Posez votre question Signaler

Comment se débarasser d'1 cheval de troie SVP

charlotte - Dernière réponse le 20 mars 2008 à 13:35
Bonjour,
J'ai un gros pb, avast m'a détecté un cheval de troie mais impossible de m'en débarasser :'(
Jsuis pas tres forte en informatique, j'ai simplement faire un scan avec Hijackthis et voici le "log" (jcomprends même pas cque j'écris ..)
Si qqun pouvait m'aider à le virer ca serait treeeees gentil parceque jsuis désespérée là..
Merci bcp
Logfile of HijackThis v1.99.1
Scan saved at 20:20:04, on 19/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ReparateurDeSysteme\SysRep.exe
C:\PROGRA~1\REPARA~1\ucookw.exe
C:\Program Files\Fichiers communs\ReparateurDeSysteme\strpmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\CHARLOTTE\Mes documents\ObjectDock\ObjectDock.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ToshibaBTServer.exe
C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp\ARC16\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: {85d6db34-949e-c359-3a44-fc21854f1bd2} - {2db1f458-12cf-44a3-953c-e94943bd6d58} - C:\WINDOWS\system32\solyyevl.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {93C9B380-4560-4030-9F44-430B505D042D} - C:\WINDOWS\system32\geeba.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [9452cf5a] rundll32.exe "C:\WINDOWS\system32\rsagmjug.dll",b
O4 - HKLM\..\Run: [ReparateurDeSysteme] C:\Program Files\ReparateurDeSysteme\SysRep.exe
O4 - HKLM\..\Run: [ucookw] "C:\PROGRA~1\REPARA~1\ucookw.exe" -start
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\ReparateurDeSysteme\strpmon.exe" dm=http://reparateurdesysteme.com ad=http://reparateurdesysteme.com sd=http://repay.reparateurdesysteme.com
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [BM9761fcc6] Rundll32.exe "C:\WINDOWS\system32\pfraanqf.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Documents and Settings\LA CHATTE\Mes documents\ObjectDock\ObjectDock.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.amaena.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: gebaxvv - C:\WINDOWS\
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
Lire la suite 
Réponse
+0
moins plus
Fait un Scan en ligne sur Kaspersky.com =======> http://webscanner.kaspersky.fr/kavwebscan.html
et poste le rapport


----------------------------------------------------------------------------
Il n'y a jamais de problème... Mais toujours une solution !
Ajouter un commentaire
Annonces
 
moins plus
Réponse
+0
moins plus
Salut, démarre en mode sans échec et efface tout ça:
C:\Program Files\Fichiers communs\ReparateurDeSysteme\
C:\Program Files\ReparateurDeSysteme

Ensuite, toujours en mode sans échec fais un scan avec hijackthis et fixe tout ça:
O4 - HKLM\..\Run: [9452cf5a] rundll32.exe "C:\WINDOWS\system32\rsagmjug.dll",b
O4 - HKLM\..\Run: [ucookw] "C:\PROGRA~1\REPARA~1\ucookw.exe" -start
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\ReparateurDeSysteme\strpmon.exe"
O4 - HKLM\..\Run: [BM9761fcc6] Rundll32.exe "C:\WINDOWS\system32\pfraanqf.dll",s
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

Pour démarrer en mode sans échec, tapes F5 au démarrage, choisis "Mode sans échec" avec les flèches et appuies sur enter.

Redémarre et ensuite installe spybot, fais un scan avec et poste le rapport.
http://www.01net.com/...

PS: Reparateur De Systeme, il s'est installé tout seul ou c'est toi qui l'a installé?
Ajouter un commentaire
Annonces
 
moins plus
Réponse
+0
moins plus
coucou,
merci bcp d'avoir répondu si vite,

alors pour Scarface: merci, jsuis en train de faire le scan online mais c'est super long, j'en suis à 30% des MAJ pour l'instant, donc dès que j'ai le rapport jle poste

Pr Shadow, merci pr les conseils aussi, par contre qu'est ce que tu entends par "fixe tout ça" ??
Pr le réparateur de systeme il m'a harcelée pour que je l'installe mais au final je devais payer donc je l'ai désinstaller, voilou
Utilisateur anonyme - 19 mars 2008 à 21:12
Alors tu coches toutes les cases avec marqué ce que j'ai indiqué puis tu cliques sur "Fix checked".
Ensuite tu redémarres.
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
Bon, j'ai 3 beaux virus, voilà le rapport du scan de Kaspersky :

