Forum Clubic

Virus Zlob.Downloader.vcd

Salut a tous !
Chose originale je suis infecte par le joli virus qui mets des cafards et essai de se connecter pour telecharger un super antivirus…que je ne veux pas bien sur !! :slight_smile:
Je pense avoir pu stopper le virus grace a spybot et mon firewall mais je n’ai pas encore reussi a me debarasser de ce fichu virus.

Voici le fichier HijackThis.

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06: VIRUS ALERT!, on 23/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Dassault Systemes\B15\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Symantec\Ghost\ngserver.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Symantec\Ghost\bin\dbserv.exe
C:\Program Files\Symantec\Ghost\bin\rteng9.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
C:\Program Files\Symantec\Ghost\ngtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iPod\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Jeppesen\EFB\AppMgr\JEPDTLP\DataLoader.exe
C:\Program Files\Jeppesen\EFB\AppMgr\JEPSDLP\StandAloneDataLoader.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Protection Sauvegarde\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = softwarereferral.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: QXK Olive - {5A979B6A-1ABE-4B63-A24F-7A0B72AEC7D5} - C:\WINDOWS\nogxfvblxsk.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: nmwegbsf - {8255476E-97F9-470F-9190-031DD1941B74} - C:\WINDOWS\nmwegbsf.dll
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM…\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe boot
O4 - HKLM…\Run: [Ai Quicker Help] “C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe”
O4 - HKLM…\Run: [ATICCC] “C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [NGTray] “C:\Program Files\Symantec\Ghost\ngtray.exe”
O4 - HKLM…\Run: [LifeCam] “C:\Program Files\Microsoft LifeCam\LifeExp.exe”
O4 - HKLM…\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM…\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iPod\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [Sony Ericsson PC Suite] “C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” /startoptions
O4 - HKLM…\Run: [Adobe Photo Downloader] “C:\Program Files\Adobe\Photoshop Album Edition D?couverte\3.0\Apps\apdproxy.exe”
O4 - HKLM…\Run: [lphcrn6j0e3dc] C:\WINDOWS\system32\lphcrn6j0e3dc.exe
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\Run: [BitTorrent DNA] “C:\Program Files\DNA\btdna.exe”
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE R?SEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: Jeppesen EFB Data Loader.lnk = C:\Program Files\Jeppesen\EFB\AppMgr\JEPDTLP\DataLoader.exe
O4 - Global Startup: Jeppesen Stand Alone Data Loader.lnk = C:\Program Files\Jeppesen\EFB\AppMgr\JEPSDLP\StandAloneDataLoader.exe
O4 - Global Startup: Jeppesen Update Manager.lnk = C:\Program Files\Jeppesen\DataManagement\Applications\JEPJUMP\JUM.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE…
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contr?leur de DownloadManager) - dlm.tools.akamai.com…
O17 - HKLM\System\CCS\Services\Tcpip…{AEE8FAC3-C16D-4B94-AB10-E72ECFD83873}: NameServer = 212.27.54.252,212.27.53.252
O21 - SSODL: erpobmsw - {70707F82-8C2A-4159-AB51-534842416836} - C:\WINDOWS\erpobmsw.dll
O21 - SSODL: adgpfoxs - {8E54F683-AF20-40DF-BF42-DC5D47F8A67F} - C:\WINDOWS\adgpfoxs.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B15\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec Ghost Database Service Wrapper (NGDBSERV) - Symantec Corporation - C:\Program Files\Symantec\Ghost\bin\dbserv.exe
O23 - Service: Symantec Ghost Configuration Server (NGSERVER) - Symantec Corporation - C:\Program Files\Symantec\Ghost\ngserver.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe


End of file - 8659 bytes
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

Si je comprend bien les tutoriaux il faudrait que je supprime les lignes O16 et O17. Est ce bien ca ? Voyez vous quelque chose de suspect dqns les lignes O4? En ai je oublie(le O21 et le R0 peut etre)?

Ensuite il faut que je balaie avec l’antivirus puis que je nettoie avec cc cleaner, non? Quel antivirus conseilleriez vous . AVG, antivir ou un autre ?

Merci d’avance.

