Beep*
Le 12/07/2007 jour de la Saint Olivier, Beep Beep nous a écrit ceci:

Hijackthis me donne ça :


Hou la la !! il y a un sérieux ménage à faire.

Allez ici pour évaluer votre LOG et voir ce que vous devrez fixer:
http://hijackthis.de/fr

--
***FRGE***

Avatar
houba
Bonjour ° Bonsoir, le Thu, 12 Jul 2007 15:10:49 +0200, Beep Beep
a wroté:

trojan.downloader.xxx.
J'en ai eu un downloader.bagle il y a une semaine, extrêmement vicieux
et coriace à dégommer.
http://www.spywareremove.com/removexpuupdateexe.html


Merci après avoir sappuyé sur le bouton "Start Scan" j'obtiens ce
résultat : http://cjoint.com/?hmpiieZjxY
Je ne l'ai jamais utilisé. Pour mon pb de .downloader.Bagle je m'étais

débrouiller autrement.
Pour revenir à ton cas, amha il te reste à tout cocher et demander un
'start remove', le bouton en bas de 'start scan' puis de ' stop scan'.

Il me parait utile de noter celui qui s'est invité dans ta mémoire ram
(memory), les 2 clés dans la base de registre (registry), et enfin le
fichier fautif. Parce que des fois ces fic en appellent d'autres et
s'auto prospèrent joyeusement dans ta config.

En allant dans le tableau 'detailed view' et en agrandissant la
colonne 'location' tu auras le chemin précis où ils se nichent.
Note les sur un papier ou faire du copier/coller dans un *.txt crée
pour ce pb de trojan.

Je vois aussi qu'il y a un bouton 'generate support log' mais je ne
sais pas si on peut le récupérer après coup ce rapport une fois qu'il
aurait généré quelques part sur ton ddur et si ca retranscrit ce qu'on
a dans le tableau 'detailed view'.

Je ne suis pas très doué en anglais :(
Que dois-je faire maintenant ??
Sinon il t'explique également la méthode manuelle de nettoyage mais

pour trouver un mode opératoire équivalent en francais sur la
toile....

--
VaN.


Avatar
Beep Beep
Bonjour ° Bonsoir, le Thu, 12 Jul 2007 15:10:49 +0200, Beep Beep
a wroté:

trojan.downloader.xxx.
J'en ai eu un downloader.bagle il y a une semaine, extrêmement vicieux
et coriace à dégommer.
http://www.spywareremove.com/removexpuupdateexe.html


Merci après avoir sappuyé sur le bouton "Start Scan" j'obtiens ce
résultat : http://cjoint.com/?hmpiieZjxY
Je ne l'ai jamais utilisé. Pour mon pb de .downloader.Bagle je m'étais

débrouiller autrement.
Pour revenir à ton cas, amha il te reste à tout cocher et demander un
'start remove', le bouton en bas de 'start scan' puis de ' stop scan'.


Arff ! il faut payer : http://cjoint.com/?hmpVNKQVp2 :(




Il me parait utile de noter celui qui s'est invité dans ta mémoire ram
(memory), les 2 clés dans la base de registre (registry), et enfin le
fichier fautif. Parce que des fois ces fic en appellent d'autres et
s'auto prospèrent joyeusement dans ta config.

En allant dans le tableau 'detailed view' et en agrandissant la
colonne 'location' tu auras le chemin précis où ils se nichent.
Note les sur un papier ou faire du copier/coller dans un *.txt crée
pour ce pb de trojan.


Un se trouve ici : HKEY_CLASSES_ROOTApplDDownloadManager.EXE
et l'autre ici :
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunWindows...

Je ne peux pas voir le reste :(






Je vois aussi qu'il y a un bouton 'generate support log' mais je ne
sais pas si on peut le récupérer après coup ce rapport une fois qu'il
aurait généré quelques part sur ton ddur et si ca retranscrit ce qu'on
a dans le tableau 'detailed view'.