Statistiques de l'analyse
Total d'objets analysés 69455
Nombre de virus trouvés 3
Nombre d'objets infectés 3 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:56:29

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\002a_File_Monitoring_eventcritlog.rpt L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\002a_File_Monitoring_eventlog.rpt L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\002c_Web_Monitoring_eventlog.rpt L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\002d_pdm_eventcritlog.rpt L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\002d_pdm_eventlog.rpt L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\detected.idx L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\detected.rpt L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\eventlog.rpt L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\report.rpt L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\791576950ebfab18ffae65fe78f04804_f5b2890d-379a-4967-b757-996c35f5a896 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\.housecall6.6\log\engine0.log L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\.housecall6.6\log\engine0.log.lck L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\.housecall6.6\log\error0.log L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\.housecall6.6\log\error0.log.lck L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\.housecall6.6\log\execution0.log L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\.housecall6.6\log\execution0.log.lck L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\appLauncher_all_log.txt L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\DM_log.txt L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\HookStarter_log.txt L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\SpecificUSB_log.txt L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\TlibCmnDlgs_log.txt L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Application Data\Sun\Java\Deployment\log\plugin142_03.trace L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Application Data\BVRP Software\NetWaiting\MoHlog.txt L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Historique\History.IE5\MSHist012008031920080320\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\hsperfdata_LA CHATTE\2596 L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\wavvsnet.exe Infecté : Trojan-Downloader.Win32.Small.swa ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\xrun.exe Infecté : Trojan-Downloader.Win32.Agent.brq ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\xx2 L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\xx3 L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\xx4 L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\xx5 L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\xx6 L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temp\~DFF665.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LA CHATTE\UserData\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP2\change.log L'objet est verrouillé ignoré

C:\WINDOWS\17PHolmes572.exe Infecté : Trojan-Downloader.Win32.Agent.lbx ignoré

C:\WINDOWS\CSC\00000001 L'objet est verrouillé ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt L'objet est verrouillé ignoré

C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{5A464D7E-62F6-4C99-82CF-8357779F1AFC}.crmlog L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\fidbox.dat L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\fidbox.idx L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\fidbox2.dat L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\fidbox2.idx L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a065ab459.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a065abbf3.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a0dd306ce.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a0dd30e50.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a0df4a92e.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a0df5a319.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a0e1b4947.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a0e1b502f.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a0e297439.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a0e2b226d.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a107c2618.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a107c3073.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a107c4c72.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a107c5366.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a17587549.htp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\cch~a17587b04.htp L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.





Maintenant jvais faire cque tu m'as dis Shadow
Ajouter un commentaire
Réponse
+0
moins plus
et on smoque pas du nom d'utilisateur c'est pas moi qui l'ai mis
Ajouter un commentaire
Réponse
+0
moins plus
REBONSOIR,

Pour Shadow: j'ai fait tout c'que tu m'as dit , voilà le rapport spybot, par contre il est super long, mais j'ai pas pu inclure les BHOs (jsais même pas ce que c'est en passant), sinon il me disait "cannot open file windows system32geeba dll" donc j'ai décoché BHOs.
Voilà si qqun arrive à m'aider avec tout ça (rapports kaspersky plus haut et spybot ici) ça serait sympa..
sur ce bonne nuit et merci pour votre aide:D

le rapport spybot :


--- Search result list ---
Virtumonde.dll: [SBI $8AEDD710] Bibliothèque (Fichier, nothing done)
C:\WINDOWS\system32\pfraanqf.dll

Virtumonde.dll: [SBI $8AEDD710] Bibliothèque (Fichier, nothing done)
C:\WINDOWS\system32\rsagmjug.dll

Virtumonde.dll: [SBI $8AEDD710] Bibliothèque (Fichier, nothing done)
C:\WINDOWS\system32\solyyevl.dll

Virtumonde.dll: [SBI $E6921A50] Browser helper object (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2db1f458-12cf-44a3-953c-e94943bd6d58}