PS pour info voici le rapport de spybot, si ca vous inspire… :wink:

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
— Search result list —
Microsoft.Windows.Explorer: [SBI $4272AA01] RÈglages utilisateur (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1060284298-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders

Microsoft.Windows.System: [SBI $D619D565] RÈglages (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1060284298-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage

Microsoft.Windows.System: [SBI $8E2F7540] RÈglages utilisateur (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1060284298-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCpl

Microsoft.Windows.System: [SBI $7F8E43F4] RÈglages utilisateur (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1060284298-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage

Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] RÈglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride

Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] RÈglages (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1060284298-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr

Microsoft.WindowsSecurityCenter.RegistryTools: [SBI $D60CD1E3] RÈglages (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1060284298-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableRegistryTools

Microsoft.Windows.System: [SBI $38594624] RÈglages (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1060284298-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms

Zlob.Downloader.vcd: [SBI $D8DF6192] RÈglages (ClÈ du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VideoPlugin

— Spybot - Search & Destroy version: 1.5 (build: 20070830) —

2007-08-31 blindman.exe (1.0.0.6)
2007-08-31 SDMain.exe (1.0.0.4)
2007-08-31 SDUpdate.exe (1.0.6.4)
2007-08-31 SDWinSec.exe (1.0.0.8)
2007-08-31 SpybotSD.exe (1.5.1.15)
2007-08-31 TeaTimer.exe (1.5.0.9)
2007-11-25 unins000.exe (51.46.0.0)
2007-08-31 Update.exe (1.4.0.5)
2007-08-31 advcheck.dll (1.5.3.0)
2007-04-02 aports.dll (2.1.0.0)
2007-04-02 DelZip179.dll (1.79.5.3)
2007-08-31 SDHelper.dll (1.5.0.8)
2007-08-31 Tools.dll (2.1.2.0)
2007-11-21 Includes\Cookies.sbi ()
2007-10-31 Includes\Dialer.sbi (
)
2007-11-21 Includes\DialerC.sbi ()
2007-11-07 Includes\Hijackers.sbi (
)
2007-11-21 Includes\HijackersC.sbi ()
2007-10-04 Includes\Keyloggers.sbi (
)
2007-11-21 Includes\KeyloggersC.sbi ()
2004-11-29 Includes\LSP.sbi (
)
2007-11-07 Includes\Malware.sbi ()
2007-11-21 Includes\MalwareC.sbi (
)
2007-10-24 Includes\PUPS.sbi ()
2007-11-21 Includes\PUPSC.sbi (
)
2007-11-21 Includes\Revision.sbi ()
2007-05-30 Includes\Security.sbi (
)
2007-11-21 Includes\SecurityC.sbi ()
2007-11-07 Includes\Spybots.sbi (
)
2007-11-21 Includes\SpybotsC.sbi ()
2007-11-06 Includes\Tracks.uti
2007-11-14 Includes\Trojans.sbi (
)
2007-11-21 Includes\TrojansC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll

— System information —
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 11: Mise ? jour de sÈcuritÈ pour Lecteur Windows Media 11 (KB936782)
/ Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683)
/ Windows Media Player 6.4: Mise ? jour de sÈcuritÈ pour Lecteur Windows Media 6.4 (KB925398)
/ Windows Media Player 9: Mise ? jour de sÈcuritÈ pour Lecteur Windows Media 9 (KB936782)
/ Windows XP: Mise ? jour de sÈcuritÈ pour Windows XP (KB923689)
/ Windows XP: Mise ? jour de sÈcuritÈ pour Windows XP (KB941569)
/ Windows XP / SP0: Mise ? jour de sÈcuritÈ pour Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Mise ? jour de sÈcuritÈ pour Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Mise ? jour de sÈcuritÈ pour Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP0: Correctif pour Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB885884
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB896358)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB896423)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB896428)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB899587)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB899591)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB900485)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB900725)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB901017)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB901214)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB902400)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB904706)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB904942)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB905414)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB905749)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB908519)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB908531)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB911280)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB911562)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB911927)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB913580)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB914388)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB914389)
/ Windows XP / SP3: Correctif pour Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB916595)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB917344)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB917953)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB918118)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB918439)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB919007)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB920213)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB920670)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB920683)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB920685)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB920872)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB921503)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB922582)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB922819)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB923191)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB923414)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB923980)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB924270)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB924496)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB924667)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB926255)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB926436)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB927779)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB927802)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB927891)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB928255)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB928843)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB929123)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB930178)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB930916)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB931261)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB931784)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB932168)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB932823-v3)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB933360)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB933729)
/ Windows XP / SP3: Correctif pour Windows XP (KB935448)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB935839)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB935840)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB936021)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB936357)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB937894)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB938127)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB938828)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB938829)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB939653)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB941202)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB941568)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB941644)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB941693)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB942615)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB942763)
/ Windows XP / SP3: Mise ? jour pour Windows XP (KB942840)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB943055)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB943460)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB943485)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB944653)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB945553)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB946026)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB948590)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB948881)
/ Windows XP / SP3: Mise ? jour de sÈcuritÈ pour Windows XP (KB950749)