Ca donne ça, je ne comprend rien :(


###########################Runnning Processes
DATA###########################
processName = SMSS.EXE File Size = 50688 File Path =
SystemRootSystem32smss.exe ModuleMD5 =
b4c08d31e8c2ea9d76f892052a6fcaeb
processName = CSRSS.EXE File Size = 6144 File Path =
??C:WINDOWSsystem32csrss.exe ModuleMD5 =
78c1f1278cf2c9b476504c572cb98e5e
processName = WINLOGON.EXE File Size = 506368 File Path =
??C:WINDOWSsystem32winlogon.exe ModuleMD5 =
d2de785aeab0bb8ca4c14a8a199dbe4e
processName = SERVICES.EXE File Size = 108544 File Path =
C:WINDOWSsystem32services.exe ModuleMD5 =
732e0b1abaace15d80ec19056b0a2af9
processName = LSASS.EXE File Size = 13312 File Path =
C:WINDOWSsystem32lsass.exe ModuleMD5 =
9f3744a5c6f49291a7a685040a013399
processName = SVCHOST.EXE File Size = 14336 File Path =
C:WINDOWSsystem32svchost.exe ModuleMD5 =
1bd6c2f707a275cb7c16fd99fe0f31ca
processName = SVCHOST.EXE File Size = 14336 File Path =
C:WINDOWSsystem32svchost.exe ModuleMD5 =
1bd6c2f707a275cb7c16fd99fe0f31ca
processName = SVCHOST.EXE File Size = 14336 File Path =
C:WINDOWSSystem32svchost.exe ModuleMD5 =
1bd6c2f707a275cb7c16fd99fe0f31ca
processName = SVCHOST.EXE File Size = 14336 File Path =
C:WINDOWSsystem32svchost.exe ModuleMD5 =
1bd6c2f707a275cb7c16fd99fe0f31ca
processName = SVCHOST.EXE File Size = 14336 File Path =
C:WINDOWSsystem32svchost.exe ModuleMD5 =
1bd6c2f707a275cb7c16fd99fe0f31ca
processName = VSMON.EXE File Size = 75568 File Path =
C:WINDOWSsystem32ZoneLabsvsmon.exe ModuleMD5 =
de71661665a86a2305918e8b91acedb9
processName = EXPLORER.EXE File Size = 1036288 File Path =
C:WINDOWSExplorer.EXE ModuleMD5 = 4c33e5b9a6197b6ed215f6cfba0a2daa
processName = ASWUPDSV.EXE File Size = 16512 File Path = C:Program
FilesAlwil SoftwareAvast4aswUpdSv.exe ModuleMD5 =
0bab87db7dac336b52ada529cf472b74
processName = ASHSERV.EXE File Size = 132736 File Path = C:Program
FilesAlwil SoftwareAvast4ashServ.exe ModuleMD5 =
4c2d6f51f2a1943ef24e8c3e55267f04
processName = SPOOLSV.EXE File Size = 57856 File Path =
C:WINDOWSsystem32spoolsv.exe ModuleMD5 =
da81ec57acd4cdc3d4c51cf3d409af9f
processName = FTRTSVC.EXE File Size = 40960 File Path =
C:WINDOWSSystem32FTRTSVC.exe ModuleMD5 =
d1261099e03eee90976ea19002995b89
processName = NVSVC32.EXE File Size = 127043 File Path =
C:WINDOWSsystem32nvsvc32.exe ModuleMD5 =
190bf982638e4a0c98b334a39e50fb9f
processName = SVCHOST.EXE File Size = 14336 File Path =
C:WINDOWSsystem32svchost.exe ModuleMD5 =
1bd6c2f707a275cb7c16fd99fe0f31ca
processName = ASHMAISV.EXE File Size = 243328 File Path = C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe ModuleMD5 =
0005db55986f3b014fba24c2356476b7
processName = ASHWEBSV.EXE File Size = 345728 File Path = C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe ModuleMD5 =
d1c26f6b1aa7ba597f435cb136e998d4
processName = ALG.EXE File Size = 44544 File Path =
C:WINDOWSSystem32alg.exe ModuleMD5 =
2fe681d10c5fc343dbbc0610b8dd4d24
processName = SOUNDMAN.EXE File Size = 73728 File Path =
C:WINDOWSSOUNDMAN.EXE ModuleMD5 = 3df2f401e71c0894e3cc1b8b7a4ab7ee
processName = CAPFAX.EXE File Size = 20739 File Path = C:Program
FilesClassic PhoneToolsCapFax.EXE ModuleMD5 =
3f98d6efaed887bd458e433cbc93cc3d
processName = PDVDSERV.EXE File Size = 32768 File Path = C:Program
FilesCyberLinkPowerDVDPDVDServ.exe ModuleMD5 =
1eea64d8599b5b7bd8721498e4019cf0
processName = JUSCHED.EXE File Size = 83608 File Path = C:Program
FilesJavajre1.6.0_01binjusched.exe ModuleMD5 =
9c1c80bbf8e6044980890e2d2d91091c
processName = REALSCHED.EXE File Size = 180269 File Path = C:Program
FilesFichiers communsRealUpdate_OBrealsched.exe ModuleMD5 =
d09a5f5c4dbd5d4dff09ab1a69812062
processName = TOMTOMHOME.EXE File Size = 3770024 File Path = C:Program
FilesTomTom HOMETomTomHOME.exe ModuleMD5 =
2e289c3325accf1d18b21eb1334e3a0b
processName = ASHDISP.EXE File Size = 75392 File Path =
C:PROGRA~1ALWILS~1Avast4ashDisp.exe ModuleMD5 =
41b88784128c1eb3a24a928ce58b2455
processName = ALCWZRD.EXE File Size = 2550272 File Path =
C:WINDOWSALCWZRD.EXE ModuleMD5 = e2933ec3a03c02e4148f30c34d7abe7f
processName = ALCMTR.EXE File Size = 57344 File Path =
C:WINDOWSALCMTR.EXE ModuleMD5 = 163092f78c03419e6fe590130faff04f
processName = QTTASK.EXE File Size = 98304 File Path = C:Program
FilesQuickTimeqttask.exe ModuleMD5 =
76a3a30b58405c2c6d833895253a51a9
processName = TASKBARICON.EXE File Size = 61440 File Path =
C:PROGRA~1WanadooTaskBarIcon.exe ModuleMD5 =
f9710a77123cc3fd09d062f2af33e473
processName = ZLCLIENT.EXE File Size = 919280 File Path = C:Program
FilesZone LabsZoneAlarmzlclient.exe ModuleMD5 =
3e1731c55f77d150791d4c7e87ad4e5c
processName = OPWARESE2.EXE File Size = 49152 File Path = C:Program
FilesScanSoftOmniPageSE2.0OpwareSE2.exe ModuleMD5 =
882539219b40107d5bc0557e0088dd79
processName = XPUUPDATE.EXE File Size = 54784 File Path =
C:WINDOWSsystem32xpuupdate.exe ModuleMD5 =
2b5fed4db4ff6ee3f314bfa65cffeba8
processName = OOPDFSETTINGSV6.EXE File Size = 460800 File Path =
C:Program FilesOFFICE One6.5OFFICE One PDF
ManagerOoPDFSettingsv6.exe ModuleMD5 =
e58da2d7cba3076b8f2d3bc2e91b44f8
processName = PCLETRAY.EXE File Size = 770048 File Path = C:Program
FilesPinnacleShared FilesInstantCDDVDPCLETray.exe ModuleMD5 =
6ac52f83060691577daf79e1b5eba157
processName = IWCTRL.EXE File Size = 1123840 File Path = C:Program
FilesPinnacleInstantCDDVDInstantWriteiwctrl.exe ModuleMD5 =
59bc576e079d0e7e7bccf912f947eecb
processName = XNBEEP.EXE File Size = 1048576 File Path = C:Program
FilesX'nBeep 1.0XnBeep.exe ModuleMD5 =
62e9a986b0ab9e870f5e66a4be6465ef
processName = CTFMON.EXE File Size = 15360 File Path =
C:WINDOWSsystem32ctfmon.exe ModuleMD5 =
5584247b568c2e53934873f4b655fe6a
processName = GESTIONNAIREINTERNET.EXE File Size = 819200 File Path =
C:PROGRA~1WanadooGestionnaireInternet.exe ModuleMD5 =
5d17c66b5620142a06b7391be20c0476
processName = NTVDM.EXE File Size = 420864 File Path =
C:WINDOWSsystem32ntvdm.exe ModuleMD5 =
cba61ced5861eb1c023002f20b275b9e
processName = NKBMONITOR.EXE File Size = 118784 File Path = C:Program
FilesNikonPictureProjectNkbMonitor.exe ModuleMD5 =
70b9b7c5c5b3cdb1df2e8dfb5dcc3b52
processName = COMCOMP.EXE File Size = 249856 File Path =
C:PROGRA~1WanadooComComp.exe ModuleMD5 =
5d589d0436c4c2d285b3418e79e78a21
processName = SOFFICE.EXE File Size = 286720 File Path = C:Program
FilesOFFICE One6.5programsoffice.exe ModuleMD5 =
ffe3d87ba6908eb304f8f569046c9883
processName = MGAPP.EXE File Size = 106537 File Path =
C:PROGRA~1MagenticbinMgApp.exe ModuleMD5 =
821d4090b74336414890b1b08604c44a
processName = TOASTER.EXE File Size = 69632 File Path =
C:PROGRA~1WanadooToaster.exe ModuleMD5 =
c2d1bd2b433571ecec29924ace5d7c62
processName = INACTIVITY.EXE File Size = 32768 File Path =
C:PROGRA~1WanadooInactivity.exe ModuleMD5 =
5f6dbf75d05462eed92b42376e89d9fe
processName = POLLINGMODULE.EXE File Size = 69632 File Path =
C:PROGRA~1WanadooPollingModule.exe ModuleMD5 =
edf02f58940fd56c12357d150f5397c0