Virtumonde.dll: [SBI $E6921A50] Class ID (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2db1f458-12cf-44a3-953c-e94943bd6d58}

Virtumonde: [SBI $42352499] Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-4208222236-587137771-2317632361-1005\Software\Microsoft\rdfa

Virtumonde: [SBI $7342F9D9] Réglages (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-4208222236-587137771-2317632361-1005\Software\Microsoft\aldd

WebTrends live: Cookie traceur (Internet Explorer: LA CHATTE) (Cookie, nothing done)


DoubleClick: Cookie traceur (Internet Explorer: LA CHATTE) (Cookie, nothing done)


BlueStreak: Cookie traceur (Internet Explorer: LA CHATTE) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---

2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2007-06-23 unins000.exe (51.41.0.0)
2008-03-19 unins001.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-03-19 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-03-19 Includes\DialerC.sbi (*)
2008-03-19 Includes\HeavyDuty.sbi (*)
2008-03-19 Includes\Hijackers.sbi (*)
2008-03-19 Includes\HijackersC.sbi (*)
2008-02-27 Includes\Keyloggers.sbi (*)
2008-03-19 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-03-12 Includes\Malware.sbi (*)
2008-03-19 Includes\MalwareC.sbi (*)
2008-02-20 Includes\PUPS.sbi (*)
2008-03-19 Includes\PUPSC.sbi (*)
2008-03-19 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-03-19 Includes\SecurityC.sbi (*)
2008-03-19 Includes\Spybots.sbi (*)
2008-03-19 Includes\SpybotsC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-03-19 Includes\Trojans.sbi (*)
2008-03-19 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- Startup entries list ---
Located: HK_LM:Run, AVP
command: "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
file: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
size: 227856
MD5: 7519905CD74F26E9385B83BF2EF242C2

Located: HK_LM:Run, Dell QuickSet
command: C:\Program Files\Dell\QuickSet\quickset.exe
file: C:\Program Files\Dell\QuickSet\quickset.exe
size: 1032192
MD5: 90753C9E5C84B3EC5C299B554E5A86E3

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2CA827BA68D0CDB5437C40C6F53D7F20

Located: HK_LM:Run, DVDLauncher
command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 49152
MD5: FDD5D54D4EACCE42B260225863F9A0F0

Located: HK_LM:Run, ehTray
command: C:\WINDOWS\ehome\ehtray.exe
file: C:\WINDOWS\ehome\ehtray.exe
size: 67584
MD5: 7E48B4958C131E9643DDCD2E7CA3FE9F

Located: HK_LM:Run, igfxhkcmd
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 19D63CF10330B51FD42ABB1D4D39D0C4

Located: HK_LM:Run, igfxpers
command: C:\WINDOWS\system32\igfxpers.exe
file: C:\WINDOWS\system32\igfxpers.exe
size: 118784
MD5: 697963452107C59BE69A67BEE54E3EAC

Located: HK_LM:Run, igfxtray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 98304
MD5: 45985C1B266666CB7BBAC01428AC2FAD

Located: HK_LM:Run, IntelWireless
command: "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
file: C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
size: 602182
MD5: D5EE985D5A8B5C5E83BAEAA7D16D13EA

Located: HK_LM:Run, IntelZeroConfig
command: "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
file: C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
size: 667718
MD5: F6E9967938C20C4D10122D9716E7BEAA

Located: HK_LM:Run, ISUSPM Startup
command: "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
file: C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
size: 249856
MD5: 9E109B03018763FDCB075CE74547BE22

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 583B7D111304BE63D7D9CB65482D2187

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 020B109C1D515879C04A36D6BCA949B8

Located: HK_LM:Run, LogitechVideoRepair
command: C:\Program Files\Logitech\Video\ISStart.exe
file: C:\Program Files\Logitech\Video\ISStart.exe
size: 458752
MD5: 93C8B9C6FD3D243D4B2C8C03C44B18E9

Located: HK_LM:Run, LVCOMSX
command: C:\WINDOWS\system32\LVCOMSX.EXE
file: C:\WINDOWS\system32\LVCOMSX.EXE
size: 221184
MD5: 5BA8A7DA5D0573F7923E02B260AAD2F1