— Startup entries list —
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, 36X Raid Configurer
command: C:\WINDOWS\System32\JMRaidSetup.exe boot
file: C:\WINDOWS\System32\JMRaidSetup.exe
size: 1953792
MD5: 92FEEEE9BF80B23928B742294CF7306D

Located: HK_LM:Run, Adobe Photo Downloader
command: “C:\Program Files\Adobe\Photoshop Album Edition DÈcouverte\3.0\Apps\apdproxy.exe”
file: C:\Program Files\Adobe\Photoshop Album Edition DÈcouverte\3.0\Apps\apdproxy.exe
size: 57344
MD5: 57657B09D386137C7501367985B9741E

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 40048
MD5: 66D4456C920E21BD2188F8CC33680DF5

Located: HK_LM:Run, Ai Quicker Help
command: “C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe”
file: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
size: 3165696
MD5: 30F88540AFD59242B9021D7943D14332

Located: HK_LM:Run, Alcmtr
command: ALCMTR.EXE
file: C:\WINDOWS\ALCMTR.EXE
size: 69632
MD5: 8B4CBBA1EA526830C7F97E7822E2493A

Located: HK_LM:Run, ATICCC
command: “C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe”
file: C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe
size: 90112
MD5: 0DC2E1B6951BD2170BC47F0EEBF629B3

Located: HK_LM:Run, iTunesHelper
command: “C:\Program Files\iPod\iTunes\iTunesHelper.exe”
file: C:\Program Files\iPod\iTunes\iTunesHelper.exe
size: 267048
MD5: 020B109C1D515879C04A36D6BCA949B8

Located: HK_LM:Run, JMB36X IDE Setup
command: C:\WINDOWS\JM\JMInsIDE.exe
file: C:\WINDOWS\JM\JMInsIDE.exe
size: 36864
MD5: 47BBA427E91CBB98E41A17B38644987C

Located: HK_LM:Run, LifeCam
command: “C:\Program Files\Microsoft LifeCam\LifeExp.exe”
file: C:\Program Files\Microsoft LifeCam\LifeExp.exe
size: 279912
MD5: 411EA589240F875E685F3C985357AE08

Located: HK_LM:Run, Logitech Hardware Abstraction Layer
command: KHALMNPR.EXE
file: C:\WINDOWS\KHALMNPR.EXE
size: 49152
MD5: 8496EAAC735DF421B64AB5FB9EEFBC9D

Located: HK_LM:Run, lphcrn6j0e3dc
command: C:\WINDOWS\system32\lphcrn6j0e3dc.exe
file: C:\WINDOWS\system32\lphcrn6j0e3dc.exe
size: 92160
MD5: 76C39742037F86D3C56E6CE735092C67

Located: HK_LM:Run, NGTray
command: “C:\Program Files\Symantec\Ghost\ngtray.exe”
file: C:\Program Files\Symantec\Ghost\ngtray.exe
size: 181896
MD5: C51C07D9029D4112B3E5E47D135B2EE0

Located: HK_LM:Run, QuickTime Task
command: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
file: C:\Program Files\QuickTime\QTTask.exe
size: 385024
MD5: F89DA660C511652EE511FE3AB2F04BFC

Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
file: C:\WINDOWS\RTHDCPL.EXE
size: 16143872
MD5: 9EF1CB17583B61E635931198F93B7310

Located: HK_LM:Run, Sony Ericsson PC Suite
command: “C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” /startoptions
file: C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
size: 159744
MD5: F0B9213AD99E77FC481C24C9023AA9C6

Located: HK_LM:Run, VX1000
command: C:\WINDOWS\vVX1000.exe
file: C:\WINDOWS\vVX1000.exe
size: 709992
MD5: F9825069752B43CA98974B71A9B4DCF5

Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT…
command: C:\WINDOWS\System32\CTFMON.EXE
file: C:\WINDOWS\System32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19…
command: C:\WINDOWS\System32\CTFMON.EXE
file: C:\WINDOWS\System32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20…
command: C:\WINDOWS\System32\CTFMON.EXE
file: C:\WINDOWS\System32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118