processName = ALERTM~1.EXE File Size = 45056 File Path =
C:WINDOWSSystem32ALERTM~1ALERTM~1.EXE ModuleMD5 =
68e404db5525373fe0554ed2607f0c82
processName = IMAPP.EXE File Size = 143401 File Path =
C:PROGRA~1INCRED~1binIMApp.exe ModuleMD5 =
d37f486d0f607b4b3637769702781dda
processName = WATCH.EXE File Size = 20480 File Path =
C:PROGRA~1WanadooWatch.exe ModuleMD5 =
9a29592cd135f6262c429152f7a8dd4a
processName = FIREFOX.EXE File Size = 7637104 File Path = C:Program
FilesMozilla Firefoxfirefox.exe ModuleMD5 =
77c6ab4e70e7fc35e17b8ed919408b62
processName = MESNEWS2.EXE File Size = 4045824 File Path = C:Program
FilesMesNewsmesnews2.exe ModuleMD5 =
4add18eef99cf2fbd59e8ee0729f01a3
processName = IEXPLORE.EXE File Size = 625152 File Path = C:Program
FilesInternet ExplorerIEXPLORE.EXE ModuleMD5 =
10bdb55982586a432a3951eb19a26009
processName = PHOTOFILTRE.EXE File Size = 2347520 File Path =
C:Documents and SettingsPropriétaireMes
documentsApplicationsPhotoFiltrePhotoFiltre.exe ModuleMD5 =
5f3483207c7a407fe5f058dd76a0ac3f
processName = SPYHUNTER.EXE File Size = 2693248 File Path = C:Program
FilesEnigma Software GroupSpyHunterSpyHunter.exe ModuleMD5 =
106556f40e0366b98ff715462aa3c3e5
###########################REGISTRY MD5 DATA###########################
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN>
Name=Raccourci vers la page des propriétés de High Definition
Audio Data=HDAudPropShortcut.exe FileSize =
61952 MD5>7a11c1c4ebd2c3c52197238df4e14b
Name=SoundMan Data=SOUNDMAN.EXE FileSize =
73728 MD5f401e71c0894e3cc1b8b7a4ab7ee
Name=ASUS Probe Data=C:Program FilesASUSProbeAsusProb.exe FileSize
= 617984 MD5·e260f00988380f72ff06d2fe181d70
Name=NvCplDaemon Data=RUNDLL32.EXE
C:WINDOWSsystem32NvCpl.dll,NvStartup FileSize =
4620288 MD5p342bc15208b68242241fb0f22468fc
Name=nwiz Data=nwiz.exe /install FileSize =
921600 MD5–880791e6dde3fac08342c1d5b045ac
Name=NvMediaCenter Data=RUNDLL32.EXE
C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit FileSize =
86016 MD5Ê342993cf9b669fa62cc23fdb04d6e6
NameÊpFax Data=C:Program FilesClassic
PhoneToolsCapFax.EXE FileSize =
20739 MD5?98d6efaed887bd458e433cbc93cc3d
Name=RemoteControl Data="C:Program
FilesCyberLinkPowerDVDPDVDServ.exe" FileSize =
32768 MD5ea64d8599b5b7bd8721498e4019cf0
Name=PinnacleDriverCheck Data=C:WINDOWSsystem32PSDrvCheck.exe FileSize
= 406016 MD59d31d333c39caa9a13b738804b43284
Name=SunJavaUpdateSched Data="C:Program
FilesJavajre1.6.0_01binjusched.exe" FileSize =
83608 MD5œ1c80bbf8e6044980890e2d2d91091c
Name=TkBellExe Data="C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot FileSize =
180269 MD5Ð9a5f5c4dbd5d4dff09ab1a69812062
Name=TomTomHOME.exe Data="C:Program FilesTomTom HOMETomTomHOME.exe"
-s FileSize = 3770024 MD5.289c3325accf1d18b21eb1334e3a0b
Name=WOOWATCH Data=C:PROGRA~1WanadooWatch.exe FileSize =
20480 MD5š29592cd135f6262c429152f7a8dd4a
Name=WOOTASKBARICON Data=C:PROGRA~1WanadooGestMaj.exe
TaskBarIcon.exe FileSize = 32768 MD56f2c724cfc608872ede3cc4a7b49b9
Name=wconf32 Data=C:WINDOWSsystem32wconf32.exe FileSize =
MD5=********************************
Name=avast! Data=C:PROGRA~1ALWILS~1Avast4ashDisp.exe FileSize =
75392 MD5Ab88784128c1eb3a24a928ce58b2455
Name=AlcWzrd Data=ALCWZRD.EXE FileSize =
2550272 MD5â933ec3a03c02e4148f30c34d7abe7f
Name=Alcmtr Data=ALCMTR.EXE FileSize =
57344 MD53092f78c03419e6fe590130faff04f
Name=QuickTime Task Data="C:Program FilesQuickTimeqttask.exe"
-atboottime FileSize = 98304 MD5va3a30b58405c2c6d833895253a51a9
Name=WMC_AutoUpdate Data= FileSize = MD5 Name=BOOT Data=C:Program FilesISSENDISISSENDIS WebUpdate
v6issendiswebupdatev6.exe /BOOT FileSize =
476160 MD5&43c21cc50bd54253c67bb208439100
Name=ZoneAlarm Client Data="C:Program FilesZone
LabsZoneAlarmzlclient.exe" FileSize =
919280 MD5>1731c55f77d150791d4c7e87ad4e5c
Name=OpwareSE2 Data="C:Program
FilesScanSoftOmniPageSE2.0OpwareSE2.exe" FileSize =
49152 MD5ˆ2539219b40107d5bc0557e0088dd79
Name­obe Reader Speed Launcher Data="C:Program FilesAdobeReader
8.0ReaderReader_sl.exe" FileSize =
40048 MD5fd4456c920e21bd2188f8cc33680df5
Name=Windows Updater
Servc Data=C:WINDOWSsystem32xpuupdate.exe FileSize =
54784 MD5+5fed4db4ff6ee3f314bfa65cffeba8
Name=OoPDFSettingsv6.exe Data=C:Program FilesOFFICE One6.5OFFICE One
PDF ManagerOoPDFSettingsv6.exe FileSize =
460800 MD5å8da2d7cba3076b8f2d3bc2e91b44f8
Name=SpyHunter Data=C:Program FilesEnigma Software
GroupSpyHunterSpyHunter.exe
FileSize = 2693248 MD56556f40e0366b98ff715462aa3c3e5
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNONCEEX>
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNONCE>
<HKEY_CURRENT_USERSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN>
Name=InstantTray Data=C:Program FilesPinnacleShared
FilesInstantCDDVDPCLETray.exe FileSize =
770048 MD5jc52f83060691577daf79e1b5eba157
Name=IW_Drop_Icon Data=C:Program
FilesPinnacleInstantCDDVDInstantWriteiwctrl.exe /DropDisc FileSize
= 1123840 MD5Ybc576e079d0e7e7bccf912f947eecb
Name=IncrediMail Data=C:Program FilesIncrediMailbinIncMail.exe
/c FileSize = 204843 MD5Ì602b9fcab3c4f221d3976ede80690e
Name=WOOKIT Data=C:PROGRA~1WanadooShell.exe
appLaunchClientZone.shl|PARAM= cnx FileSize =
122880 MD5+d5e1e68614dbc6b320597856ed6ea7
Name=X'nBeep Data=C:Program FilesX'nBeep 1.0XnBeep.exe FileSize =
1048576 MD5be9a986b0ab9e870f5e66a4be6465ef
Name=Magentic Data=C:PROGRA~1MagenticbinMagentic.exe /c FileSize =
475180 MD51b07080501de3e744182a91c1328bc
Name=ctfmon.exe Data=C:WINDOWSsystem32ctfmon.exe FileSize =
15360 MD5U84247b568c2e53934873f4b655fe6a
Name=BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} Data="C:Program
FilesFichiers communsAheadLibNMBgMonitor.exe"
FileSize = MD5=********************************
<HKEY_CURRENT_USERSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNONCE>
<HKEY_USERS.DEFAULTSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN>
Name=CTFMON.EXE Data=C:WINDOWSsystem32CTFMON.EXE
FileSize = 15360 MD5U84247b568c2e53934873f4b655fe6a
<HKEY_USERS.DEFAULTSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNONCE>
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSNTCURRENTVERSIONWINDOWSAPPINIT_DLLS>
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONPOLICIESEXPLORERRUN>
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSNTCURRENTVERSIONWINLOGONSHELL>
Explorer.exe FileSize = 1036288 MD5L33e5b9a6197b6ed215f6cfba0a2daa
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSNTCURRENTVERSIONWINLOGONUSERINIT>
C:WINDOWSsystem32userinit.exe, FileSize =
25088 MD5Öd65ea32b190401b57edb6706f29669
#############################FILE MD5 DATA#############################
<C:Documents and SettingsPropriétaireMenu
DémarrerProgrammesDémarrage>
File Path = C:Documents and SettingsPropriétaireMenu
DémarrerProgrammesDémarragedesktop.ini File Size =
4096 md5Öa6856702e3f0953e7246a9b4a9fe35
File Path = C:Documents and SettingsPropriétaireMenu
DémarrerProgrammesDémarrageOFFICE One 6.5.lnk File Size =
4096 md5`39cefc58b8e8e6cdffd40047ad4077