Located: HK_LM:Run, MSKDetectorExe
command: C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
file: C:\Program Files\McAfee\SpamKiller\MSKDetct.exe
size: 1117184
MD5: 60EAC5EBBF0849010CB6941D44E39AB6

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 385024
MD5: F89DA660C511652EE511FE3AB2F04BFC

Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, SigmatelSysTrayApp
command: stsystra.exe
file: C:\WINDOWS\stsystra.exe
size: 282624
MD5: AD2506958DE1937C16C553C0A1BE0572

Located: HK_LM:Run, Sony Ericsson PC Suite
command: "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
file: C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
size: 741376
MD5: 347AAF174E9688C4F15A37FC960419B4

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
file: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ED85B344E6EDC30C1BC57EC1A2A56BF3

Located: HK_LM:Run, SynTPEnh
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 761947
MD5: ABB85828C394CEACACBC90373C59C529

Located: HK_LM:Run, UserFaultCheck
command: %systemroot%\system32\dumprep 0 -u
file: C:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: B1388BF29A0522C7CCD08A563383401B

Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, CTFMON.EXE
where: PE_C_ADMINISTRATEUR...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, ModemOnHold
where: PE_C_ADMINISTRATEUR...
command: C:\Program Files\NetWaiting\netWaiting.exe
file: C:\Program Files\NetWaiting\netWaiting.exe
size: 20480
MD5: 676B1D0BFA5EF8005395AB43F33DE1F1

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-21-4208222236-587137771-2317632361-1005...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, LogitechSoftwareUpdate
where: S-1-5-21-4208222236-587137771-2317632361-1005...
command: "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
file: C:\Program Files\Logitech\Video\ManifestEngine.exe
size: 196608
MD5: 660B6158BC2BC5D7CB1FF18D148C17AA

Located: HK_CU:Run, ModemOnHold
where: S-1-5-21-4208222236-587137771-2317632361-1005...
command: C:\Program Files\NetWaiting\netWaiting.exe
file: C:\Program Files\NetWaiting\netWaiting.exe
size: 20480
MD5: 676B1D0BFA5EF8005395AB43F33DE1F1

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-4208222236-587137771-2317632361-1005...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F

Located: HK_CU:Run, swg
where: S-1-5-21-4208222236-587137771-2317632361-1005...
command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE

Located: HK_CU:Run, Uniblue RegistryBooster 2
where: S-1-5-21-4208222236-587137771-2317632361-1005...
command: C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: Démarrage (tous utilisateurs), Bluetooth Manager.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
file: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
size: 49152
MD5: 7BB625CFE318AD06770218625FBDAE6C

Located: Démarrage (tous utilisateurs), Digital Line Detect.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Digital Line Detect\DLG.exe
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: B66E56733E2CD6A10FDA5919625FBF46

Located: Démarrage (tous utilisateurs), Microsoft Office.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5BC65464354A9FD3BEAA28E18839734A

Located: Démarrage (utilisateur), OpenOffice.org 2.3.lnk
where: C:\Documents and Settings\LA CHATTE\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
size: 393216
MD5: 01F7BA16BC60D65149FA36F355319171

Located: Démarrage (utilisateur), RocketDock.lnk
where: C:\Documents and Settings\LA CHATTE\Menu Démarrer\Programmes\Démarrage...
command: C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
file: C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
size: 630784
MD5: 4AC28B51530D3A93B3F27EB7A72F575F

Located: Démarrage (utilisateur), Stardock ObjectDock.lnk
where: C:\Documents and Settings\LA CHATTE\Menu Démarrer\Programmes\Démarrage...
command: C:\Documents and Settings\LA CHATTE\Mes documents\ObjectDock\ObjectDock.exe
file: C:\Documents and Settings\LA CHATTE\Mes documents\ObjectDock\ObjectDock.exe
size: 1802309
MD5: 92CF9FA2842DB30C67D3F556B2F4D774

Located: Démarrage (utilisateur), Yahoo! Widget Engine.lnk
where: C:\Documents and Settings\LA CHATTE\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, klogon
command: C:\WINDOWS\system32\klogon.dll
file: C:\WINDOWS\system32\klogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- ActiveX list ---
{00000055-9980-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\fhg.inf
Codebase: http://codecs.microsoft.com/codecs/i386/fhg.CAB
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.