Located: HK_CU:Run, BitTorrent DNA
where: S-1-5-21-1060284298-1563985344-839522115-1003…
command: “C:\Program Files\DNA\btdna.exe”
file: C:\Program Files\DNA\btdna.exe
size: 289088
MD5: 05D05886CAD5E1161FC80FA92F2DD01C

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-21-1060284298-1563985344-839522115-1003…
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1060284298-1563985344-839522115-1003…
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1460560
MD5: B7D4586BFC0DD6C3BE7DCCC252A3E97E

Located: HK_CU:Run, swg
where: S-1-5-21-1060284298-1563985344-839522115-1003…
command: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18…
command: C:\WINDOWS\System32\CTFMON.EXE
file: C:\WINDOWS\System32\CTFMON.EXE
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118

Located: DÈmarrage (tous utilisateurs), Jeppesen EFB Data Loader.lnk
where: C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\DÈmarrage…
command: C:\Program Files\Jeppesen\EFB\AppMgr\JEPDTLP\DataLoader.exe
file: C:\Program Files\Jeppesen\EFB\AppMgr\JEPDTLP\DataLoader.exe
size: 249856
MD5: EE15EB93FA4F4127BC680E0C7C108BD4

Located: DÈmarrage (tous utilisateurs), Jeppesen Stand Alone Data Loader.lnk
where: C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\DÈmarrage…
command: C:\Program Files\Jeppesen\EFB\AppMgr\JEPSDLP\StandAloneDataLoader.exe
file: C:\Program Files\Jeppesen\EFB\AppMgr\JEPSDLP\StandAloneDataLoader.exe
size: 282624
MD5: BF11A3912BD1508CB609E9CAB4452D5B

Located: DÈmarrage (tous utilisateurs), Jeppesen Update Manager.lnk
where: C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\DÈmarrage…
command: C:\Program Files\Jeppesen\DataManagement\Applications\JEPJUMP\JUM.exe
file: C:\Program Files\Jeppesen\DataManagement\Applications\JEPJUMP\JUM.exe
size: 131072
MD5: AA001681FC8CF908FE8243C1327AA2E8

Located: DÈmarrage (tous utilisateurs), Logitech SetPoint.lnk
where: C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\DÈmarrage…
command: C:\Program Files\Logitech\SetPoint\SetPoint.exe
file: C:\Program Files\Logitech\SetPoint\SetPoint.exe
size: 434176
MD5: 6D5BE508E7FD808B16369C4E0778F899

Located: DÈmarrage (tous utilisateurs), Microsoft Office.lnk
where: C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\DÈmarrage…
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5BC65464354A9FD3BEAA28E18839734A

Located: WinLogon, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

— Browser helper object list —
{5A979B6A-1ABE-4B63-A24F-7A0B72AEC7D5} (QXK Olive)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
BHO name:
CLSID name: QXK Olive
Path: C:\WINDOWS
Long name: nogxfvblxsk.dll
Short name: NOGXFV~1.DLL
Date (created): 08/06/2008 11:02:12
Date (last access): 23/06/2008 19:58:02
Date (last write): 07/06/2008 15:20:28
Filesize: 331776
Attributes: archive
MD5: 8E18ED3D921537E26293EEA46EEADEC2
CRC32: EBA1B0EF

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll
googletoolbar*.dll
(* = number)
googletoolbar_en_.**-big.dll
Googletoolbar_en_
.*.**-deleon.dll
info link: toolbar.google.com…
info source: TonyKlein
Path: c:\program files\google
Long name: GoogleToolbar1.dll
Short name: GOOGLE~1.DLL
Date (created): 18/11/2007 23:31:12
Date (last access): 23/06/2008 19:58:02
Date (last write): 18/11/2007 23:31:12
Filesize: 2436160
Attributes: readonly archive
MD5: 6D44E0C3B43D27484FBB355E470C4188
CRC32: 2DE875CD
Version: 4.0.1601.4978

— ActiveX list —
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: fpdownload.macromedia.com…

{FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (ContrÙleur de DownloadManager)
DPF name:
CLSID name: ContrÙleur de DownloadManager
Installer: C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.inf
Codebase: dlm.tools.akamai.com…
Path: C:\WINDOWS\DOWNLO~1
Long name: DownloadManagerV2.ocx
Short name: DOWNLO~1.OCX
Date (created): 24/08/2007 06:24:28
Date (last access): 14/05/2008 20:22:46
Date (last write): 24/08/2007 06:24:28
Filesize: 606208
Attributes: archive
MD5: A913C60BCE845B534E5EECED0CC02E9A
CRC32: DE194954
Version: 2.2.2.1