#############################SERVICES DATA#############################
Service Name = ALG Service Display Name = Service de la passerelle de
la couche Application Opened = YES Status = Running Query =
SUCCESS Service Type = 16 Service Start Type = 3 Service Error Control
= 1 Service Binary Path = C:WINDOWSSystem32alg.exe Binary Size =
44544 Binary MD5 = 2fe681d10c5fc343dbbc0610b8dd4d24
Service Name = aswUpdSv Service Display Name = avast! iAVS4 Control
Service Opened = YES Status = Running Query = SUCCESS Service Type =
272 Service Start Type = 2 Service Error Control = 1 Service Binary
Path = "C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe" Binary
Size = 0 Binary MD5 Service Name = AudioSrv Service Display Name = Audio Windows Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = avast! Antivirus Service Display Name = avast!
Antivirus Opened = YES Status = Running Query = SUCCESS Service Type =
272 Service Start Type = 2 Service Error Control = 1 Service Binary
Path = "C:Program FilesAlwil SoftwareAvast4ashServ.exe" Binary Size
= 0 Binary MD5 Service Name = avast! Mail Scanner Service Display Name = avast! Mail
Scanner Opened = YES Status = Running Query = SUCCESS Service Type =
272 Service Start Type = 3 Service Error Control = 1 Service Binary
Path = "C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe"
/service Binary Size = 0 Binary MD5 Service Name = avast! Web Scanner Service Display Name = avast! Web
Scanner Opened = YES Status = Running Query = SUCCESS Service Type =
272 Service Start Type = 3 Service Error Control = 1 Service Binary
Path = "C:Program FilesAlwil SoftwareAvast4ashWebSv.exe"
/service Binary Size = 0 Binary MD5 Service Name = Browser Service Display Name = Explorateur
d'ordinateur Opened = YES Status = Running Query = SUCCESS Service Type
= 32 Service Start Type = 2 Service Error Control = 1 Service Binary
Path = C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size =
0 Binary MD5 Service Name = CryptSvc Service Display Name = Services de
cryptographie Opened = YES Status = Running Query = SUCCESS Service
Type = 32 Service Start Type = 2 Service Error Control = 1 Service
Binary Path = C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size =
0 Binary MD5 Service Name = DcomLaunch Service Display Name = Lanceur de processus
serveur DCOM Opened = YES Status = Running Query = SUCCESS Service Type
= 32 Service Start Type = 2 Service Error Control = 1 Service Binary
Path = C:WINDOWSsystem32svchost -k DcomLaunch Binary Size = 0 Binary
MD5 Service Name = Dhcp Service Display Name = Client DHCP Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = Dnscache Service Display Name = Client DNS Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSsystem32svchost.exe -k NetworkService Binary Size =
0 Binary MD5 Service Name = ERSvc Service Display Name = Service de rapport
d'erreurs Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 0 Service Binary Path
= C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = Eventlog Service Display Name = Journal des
événements Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32services.exe Binary Size = 108544 Binary MD5 =
732e0b1abaace15d80ec19056b0a2af9
Service Name = EventSystem Service Display Name = Système d'événements
de COM+ Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 3 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = FastUserSwitchingCompatibility Service Display Name =
Compatibilité avec le Changement rapide d'utilisateur Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 3 Service Error Control = 1 Service Binary Path =
C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = FTRTSVC Service Display Name = France Telecom Routing
Table Service Opened = YES Status = Running Query = SUCCESS Service
Type = 16 Service Start Type = 2 Service Error Control = 0 Service
Binary Path = C:WINDOWSSystem32FTRTSVC.exe Binary Size =
40960 Binary MD5 = d1261099e03eee90976ea19002995b89
Service Name = helpsvc Service Display Name = Aide et support Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = lanmanserver Service Display Name = Serveur Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = lanmanworkstation Service Display Name = Station de
travail Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = LmHosts Service Display Name = Assistance TCP/IP
NetBIOS Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k LocalService Binary Size =
0 Binary MD5 Service Name = Netman Service Display Name = Connexions réseau Opened =
YES Status = Running Query = SUCCESS Service Type = 288 Service Start
Type = 3 Service Error Control = 1 Service Binary Path =
C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = Nla Service Display Name = NLA (Network Location
Awareness) Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 3 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = NVSvc Service Display Name = NVIDIA Display Driver
Service Opened = YES Status = Running Query = SUCCESS Service Type =
16 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32nvsvc32.exe Binary Size = 127043 Binary MD5 =
190bf982638e4a0c98b334a39e50fb9f
Service Name = PlugPlay Service Display Name = Plug-and-Play Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSsystem32services.exe Binary Size = 108544 Binary MD5 =
732e0b1abaace15d80ec19056b0a2af9
Service Name = PolicyAgent Service Display Name = Services IPSEC Opened
= YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSsystem32lsass.exe Binary Size = 13312 Binary MD5 =
9f3744a5c6f49291a7a685040a013399
Service Name = ProtectedStorage Service Display Name = Emplacement
protégé Opened = YES Status = Running Query = SUCCESS Service Type =
288 Service Start Type = 2 Service Error Control = 1 Service Binary
Path = C:WINDOWSsystem32lsass.exe Binary Size = 13312 Binary MD5 =
9f3744a5c6f49291a7a685040a013399
Service Name = RasMan Service Display Name = Gestionnaire de connexions
d'accès distant Opened = YES Status = Running Query = SUCCESS Service
Type = 32 Service Start Type = 3 Service Error Control = 1 Service
Binary Path = C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size =
0 Binary MD5 Service Name = RpcSs Service Display Name = Appel de procédure distante
(RPC) Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost -k rpcss Binary Size = 0 Binary MD5 Service Name = SamSs Service Display Name = Gestionnaire de comptes de
sécurité Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32lsass.exe Binary Size = 13312 Binary MD5 =
9f3744a5c6f49291a7a685040a013399
Service Name = Schedule Service Display Name = Planificateur de
tâches Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = seclogon Service Display Name = Connexion
secondaire Opened = YES Status = Running Query = SUCCESS Service Type =
288 Service Start Type = 2 Service Error Control = 0 Service Binary
Path = C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size =