{00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class)
DPF name:
CLSID name: Checkers Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
description:
classification: Legitimate
known filename: msgrchkr.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: msgrchkr.dll
Short name:
Date (created): 29/05/2003 15:00:18
Date (last access): 20/03/2008 00:20:20
Date (last write): 29/05/2003 15:00:18
Filesize: 77408
Attributes: archive
MD5: 42D567DF86B9B7AC4A89664C9651B68B
CRC32: 47FF3D19
Version: 7.1.9502.1

{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object)
DPF name:
CLSID name: CKAVWebScan Object
Installer: C:\WINDOWS\Downloaded Program Files\kavwebscan.inf
Codebase: http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\
Long name: kavwebscan.dll
Short name: KAVWEB~1.DLL
Date (created): 20/03/2006 13:17:20
Date (last access): 20/03/2008 00:20:22
Date (last write): 20/03/2006 13:17:20
Filesize: 798720
Attributes: archive
MD5: F74B09086C2097BC535C5DCCCD3402AC
CRC32: 01AA9D3D
Version: 5.0.83.0

{14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
description:
classification: Legitimate
known filename: MessengerStatsPAClient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~2.DLL
Date (created): 06/04/2004 19:03:54
Date (last access): 20/03/2008 00:20:20
Date (last write): 06/04/2004 19:03:54
Filesize: 172072
Attributes: archive
MD5: 94D1773AEAA2197AFEE3A6F8404FE4E9
CRC32: 76C3823D
Version: 9.2.7513.1

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\macromed\Director\
Long name: swdir.dll
Short name:
Date (created): 24/06/2007 11:32:22
Date (last access): 20/03/2008 01:02:02
Date (last write): 02/05/2007 11:32:04
Filesize: 182512
Attributes:
MD5: 95F03ABE4B96C50CF4DA8245819138E4
CRC32: 12E5BB80
Version: 10.2.0.22

{2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
DPF name:
CLSID name: Minesweeper Flags Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
description:
classification: Legitimate
known filename: minesweeper.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: minesweeper.dll
Short name: MINESW~1.DLL
Date (created): 29/05/2003 15:00:22
Date (last access): 20/03/2008 00:20:20
Date (last write): 29/05/2003 15:00:22
Filesize: 84064
Attributes: archive
MD5: F951FD0EA383DF2D49CA0359E4A86968
CRC32: 50A69718
Version: 7.1.9502.1

{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support)
DPF name:
CLSID name: Installation Support
Installer:
Codebase: C:\Program Files\Yahoo!\Common\Yinsthelper.dll
description: Yahoo! Installation helper
classification: Legitimate
known filename: %SystemRoot%\Downloaded Program Files\yinsthelper.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Yahoo!\Common\
Long name: YInstHelper.dll
Short name: YINSTH~1.DLL
Date (created): 16/03/2007 03:13:06
Date (last access): 20/03/2008 00:20:20
Date (last write): 16/03/2007 03:13:06
Filesize: 209448
Attributes: archive
MD5: 4380A4799E826AF03FD975B4A71E9268
CRC32: 423BF1F7
Version: 2007.3.15.1

{5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class)
DPF name:
CLSID name: UnoCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\GAME_UNO1.INF
Codebase: http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
description:
classification: Legitimate
known filename: unomsnger.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: GAME_UNO1.dll
Short name: GAME_U~1.DLL
Date (created): 22/11/2006 23:22:42
Date (last access): 20/03/2008 00:20:20
Date (last write): 22/11/2006 23:22:42
Filesize: 372736
Attributes: archive
MD5: 491C8F47C0DCFBC1B1329B9B368AA78F
CRC32: 5BFD37C9
Version: 1.0.1123.1

{67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object)
DPF name:
CLSID name: DivXBrowserPlugin Object
Installer: C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf
Codebase: http://download.divx.com/player/DivXBrowserPlugin.cab
description:
classification: Legitimate
known filename: npdivx32.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\DivX\DivX Web Player\
Long name: npdivx32.dll
Short name:
Date (created): 19/12/2007 02:58:04
Date (last access): 20/03/2008 00:20:24
Date (last write): 19/12/2007 02:58:04
Filesize: 1335600
Attributes: archive
MD5: 56E18C09654020009012A53FD332D397
CRC32: 56B7CC16
Version: 1.4.0.233