— Process list —
PID: 0 ( 0) [System]
PID: 936 ( 0) \SystemRoot\System32\smss.exe
size: 50688
PID: 1008 ( 0) ??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 1100 ( 0) ??\C:\WINDOWS\system32\winlogon.exe
size: 506368
PID: 1144 ( 0) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 1156 ( 0) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 1328 ( 0) C:\WINDOWS\System32\Ati2evxx.exe
size: 425984
MD5: 8C8C8BE49B7A95362DF118EFC14B460F
PID: 1348 ( 0) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1416 ( 0) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1476 ( 0) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1548 ( 0) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1600 ( 0) C:\WINDOWS\system32\Ati2evxx.exe
size: 425984
MD5: 8C8C8BE49B7A95362DF118EFC14B460F
PID: 1668 ( 0) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 2012 ( 0) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 272 ( 0) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 110592
MD5: 1961CB10BB48EB4D97E37DB6373E9E63
PID: 332 ( 0) C:\Program Files\Dassault Systemes\B15\intel_a\code\bin\CATSysDemon.exe
size: 49214
MD5: 0204EE01B717124C5918657749610812
PID: 480 ( 0) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
size: 271720
MD5: 641199534871783DD74138FE0BCFDAE7
PID: 520 ( 0) C:\Program Files\Symantec\Ghost\ngserver.exe
size: 1025672
MD5: 29BB4579ECABBCEB04FD32393A5B3B02
PID: 568 ( 0) C:\Program Files\CDBurnerXP\NMSAccessU.exe
size: 71096
MD5: FD306FBCCE7ADB1077B709742E7148E9
PID: 624 ( 0) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
size: 1234480
MD5: 7234E4B852F8FA0C48FF0E4FD7394490
PID: 684 ( 0) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 944 ( 0) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
size: 1967664
MD5: A464B1F7249B9893AB3F08CDA55F18E5
PID: 972 ( 0) C:\Program Files\Symantec\Ghost\bin\dbserv.exe
size: 75400
MD5: 73E5444378D350D86FD4F9BFB8A697AA
PID: 996 ( 0) C:\Program Files\Symantec\Ghost\bin\rteng9.exe
size: 73728
MD5: BA434B8EE7051F40DFF737A1CEE7404A
PID: 1028 ( 0) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 2748 ( 0) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
size: 1967664
MD5: A464B1F7249B9893AB3F08CDA55F18E5
PID: 2868 ( 0) C:\WINDOWS\Explorer.EXE
size: 1037312
MD5: D0288319660EDCFED07C7E74C4EA38A5
PID: 2996 ( 0) C:\WINDOWS\RTHDCPL.EXE
size: 16143872
MD5: 9EF1CB17583B61E635931198F93B7310
PID: 3032 ( 0) C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
size: 3165696
MD5: 30F88540AFD59242B9021D7943D14332
PID: 3060 ( 0) C:\Program Files\Symantec\Ghost\ngtray.exe
size: 181896
MD5: C51C07D9029D4112B3E5E47D135B2EE0
PID: 3116 ( 0) C:\Program Files\QuickTime\QTTask.exe
size: 385024
MD5: F89DA660C511652EE511FE3AB2F04BFC
PID: 3128 ( 0) C:\Program Files\iPod\iTunes\iTunesHelper.exe
size: 267048
MD5: 020B109C1D515879C04A36D6BCA949B8
PID: 3228 ( 0) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 3312 ( 0) C:\Program Files\Jeppesen\EFB\AppMgr\JEPDTLP\DataLoader.exe
size: 249856
MD5: EE15EB93FA4F4127BC680E0C7C108BD4
PID: 3320 ( 0) C:\Program Files\Jeppesen\EFB\AppMgr\JEPSDLP\StandAloneDataLoader.exe
size: 282624
MD5: BF11A3912BD1508CB609E9CAB4452D5B
PID: 3636 ( 0) C:\Program Files\iPod\bin\iPodService.exe
size: 504104
MD5: E1BD28CA09EE8F30E8EDBD6C19F5579D
PID: 3736 ( 0) C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
size: 385024
MD5: AC02CF51DCC71E97D1B602EE651518DB
PID: 3248 ( 0) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4943184
MD5: C92780F50B8BB7A89E919585916494A9
PID: 864 ( 0) C:\Program Files\Protection Sauvegarde\Trend Micro\HijackThis\HijackThis.exe
size: 396288
MD5: C4CA7416A6DF6D95075F81D9E3B41AD1