0 Binary MD5 Service Name = SENS Service Display Name = Notification d'événement
système Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = SharedAccess Service Display Name = Pare-feu Windows /
Partage de connexion Internet Opened = YES Status = Running Query =
SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control
= 1 Service Binary Path = C:WINDOWSsystem32svchost.exe -k
netsvcs Binary Size = 0 Binary MD5 Service Name = ShellHWDetection Service Display Name = Détection
matériel noyau Opened = YES Status = Running Query = SUCCESS Service
Type = 32 Service Start Type = 2 Service Error Control = 0 Service
Binary Path = C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size =
0 Binary MD5 Service Name = Spooler Service Display Name = Spouleur
d'impression Opened = YES Status = Running Query = SUCCESS Service Type
= 272 Service Start Type = 2 Service Error Control = 1 Service Binary
Path = C:WINDOWSsystem32spoolsv.exe Binary Size = 57856 Binary MD5 =
da81ec57acd4cdc3d4c51cf3d409af9f
Service Name = srservice Service Display Name = Service de restauration
système Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = SSDPSRV Service Display Name = Service de découvertes
SSDP Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 3 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k LocalService Binary Size =
0 Binary MD5 Service Name = stisvc Service Display Name = Acquisition d'image
Windows (WIA) Opened = YES Status = Running Query = SUCCESS Service
Type = 32 Service Start Type = 2 Service Error Control = 1 Service
Binary Path = C:WINDOWSsystem32svchost.exe -k imgsvc Binary Size =
0 Binary MD5 Service Name = TapiSrv Service Display Name = Téléphonie Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 3 Service Error Control = 1 Service Binary Path =
C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = TermService Service Display Name = Services Terminal
Server Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 3 Service Error Control = 1 Service Binary Path
= C:WINDOWSSystem32svchost -k DComLaunch Binary Size = 0 Binary MD5
Service Name = Themes Service Display Name = Thèmes Opened = YES Status
= Running Query = SUCCESS Service Type = 32 Service Start Type =
2 Service Error Control = 1 Service Binary Path =
C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = TrkWks Service Display Name = Client de suivi de lien
distribué Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 1 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = vsmon Service Display Name = TrueVector Internet
Monitor Opened = YES Status = Running Query = SUCCESS Service Type =
272 Service Start Type = 2 Service Error Control = 1 Service Binary
Path = C:WINDOWSsystem32ZoneLabsvsmon.exe -service Binary Size =
0 Binary MD5 Service Name = W32Time Service Display Name = Horloge Windows Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = WebClient Service Display Name = WebClient Opened =
YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSsystem32svchost.exe -k LocalService Binary Size = 0 Binary
MD5 Service Name = winmgmt Service Display Name = Infrastructure de gestion
Windows Opened = YES Status = Running Query = SUCCESS Service Type =
32 Service Start Type = 2 Service Error Control = 0 Service Binary Path
= C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5
Service Name = wscsvc Service Display Name = Centre de sécurité Opened
= YES Status = Running Query = SUCCESS Service Type = 32 Service Start
Type = 2 Service Error Control = 1 Service Binary Path =
C:WINDOWSSystem32svchost.exe -k netsvcs Binary Size = 0 Binary MD5 Service Name = wuauserv Service Display Name = Mises à jour
automatiques Opened = YES Status = Running Query = SUCCESS Service Type
= 32 Service Start Type = 2 Service Error Control = 1 Service Binary
Path = C:WINDOWSsystem32svchost.exe -k netsvcs Binary Size =
0 Binary MD5 #############################WINLOGON DATA#############################
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSNTCURRENTVERSIONWINLOGONNOTIFY>
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifycrypt32chain Filepath =
C:WINDOWSsystem32crypt32.dll File Size = 604672 File MD5 =
fd8631128e14583f135eb4b3f37ef626
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifycryptnet Filepath =
C:WINDOWSsystem32cryptnet.dll File Size = 63488 File MD5 =
344dcb5a0c57e0fc3714c5e5e5fbc232
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifycscdll Filepath =
C:WINDOWSsystem32cscdll.dll File Size = 102912 File MD5 =
fbc2cd20b107b6525dfee9f6e41dcc8b
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifyScCertProp Filepath =
C:WINDOWSsystem32wlnotify.dll File Size = 94208 File MD5 =
8201bb13554a855cabd88bbf14b2166b
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifySchedule Filepath =
C:WINDOWSsystem32wlnotify.dll File Size = 94208 File MD5 =
8201bb13554a855cabd88bbf14b2166b
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifysclgntfy Filepath =
C:WINDOWSsystem32sclgntfy.dll File Size = 22016 File MD5 =
83db3b831c845699ad4f6bfb37c4790c
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifySensLogn Filepath =
C:WINDOWSsystem32WlNotify.dll File Size = 94208 File MD5 =
8201bb13554a855cabd88bbf14b2166b
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifytermsrv Filepath =
C:WINDOWSsystem32wlnotify.dll File Size = 94208 File MD5 =
8201bb13554a855cabd88bbf14b2166b
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifyWgaLogon Filepath =
C:WINDOWSsystem32WgaLogon.dll File Size = 236928 File MD5 =
90261fa191103a9912ead72a77909089
Subkey Name = SoftwareMicrosoftWindows
NTCurrentVersionWinlogonNotifywlballoon Filepath =
C:WINDOWSsystem32wlnotify.dll File Size = 94208 File MD5 =
8201bb13554a855cabd88bbf14b2166b
##########################BROWSER ADD-ON DATA##########################
<HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar>
CLSID = {EF99BD32-C1FB-11D2-892F-0090271D4F88} FilePath = C:Program
FilesYahoo!CompanionInstallscpn0yt.dll File Size = 399424 File MD5
= 8cf01bffb40c1cd6951e5c0a4f0b90a0 Description = 0
CLSID = {FE063DB9-4EC0-403e-8DD8-394C54984B2C} FilePath = C:Program
FilesAskTBarbar1.binASKTBAR.DLL File Size = 0 File MD5 =
Description CLSID = {327C2873-E90D-4c37-AA9D-10AC9BABA46C} FilePath = C:Program
FilesCanonEasy-WebPrintToolband.dll File Size = 552960 File MD5 =
43c52daa11438ae47fd636dee1b82bf1 Description = Easy-WebPrint
<HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerExplorer Bars>
CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath =
C:WINDOWSsystem32shdocvw.dll File Size = 1497088 File MD5 =
8aebc323da591353b1e3fbfc277dfdc5
<HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerExplorer Bars>
CLSID = {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} FilePath =
C:WINDOWSsystem32SHELL32.dll File Size = 8509952 File MD5 =
7643b816720069b4fcbd220e2555625e
CLSID = {EFA24E61-B078-11D0-89E4-00C04FC9E26E} FilePath =
C:WINDOWSsystem32shdocvw.dll File Size = 1497088 File MD5 =