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 19/11/2003 17:48:18
Date (last access): 20/03/2008 00:20:18
Date (last write): 19/11/2003 17:48:12
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30

{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
description:
classification: Legitimate
known filename: messengerstatsclient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: messengerstatsclient.dll
Short name: MESSEN~1.DLL
Date (created): 29/05/2003 15:00:20
Date (last access): 20/03/2008 00:20:20
Date (last write): 29/05/2003 15:00:20
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 7.1.9502.1

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class)
DPF name:
CLSID name: ZoneIntro Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
description:
classification: Legitimate
known filename: ZIntro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZIntro.ocx
Short name:
Date (created): 18/07/2006 14:35:06
Date (last access): 20/03/2008 00:20:20
Date (last write): 18/07/2006 14:35:06
Filesize: 151080
Attributes: archive
MD5: 62E2EB8AAF9800D6CB9983B0D32BF781
CRC32: D5CAAEA6
Version: 9.4.7946.1

{C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar)
DPF name:
CLSID name: MediaBar
Installer: C:\WINDOWS\Downloaded Program Files\MusicManager.inf
Codebase: http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
description:
classification: Legitimate
known filename: MusicManagerPlugin.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MusicManagerPlugin.ocx
Short name: MUSICM~1.OCX
Date (created): 26/09/2006 14:53:18
Date (last access): 20/03/2008 00:20:22
Date (last write): 26/09/2006 14:53:18
Filesize: 1074880
Attributes: archive
MD5: 474D3DF4B70E29C4C2F8636DB0A98D47
CRC32: 17BBADE2
Version: 11.1.0.1052

{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi142_03.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 19/11/2003 17:48:18
Date (last access): 20/03/2008 00:20:18
Date (last write): 19/11/2003 17:48:12
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9e.ocx
Short name:
Date (created): 21/11/2007 01:04:14
Date (last access): 20/03/2008 01:02:02
Date (last write): 21/11/2007 01:04:14
Filesize: 2987392
Attributes: readonly archive
MD5: D3C50535C26190FEAD7785A03499C0AC
CRC32: A77C3E92
Version: 9.0.115.0



--- Process list ---
PID: 0 ( 0) [System]
PID: 1796 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 1856 (1796) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 1884 (1796) \??\C:\WINDOWS\system32\winlogon.exe
size: 506368
PID: 1928 (1884) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
PID: 1940 (1884) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 9F3744A5C6F49291A7A685040A013399
PID: 244 (1928) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 324 (1928) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 408 (1928) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 468 (1928) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
size: 114753
MD5: ED9C755312F29D55B8C815EEC7115635
PID: 572 (1928) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
size: 540745
MD5: B792F2C647B1FC3E4987DE582EE00FE3
PID: 632 (1928) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
size: 262217
MD5: AFB5A2A79BB01699A269C316D8B9BEF1
PID: 872 (1928) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1052 (1928) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1536 (1928) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1716 (1592) C:\WINDOWS\Explorer.EXE
size: 979456
MD5: 80A5400514EB32D393654768C4017E46
PID: 936 (1928) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 110592
MD5: 1961CB10BB48EB4D97E37DB6373E9E63
PID: 1024 (1928) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
size: 227856
MD5: 7519905CD74F26E9385B83BF2EF242C2
PID: 1116 (1928) C:\Program Files\Bonjour\mDNSResponder.exe
size: 229376
MD5: CFD4C3352E29A8B729536648466E8DF5
PID: 1168 (1928) C:\WINDOWS\eHome\ehRecvr.exe
size: 237568
MD5: 5D1347AA5AE6E2F77D7F4F8372D95AC9
PID: 1312 (1928) C:\WINDOWS\eHome\ehSched.exe
size: 103424
MD5: 980EEEA91776357518892C5544768E2B
PID: 992 (1928) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
size: 380928
MD5: 11D8A00C7EFF1AAEC8E8464769C84A3D
PID: 1376 (1928) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
size: 217164
MD5: 6F81C8A63FB824EB8A2401AB45795553
PID: 516 (1928) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1044 (1928) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1684 (1928) C:\WINDOWS\ehome\mcrdsvc.exe
size: 99328
MD5: 52404CC76E9D53843BDF97564BB16BED
PID: 2660 ( 244) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 218112
MD5: DB493DD6BC2FA5B38811F2BCDCF03D2B
PID: 2704 (1716) C:\WINDOWS\ehome\ehtray.exe
size: 67584
MD5: 7E48B4958C131E9643DDCD2E7CA3FE9F
PID: 2764 (1716) C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 19D63CF10330B51FD42ABB1D4D39D0C4
PID: 2812 (1716) C:\WINDOWS\system32\igfxpers.exe
size: 118784
MD5: 697963452107C59BE69A67BEE54E3EAC
PID: 2848 (1716) C:\WINDOWS\stsystra.exe
size: 282624
MD5: AD2506958DE1937C16C553C0A1BE0572
PID: 2856 ( 244) C:\WINDOWS\system32\igfxsrvc.exe
size: 159744
MD5: 93084839F7517112829F2A26F486E8CF
PID: 2872 (1716) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 761947
MD5: ABB85828C394CEACACBC90373C59C529
PID: 2888 (1716) C:\Program Files\Dell\QuickSet\quickset.exe
size: 1032192
MD5: 90753C9E5C84B3EC5C299B554E5A86E3
PID: 2912 (1716) C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
size: 667718
MD5: F6E9967938C20C4D10122D9716E7BEAA
PID: 2920 (1716) C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
size: 602182
MD5: D5EE985D5A8B5C5E83BAEAA7D16D13EA
PID: 2932 (1716) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 49152
MD5: FDD5D54D4EACCE42B260225863F9A0F0
PID: 2952 (1716) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2CA827BA68D0CDB5437C40C6F53D7F20
PID: 2984 (1716) C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 583B7D111304BE63D7D9CB65482D2187
PID: 3180 (1716) C:\WINDOWS\system32\LVCOMSX.EXE
size: 221184
MD5: 5BA8A7DA5D0573F7923E02B260AAD2F1
PID: 3328 (1716) C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
size: 741376
MD5: 347AAF174E9688C4F15A37FC960419B4
PID: 3356 (1716) C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ED85B344E6EDC30C1BC57EC1A2A56BF3
PID: 3428 (1716) C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 020B109C1D515879C04A36D6BCA949B8
PID: 3460 (1716) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
size: 227856
MD5: 7519905CD74F26E9385B83BF2EF242C2
PID: 3524 (1716) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A
PID: 3596 (1716) C:\Program Files\NetWaiting\netWaiting.exe
size: 20480
MD5: 676B1D0BFA5EF8005395AB43F33DE1F1
PID: 3740 (1716) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F
PID: 2324 (1716) C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: B66E56733E2CD6A10FDA5919625FBF46
PID: 2312 (4084) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
size: 1724416
MD5: 9D855B7EBCB1A1ED5EC43B694979EAFF
PID: 2056 (1928) C:\WINDOWS\system32\dllhost.exe
size: 5120
MD5: D66259C3BCEFC9CAEB481ED52A4EAC74
PID: 3832 (3576) C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
size: 2359296
MD5: AA3642A049F60B45CD60267ACC9BADB8
PID: 1264 (1928) C:\Program Files\iPod\bin\iPodService.exe
size: 504104
MD5: E1BD28CA09EE8F30E8EDBD6C19F5579D
PID: 1572 (1716) C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
size: 630784
MD5: 4AC28B51530D3A93B3F27EB7A72F575F
PID: 1972 (3832) C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
size: 2510848
MD5: 36696FFBD8F958F478B161AB6096DA05
PID: 3948 (1716) C:\Documents and Settings\LA CHATTE\Mes documents\ObjectDock\ObjectDock.exe
size: 1802309
MD5: 92CF9FA2842DB30C67D3F556B2F4D774
PID: 4064 ( 244) C:\WINDOWS\eHome\ehmsas.exe
size: 46592
MD5: DAEFB050AC8FEE4F1097FCF7CB97220E
PID: 596 (1928) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 2FE681D10C5FC343DBBC0610B8DD4D24
PID: 2424 ( 244) C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
size: 397381
MD5: 3AC4E603C4F070C039C29EDBC45D7DE6
PID: 940 (2312) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
size: 290816
MD5: 3104A5C808E913DCFE5B157BDF9CA141
PID: 3384 (2312) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
size: 65536
MD5: 65820F0BE9E3025FDB0F35B64C2D0EE2
PID: 1656 (2312) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
size: 217088
MD5: B91DBDAB0B2691F405CCE914668DB675
PID: 3692 (1928) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 980 (2312) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
size: 311296
MD5: A0CEC37E8900A93A17DE38A495759176
PID: 2636 (1716) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 2703D940A62B731AA220529DD7331A78
PID: 4892 ( 980) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
size: 2134016
MD5: 3DE893A48238E1A909DFF9904842F0FD
PID: 4408 ( 244) C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
size: 983040
MD5: D365F1AD3C1F86A0A8B0022ACF6328A2
PID: 2632 ( 244) C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
size: 880640
MD5: BD8E8C481486767CCD0971E3E7F3A4CA
PID: 5508 ( 244) C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ToshibaBTServer.exe
size: 69632
MD5: C4C5B3F206FF829CAF43041CCBD705AC
PID: 5308 (1716) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5146448
MD5: 2ECA8CDEED7C82F879E766DA92A3561A
PID: 4344 (1716) C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5674352
MD5: A7EFC7EA7EF6FB022A8A95813EDCBE5D
PID: 2864 (1928) C:\Program Files\MSN Messenger\usnsvc.exe
size: 97136
MD5: C5B70A6AA947667CE0E5FC84A05EC8B6
PID: 1288 ( 244) C:\Program Files\MSN Messenger\livecall.exe
size: 297752
MD5: 7C4313105E0E459CE97DFFD40C17A39E
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 20/03/2008 01:06:30