— Browser start & search pages list —
Spybot - Search & Destroy browser pages report, 23/06/2008 20:16:05

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
www.google.com…
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
www.google.com…
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
softwarereferral.com…
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
www.google.com…
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl@
www.google.com…
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
go.microsoft.com…
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
go.microsoft.com…
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
go.microsoft.com…
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
go.microsoft.com…
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
www.google.com…
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
ie.search.msn.com…

— Winsock Layered Service Provider list —

— Uninstall list —
(AddressBook)

Adobe Flash Player ActiveX 9.0.47.0 (Adobe Flash Player ActiveX)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: www.adobe.com…

ATI - Utilitaire de dÈsinstallation du logiciel 6.14.10.1014 (All ATI Software)
install location: C:\Program Files\ATI Technologies\UninstallAll
uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

AndreaMosaic 3.21 (AndreaMosaicVersion3)
uninstall cmd: C:\WINDOWS\iun6002.exe “C:\Program Files\Utilitaires\AndreaMosaic\irunin.ini”

ATI Display Driver 8.302-061003a-037437C (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

Azureus Vuze (Azureus Vuze)
uninstall cmd: C:\Program Files\Telechargement\Azureus\uninstall.exe
publisher: Azureus, Inc.

(Branding)

Call of Duty (Call of Duty)
uninstall cmd: C:\PROGRA~1\Games\CALLOF~1\Uninstall\Unwise.exe /u C:\PROGRA~1\Games\CALLOF~1\Uninstall\Install.log

(Connection Manager)

CopyPod (remove only) (CopyPod)
uninstall cmd: “C:\Program Files\CopyPod\uninstall.exe”

Dassault Systemes Software B15 (Dassault Systemes B15_0)
uninstall cmd: “C:\Program Files\Dassault Systemes\B15\intel_a\code\bin\Uninstall.exe” “C:\Program Files\Dassault Systemes\B15” “CODE” “GUI” “B15” “0”

(DirectAnimation)

(DirectDrawEx)

DVD Decrypter (Remove Only) (DVD Decrypter)
uninstall cmd: “C:\Program Files\Multimedia\DVD Decrypter\uninstall.exe”

(DXM_Runtime)

ffdshow [rev 1524] [2007-10-09] 1.0 (ffdshow_is1)
install date: 20071127
install location: C:\Program Files\Multimedia\ ffdshow
uninstall cmd: “C:\Program Files\Multimedia\ ffdshow\unins000.exe”

(Fontcore)

FpTest 3.2 3.2 (FpTest)
uninstall cmd: C:\Program Files\Free World\FpTest\uninst.exe
publisher: Freeplayer.org

HijackThis 2.0.2 2.0.2 (HijackThis)
uninstall cmd: “C:\Program Files\Protection Sauvegarde\Trend Micro\HijackThis\HijackThis.exe” /uninstall
publisher: TrendMicro

HomePlayer 1.5.6 1.5.6 (HomePlayer)
uninstall cmd: C:\Program Files\Free World\HomePlayer\uninst.exe
publisher: HomePlayer

(ICW)

Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20071216
uninstall cmd: “C:\WINDOWS$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe”
publisher: Microsoft Corporation

(IE40)

(IE4Data)

(IE5BAKEX)

Windows Internet Explorer 7 20070813.185237 (ie7)
install date: 20071216
uninstall cmd: “C:\WINDOWS\ie7\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: www.microsoft.com…

(IEData)

(InstallShield Uninstall Information)

Canon Camera Support Core Library 7.0.3.20 (InstallShield_{26BDE7D8-93F0-4A07-AD47-1707DB417941})
version: 117440515
version (major): 7
estimated size: 1392
install date: 20080202
install source: J:\SOFTWARE\CSCLIB
uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1036
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:

Canon Internet Library for ZoomBrowser EX 1.3.3 (InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A})
version: 16973827
version (major): 1
version (minor): 3
estimated size: 666
install date: 20080202
install location: C:\Program Files\Canon\ZoomBrowser EX\Program
install source: J:\SOFTWARE\CIG\French
uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A}
publisher: Canon Inc.
comments:
contact:
help link:
help telephone:

Canon RAW Image Task for ZoomBrowser EX 1.1 (InstallShield_{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196})
version: 16842752
version (major): 1
version (minor): 1
estimated size: 6407
install date: 20080202
install source: J:\SOFTWARE\RAWTASK\FRENCH
uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:

IL-2 Sturmovik: Forgotten Battles 1.00.0000 (InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3})
version: 16777216
version (major): 1
estimated size: 1192466
install date: 20080108
install source: K:
uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3} /l1036
publisher: Ubi Soft
comments:
contact: Ubi Soft Support
help link: support.ubi.com…
help telephone:

Canon Camera Window for ZoomBrowser EX 4.6.2 (InstallShield_{B34BE30D-A759-4EC2-B58F-19FE2DEBF651})
version: 67502082
version (major): 4
version (minor): 6
estimated size: 22775
install date: 20080202
install source: J:\SOFTWARE\cw\French
uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:

iPod for Windows 2006-06-28 4.7.0 (InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE})
version: 67567616
version (major): 4
version (minor): 7
estimated size: 69448
install date: 20080110
install location: C:\Program Files\iPod
install source: C:\WINDOWS\Downloaded Installations{88709841-CCE6-49D7-94D7-3A2096E694C8}
uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BD57EA4D-026E-4F08-9B93-080E282B81FE} /l1036
publisher: Nom de votre sociÈtÈ
contact: AppleCare
help link: www.info.apple.com…
readme: www.info.apple.com…

Canon RemoteCapture Task for ZoomBrowser EX 1.0.3 (InstallShield_{CF2C1A86-5A98-4862-A3AE-9992E3A6427D})
version: 16777219
version (major): 1
estimated size: 9061
install date: 20080202
install source: J:\SOFTWARE\RCTASK\FRENCH
uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:

Canon MovieEdit Task for ZoomBrowser EX 1.1.1.41 (InstallShield_{DE286975-ACF1-45B8-9EF7-34E162B2C817})
version: 16842753
version (major): 1
version (minor): 1
estimated size: 1547
install date: 20080202
install source: J:\SOFTWARE\MVW\FRENCH
uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:

Canon Utilities PhotoStitch 3.1 3.1.13 (InstallShield_{EF4C7EB0-D71B-43A3-9552-8053DE4B0401})
version: 50397197
version (major): 3
version (minor): 1
estimated size: 1864
install date: 20080202
install location: C:\Program Files\Canon\PhotoStitch
install source: J:\SOFTWARE\PSTITCH\FRENCH
uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}
publisher: Canon
comments:
contact:
help link:
help telephone:

Correctif Windows XP - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB884016)

(KB884267)

(KB885353)

Correctif Windows XP - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: support.microsoft.com…

Correctif Windows XP - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: support.microsoft.com…

Correctif Windows XP - KB885884 20040924.025457 (KB885884)
uninstall cmd: C:\WINDOWS$NtUninstallKB885884$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: support.microsoft.com…

Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB886612)

(KB887078)

Correctif Windows XP - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB887626)

High Definition Audio Driver Package - KB888111 20040219.000000 (KB888111WXP)
uninstall cmd: “C:\WINDOWS$NtUninstallKB888111WXP$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Correctif Windows XP - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB888656)

(KB889858)

Mise ? jour de sÈcuritÈ pour Windows XP (KB890046) 1 (KB890046)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB890046$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Correctif Windows XP - KB890859 1 (KB890859)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB890859$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB891122)

Correctif Windows XP - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB892313)

(KB893240)

(KB893241)

Mise ? jour de sÈcuritÈ pour Windows XP (KB893756) 1 (KB893756)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB893756$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: “C:\WINDOWS$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: go.microsoft.com…

Mise ? jour pour Windows XP (KB894391) 1 (KB894391)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB894391$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB895181)

(KB895316)

(KB895572)

Mise ? jour de sÈcuritÈ pour Windows XP (KB896358) 1 (KB896358)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB896358$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB896423) 1 (KB896423)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB896423$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB896428) 1 (KB896428)
install date: 20071120
uninstall cmd: “C:\WINDOWS$NtUninstallKB896428$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB897586)

Mise ? jour pour Windows XP (KB898461) 1 (KB898461)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB898461$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB898549)

Mise ? jour de sÈcuritÈ pour Windows XP (KB899587) 1 (KB899587)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB899587$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB899591) 1 (KB899591)
install date: 20071120
uninstall cmd: “C:\WINDOWS$NtUninstallKB899591$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB900399)