8aebc323da591353b1e3fbfc277dfdc5
CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath =
C:WINDOWSsystem32shdocvw.dll File Size = 1497088 File MD5 =
8aebc323da591353b1e3fbfc277dfdc5
<HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser
Helper Objects>
CLSID = {02478D38-C3F9-4EFB-9B51-7695ECA05670} FilePath = C:Program
FilesYahoo!CompanionInstallscpn0yt.dll File Size = 399424 File MD5
= 8cf01bffb40c1cd6951e5c0a4f0b90a0
CLSID = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} FilePath = C:Program
FilesFichiers communsAdobeAcrobatActiveXAcroIEHelper.dll File Size
= 62080 File MD5 = c11f6a1f61481e24be3fdc06ea6f7d2a
CLSID = {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} FilePath = C:Program
FilesCanonEasy-WebPrintEWPBrowseLoader.dll File Size = 34304 File
MD5 = f2d73150ebfc69c577bb384212527596
CLSID = {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} FilePath = C:Program
FilesJavajre1.6.0_01binssv.dll File Size = 501400 File MD5 =
70fd57d6edbed8d80c1995257c99d27e
CLSID = {9CB65201-89C4-402c-BA80-02D8C59F9B1D} FilePath = C:Program
FilesAskTBarSrchAstt1.binA5SRCHAS.DLL File Size = 0 File MD5 CLSID = {C56CB6B0-0D96-11D6-8C65-B2868B609932} FilePath = C:Program
FilesXiNetTransport 2NTIEHelper.dll File Size = 49152 File MD5 =
7bf1852adfcbf66062342c87695f3025
CLSID = {FE063DB1-4EC0-403e-8DD8-394C54984B2C} FilePath = C:Program
FilesAskTBarbar1.binASKTBAR.DLL File Size = 0 File MD5 <HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerExtensions>
CLSID = -{FB5F1910-F110-11d2-BB9E-00C04F795683} FilePath = File Size =
0 File MD5 CLSID = {08B0E5C0-4FCB-11CF-AAA5-00401C608501} FilePath =
C:WINDOWSsystem32msjava.dll File Size = 947472 File MD5 =
e75aa32c6b79c846f5314ca4da92f29e
CLSID = {85d1f590-48f4-11d9-9669-0800200c9a66} FilePath = File Size =
0 File MD5 CLSID = {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} FilePath = File Size =
0 File MD5 CLSID = {FB5F1910-F110-11d2-BB9E-00C04F795683} FilePath = File Size =
0 File MD5 <HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerExtensions>
CLSID = CmdMapping FilePath = File Size = 0 File MD5 CLSID = {1462651F-F4BA-4C76-A001-C4284D0FE16E} FilePath = File Size =
0 File MD5 <HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks>
CLSID = {08C06D61-F1F3-4799-86F8-BE1A89362C85} FilePath =
C:PROGRA~1WanadooSEARCH~1.DLL File Size = 57344 File MD5 =
4af0deca1ac2c25009e15a3d7377503f Description CLSID = {9CB65206-89C4-402c-BA80-02D8C59F9B1D} FilePath = C:Program
FilesAskTBarSrchAstt1.binA5SRCHAS.DLL File Size = 0 File MD5 =
Description CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} FilePath =
C:WINDOWSsystem32ieframe.dll File Size = 6058496 File MD5 =
8a43cc689403f001b89fc7c4d470a884 Description <HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler>
CLSID = {438755C2-A8BA-11D1-B96B-00A0C90312E1} FilePath =
C:WINDOWSsystem32browseui.dll File Size = 1022976 File MD5 =
688721dedbb428961d40ea898da337b6 Description = Pré-chargeur Browseui
CLSID = {8C7461EF-2B13-11d2-BE35-3078302C2030} FilePath =
C:WINDOWSsystem32browseui.dll File Size = 1022976 File MD5 =
688721dedbb428961d40ea898da337b6 Description = Démon de cache des
catégories de composant
##########################LSP CHAIN DATA##########################
<HKEY_LOCAL_MACHINESYSTEMCURRENTCONTROLSETSERVICESWINSOCK2PARAMETERS>
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000001
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000002
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000003
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000004
Filepath = C:WINDOWSsystem32rsvpsp.dll File Size = 90112 File MD5
= bc3752885b2ec7bf57fc6f9b23f2c8d5
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000005
Filepath = C:WINDOWSsystem32rsvpsp.dll File Size = 90112 File MD5
= bc3752885b2ec7bf57fc6f9b23f2c8d5
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000006
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000007
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000008
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000009
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000010
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000011
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000012
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000013
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000014
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
Sequence Num =
SYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9Catalog_Entries00000000015
Filepath = C:WINDOWSsystem32mswsock.dll File Size = 247808 File
MD5 = ccdd3433f3c3bd0d8502b38fd155b2f0
##########################UNINSTALL DATA##########################
<HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL>
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallAddressBook
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallAdobe
Flash Player ActiveX DisplayName = Adobe Flash Player ActiveX
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallAsfTools 3.1
DisplayName = AsfTools 3.1 (remove only)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallAskTBar Uninstall
DisplayName = Ask Toolbar
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallASUS
Probe V2.23.01 DisplayName = ASUS Probe V2.23.01
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallavast! DisplayName
= avast! Antivirus InstallLocation = C:PROGRA~1ALWILS~1Avast4
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallBranding
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallCartes
d'Anniversaire DisplayName = Micro Application - Cartes d'Anniversaire
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallCCleaner
DisplayName = CCleaner (remove only)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallCNXT_MODEM_USB_VID_145F&PID_0106
DisplayName = Trust 56K V92 USB Modem
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallConnection Manager
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallCryptextNT4
DisplayName = Cryptext (Remove Only)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallDirectAnimation
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallDirectDrawEx
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallDVD
Decrypter 3.5.4.0 Fr DisplayName = DVD Decrypter 3.5.4.0 Fr
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallDXM_Runtime
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallEasy
Video Joiner_is1 DisplayName = Easy Video Joiner 5.21
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallEasy-PhotoPrint
DisplayName = Canon Utilities Easy-PhotoPrint
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallEasy-WebPrint
DisplayName = Easy-WebPrint
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallffdshow
DisplayName = ffdshow InstallLocation = C:Program Filesffdshow
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallffdshow_is1
DisplayName = ffdshow [rev 801] [2007-01-19] InstallLocation =
C:Program Filesffdshow
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallFLVPlayer
DisplayName = FLV Player 1.3.3
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallFontcore
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallFranceTelecomUninstall_FTBrowser
DisplayName = Navigateur Orange InstallLocation =
C:PROGRA~1WanadooWOOBrowser
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallFTDICOMM
DisplayName = FTDI USB Serial Converter Drivers
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallGestionnaireInternet.exe
DisplayName = Gestionnaire Internet
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallHijackThis
DisplayName = HijackThis 1.99.1
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallICW
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallIDNMitigationAPIs
DisplayName = Microsoft Internationalized Domain Names Mitigation APIs
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallIE40
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallIE4Data
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallIE5BAKEX
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallie7
DisplayName = Windows Internet Explorer 7
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallIEData
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallIncrediMail
DisplayName = IncrediMail Xe
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallIntel(R) 537EP
Modem DisplayName = Intel(R) 537EP Modem
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallIntel® Integrated
Performance Primitives 1.1
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallIrfanView
DisplayName = IrfanView (remove only)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallISSENDIS WebUpdate
v6_is1 DisplayName = ISSENDIS WebUpdate v6
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallIZArc
3.4.1.5_is1 DisplayName = IZArc 3.4.1.5
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB873339
DisplayName = Correctif Windows XP - KB873339
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB884016
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB885835
DisplayName = Correctif Windows XP - KB885835
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB885836
DisplayName = Correctif Windows XP - KB885836
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB886185
DisplayName = Correctif Windows XP - KB886185
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB888302
DisplayName = Correctif Windows XP - KB888302
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB890859
DisplayName = Correctif Windows XP - KB890859
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB891781
DisplayName = Correctif Windows XP - KB891781
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB893756
DisplayName = Mise à jour de sécurité pour Windows XP (KB893756)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB893803
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB893803v2
DisplayName = Windows Installer 3.1 (KB893803)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB894391
DisplayName = Mise à jour pour Windows XP (KB894391)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB896358
DisplayName = Mise à jour de sécurité pour Windows XP (KB896358)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB896423
DisplayName = Mise à jour de sécurité pour Windows XP (KB896423)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB896424
DisplayName = Mise à jour de sécurité pour Windows XP (KB896424)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB896428
DisplayName = Mise à jour de sécurité pour Windows XP (KB896428)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB899587
DisplayName = Mise à jour de sécurité pour Windows XP (KB899587)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB899591
DisplayName = Mise à jour de sécurité pour Windows XP (KB899591)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB900485
DisplayName = Mise à jour pour Windows XP (KB900485)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB900725
DisplayName = Mise à jour de sécurité pour Windows XP (KB900725)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB901017
DisplayName = Mise à jour de sécurité pour Windows XP (KB901017)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB901214
DisplayName = Mise à jour de sécurité pour Windows XP (KB901214)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB902400
DisplayName = Mise à jour de sécurité pour Windows XP (KB902400)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB904706
DisplayName = Mise à jour de sécurité pour Windows XP (KB904706)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB905414
DisplayName = Mise à jour de sécurité pour Windows XP (KB905414)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB905749
DisplayName = Mise à jour de sécurité pour Windows XP (KB905749)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB908519
DisplayName = Mise à jour de sécurité pour Windows XP (KB908519)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB908531
DisplayName = Mise à jour pour Windows XP (KB908531)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB910437
DisplayName = Mise à jour pour Windows XP (KB910437)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB911280
DisplayName = Mise à jour pour Windows XP (KB911280)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB911562
DisplayName = Mise à jour de sécurité pour Windows XP (KB911562)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB911564
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB911927
DisplayName = Mise à jour de sécurité pour Windows XP (KB911927)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB912919
DisplayName = Mise à jour de sécurité pour Windows XP (KB912919)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB913433
DisplayName = Mise à jour de sécurité pour Windows XP (KB913433)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB913580
DisplayName = Mise à jour de sécurité pour Windows XP (KB913580)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB914388
DisplayName = Mise à jour de sécurité pour Windows XP (KB914388)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB914389
DisplayName = Mise à jour de sécurité pour Windows XP (KB914389)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB915865
DisplayName = Hotfix for Windows XP (KB915865)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB916595
DisplayName = Mise à jour pour Windows XP (KB916595)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB917422
DisplayName = Mise à jour de sécurité pour Windows XP (KB917422)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB917734_WMP9
DisplayName = Mise à jour de sécurité pour Lecteur Windows Media 9
(KB917734)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB917953
DisplayName = Mise à jour de sécurité pour Windows XP (KB917953)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB918118
DisplayName = Mise à jour de sécurité pour Windows XP (KB918118)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB918439
DisplayName = Mise à jour de sécurité pour Windows XP (KB918439)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB919007
DisplayName = Mise à jour de sécurité pour Windows XP (KB919007)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB920213
DisplayName = Mise à jour de sécurité pour Windows XP (KB920213)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB920670
DisplayName = Mise à jour de sécurité pour Windows XP (KB920670)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB920683
DisplayName = Mise à jour de sécurité pour Windows XP (KB920683)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB920685
DisplayName = Mise à jour de sécurité pour Windows XP (KB920685)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB920872
DisplayName = Mise à jour pour Windows XP (KB920872)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB922582
DisplayName = Mise à jour pour Windows XP (KB922582)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB922819
DisplayName = Mise à jour de sécurité pour Windows XP (KB922819)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB923191
DisplayName = Mise à jour de sécurité pour Windows XP (KB923191)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB923414
DisplayName = Mise à jour de sécurité pour Windows XP (KB923414)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB923689
DisplayName = Mise à jour de sécurité pour Windows XP (KB923689)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB923694
DisplayName = Mise à jour de sécurité pour Windows XP (KB923694)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB923980
DisplayName = Mise à jour de sécurité pour Windows XP (KB923980)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB924191
DisplayName = Mise à jour de sécurité pour Windows XP (KB924191)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB924270
DisplayName = Mise à jour de sécurité pour Windows XP (KB924270)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB924667
DisplayName = Mise à jour de sécurité pour Windows XP (KB924667)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB925398_WMP64
DisplayName = Mise à jour de sécurité pour Lecteur Windows Media 6.4
(KB925398)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB925902
DisplayName = Mise à jour de sécurité pour Windows XP (KB925902)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB926255
DisplayName = Mise à jour de sécurité pour Windows XP (KB926255)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB926436
DisplayName = Mise à jour de sécurité pour Windows XP (KB926436)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB927779
DisplayName = Mise à jour de sécurité pour Windows XP (KB927779)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB927802
DisplayName = Mise à jour de sécurité pour Windows XP (KB927802)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB927891
DisplayName = Mise à jour pour Windows XP (KB927891)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB928090-IE7
DisplayName = Mise à jour de sécurité pour Windows Internet Explorer 7
(KB928090)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB928255
DisplayName = Mise à jour de sécurité pour Windows XP (KB928255)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB928843
DisplayName = Mise à jour de sécurité pour Windows XP (KB928843)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB929123
DisplayName = Mise à jour de sécurité pour Windows XP (KB929123)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB929338
DisplayName = Mise à jour pour Windows XP (KB929338)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB929969
DisplayName = Mise à jour de sécurité pour Windows Internet Explorer 7
(KB929969)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB930178
DisplayName = Mise à jour de sécurité pour Windows XP (KB930178)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB930916
DisplayName = Mise à jour pour Windows XP (KB930916)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB931261
DisplayName = Mise à jour de sécurité pour Windows XP (KB931261)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB931768-IE7
DisplayName = Mise à jour de sécurité pour Windows Internet Explorer 7
(KB931768)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB931784
DisplayName = Mise à jour de sécurité pour Windows XP (KB931784)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB931836
DisplayName = Mise à jour pour Windows XP (KB931836)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB932168
DisplayName = Mise à jour de sécurité pour Windows XP (KB932168)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB933566-IE7
DisplayName = Mise à jour de sécurité pour Windows Internet Explorer 7
(KB933566)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB935839
DisplayName = Mise à jour de sécurité pour Windows XP (KB935839)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB935840
DisplayName = Mise à jour de sécurité pour Windows XP (KB935840)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallKB936357
DisplayName = Mise à jour pour Windows XP (KB936357)
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallMacromedia
Shockwave Player DisplayName = Macromedia Shockwave Player
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallMagentic
DisplayName = Magentic
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallMailFrontier
Desktop
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallMediaNavigation.CDLabelPrint
DisplayName = CD-LabelPrint InstallLocation = C:Program
FilesCanonCD-LabelPrint
Subkey Name =
SoftwareMicrosoftWindowsCurrentVersionUninstallMesNews_is1
DisplayName = MesNews InstallLocation = C:Program FilesMesNews
Subkey Name = SoftwareMicrosoftWindowsCurrentVersionUninstallMicro
Application - Plus de 300000 Cliparts DisplayName = Micro Application
- Plus de 300000 Cliparts
Subkey Name =
SoftwareM
Avatar
b - b er
"Beep Beep" a écrit dans le message de news:


Arff ! il faut payer : http://cjoint.com/?hmpVNKQVp2 :(


t'as pas essayé hijackthis ?
d'abord créé un point de sauvegarde

Avatar
Beep Beep
*Bonjour* *Beep Beep*
Le 12/07/2007 jour de la Saint Olivier, Beep Beep nous a écrit ceci:

Hijackthis me donne ça :


Hou la la !! il y a un sérieux ménage à faire.

Allez ici pour évaluer votre LOG et voir ce que vous devrez fixer:
http://hijackthis.de/fr


Merci je vais essayer ça ;)

--
L'adulte ne croit pas au Père Noël. Il vote.
/Pierre Desproges/


Avatar
Nina Popravka
On Thu, 12 Jul 2007 16:32:19 +0200, Beep Beep
wrote:

Allez ici pour évaluer votre LOG et voir ce que vous devrez fixer:
http://hijackthis.de/fr


Merci je vais essayer ça ;)


Commencez par essayer de passer ça :
<http://siri.urz.free.fr/Fix/SmitfraudFix.php>
vous risquez de gagner du temps.
--
Nina


1 2 3