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.msn.fr/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dell.fr/myway
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AE6170B4-D56D-48AA-990C-39E9BBCB71D5}] SEQPACKET 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AE6170B4-D56D-48AA-990C-39E9BBCB71D5}] DATAGRAM 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{188B9CA0-DFDC-40EC-AADD-6582AF5D42B6}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{188B9CA0-DFDC-40EC-AADD-6582AF5D42B6}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4832EB85-2FCF-4E2B-8EA6-B963E21952B2}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4832EB85-2FCF-4E2B-8EA6-B963E21952B2}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2779ECC4-BB0A-496D-845F-F0B5575B862C}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2779ECC4-BB0A-496D-845F-F0B5575B862C}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6AC58645-D64B-4FD1-A2B9-4E27E61F71B9}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6AC58645-D64B-4FD1-A2B9-4E27E61F71B9}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3FC476EB-2F10-4A86-9F41-47C87C9FCC95}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3FC476EB-2F10-4A86-9F41-47C87C9FCC95}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E0507D49-E8EA-4C56-8A38-7BDF26D09110}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E0507D49-E8EA-4C56-8A38-7BDF26D09110}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{817AA62D-B35C-4F03-A0BD-68F9D9461D65}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{817AA62D-B35C-4F03-A0BD-68F9D9461D65}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{BE59FE04-2F88-4057-AF17-E74661568AA9}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{BE59FE04-2F88-4057-AF17-E74661568AA9}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{95382095-060B-4999-93D0-AC3393C07575}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{95382095-060B-4999-93D0-AC3393C07575}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B255C6FB-2373-4838-8ABF-84D8656C7386}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B255C6FB-2373-4838-8ABF-84D8656C7386}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip_{000F3780-7312-4B50-A82F-8505A057A56C}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip_{000F3780-7312-4B50-A82F-8505A057A56C}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Espace de noms NLA (Network Location Awareness)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 3: mdnsNSP
GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
Filename: C:\Program Files\Bonjour\mdnsNSP.dll
Description: Apple Rendezvous protocol
DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
DB protocol: mdnsNSP
Ajouter un commentaire
Réponse
+0
moins plus
Ajouter un commentaire
Ce document intitulé «  comment se débarasser d'1 cheval de troie SVP  » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.

Vous n'êtes pas encore membre ?

inscrivez-vous, c'est gratuit et ça prend moins d'une minute !

Les membres obtiennent plus de réponses que les utilisateurs anonymes.

Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes.

Le fait d'être membre vous permet d'avoir des options supplémentaires.