Mise ? jour pour Windows XP (KB900485) 2 (KB900485)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB900485$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB900725) 1 (KB900725)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB900725$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB901017) 1 (KB901017)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB901017$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB901214) 1 (KB901214)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB901214$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB902344)

Mise ? jour de sÈcuritÈ pour Windows XP (KB902400) 1 (KB902400)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB902400$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB904706) 2 (KB904706)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB904706$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour pour Windows XP (KB904942) 2 (KB904942)
install date: 20071216
uninstall cmd: “C:\WINDOWS$NtUninstallKB904942$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB905414) 1 (KB905414)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB905414$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB905749) 1 (KB905749)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB905749$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB907658)

Mise ? jour de sÈcuritÈ pour Windows XP (KB908519) 1 (KB908519)
install date: 20071120
uninstall cmd: “C:\WINDOWS$NtUninstallKB908519$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour pour Windows XP (KB908531) 2 (KB908531)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB908531$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour pour Windows XP (KB910437) 1 (KB910437)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB910437$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour pour Windows XP (KB911280) 2 (KB911280)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB911280$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB911562) 1 (KB911562)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB911562$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Lecteur Windows Media (KB911564) (KB911564)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB911564$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

(KB911565)

(KB911854)

Mise ? jour de sÈcuritÈ pour Windows XP (KB911927) 1 (KB911927)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB911927$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB913580) 1 (KB913580)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB913580$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB914388) 1 (KB914388)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB914388$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB914389) 1 (KB914389)
install date: 20071120
uninstall cmd: “C:\WINDOWS$NtUninstallKB914389$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Correctif pour Windows XP (KB914440) 12 (KB914440)
install date: 20071216
uninstall cmd: “C:\WINDOWS$NtUninstallKB914440$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Hotfix for Windows XP (KB915865) 10 (KB915865)
install date: 20071216
uninstall cmd: “C:\WINDOWS$NtUninstallKB915865$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour pour Windows XP (KB916595) 1 (KB916595)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB916595$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB917344) 1 (KB917344)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB917344$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB917953) 1 (KB917953)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB917953$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB918118) 1 (KB918118)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB918118$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB918439) 1 (KB918439)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB918439$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB919007) 1 (KB919007)
install date: 20071120
uninstall cmd: “C:\WINDOWS$NtUninstallKB919007$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB920213) 1 (KB920213)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB920213$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB920670) 1 (KB920670)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB920670$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB920683) 1 (KB920683)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB920683$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB920685) 1 (KB920685)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB920685$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour pour Windows XP (KB920872) 1 (KB920872)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB920872$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB921503) 1 (KB921503)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB921503$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour pour Windows XP (KB922582) 1 (KB922582)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB922582$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB922819) 1 (KB922819)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB922819$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB923191) 1 (KB923191)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB923191$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB923414) 1 (KB923414)
install date: 20071119
uninstall cmd: “C:\WINDOWS$NtUninstallKB923414$\spuninst\spuninst.exe”
publisher: Microsoft Corporation
help link: support.microsoft.com…

Mise ? jour de sÈcuritÈ pour Windows XP (KB923689) (KB923689)
install date: 20071119
uninstall cmd: "C:\WINDOWS$NtUninstallKB9236

Sur certains sites, ils conseillent d’utiliser SmitFraud (http://siri.geekstogo.com/SmitfraudFix.php) pour virer ce trojan.

Sur un autre j’ai trouvé cet technique (http://www.woodsnetworks.net/pcfixes.htm#smitfraud):

  • installer Spybot et ses mises à jour
  • exécuter msconfig.exe et choisir Démarrage en mode diagnostic
  • redémarrer le PC et lancer le scan de Spybot
  • pendant le scan de pybot, appeler le gestionnaire de taches par ctrl+alt+del et supprimer le process explorer.exe, ce qui vide le bureau.
  • une fois le scan terminé, repositionner le démarrage normal par msconfig
  • une fois le PC redémarré, refaire un scan complet avec Spybot.
    => un peu lourd, nan ?:lol:
    Edité le 24/06/2008 à 00:00

a virer
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = softwarereferral.com

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contr?leur de DownloadManager) - dlm.tools.akamai.com

Merci !
Je vais commencer par la solution courte…:wink:
Mais s’il faut utiliser les grands mpyens ca va etre…LA BAGARRE !!! :):):slight_smile: