analyse de log svp

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

analyse de log svp

Messagede piou » 09 Aoû 2005, 15:05

Salut,

je remarque que j'ai une ligne vide dans msconfig>démarrage, située dans HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
Je suppose que ce n'est pas normal...
Mon pc charge pas mal au démarrage et comme je l'ai déjà dit, mes icônes restent inaccessibles au tout début de mon arrivée sur le bureau, pendant environ 30-40, puis elles "clignotent et c'est bon.

Peut être trouverer quelque chose dans mon log:

Logfile of HijackThis v1.99.1
Scan saved at 16:04:53, on 09/08/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\System32\DrvMon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/ ... xiaIIA.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2142441015
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{313D7377-A112-43E1-A45D-01D498835DE5}: NameServer = 195.238.2.21 195.238.2.22
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe

Je vous remercie d'avance pour vos commentaires,
piou
piou
 

Messagede nickW » 09 Aoû 2005, 15:45

Bonjour,

Pourquoi donc ouvrir un nouveau sujet?

Où en es-tu par rapport
à ceci: http://assiste.forum.free.fr/viewtopic.php?t=8179
et ceci: http://assiste.forum.free.fr/viewtopic.php?t=7620

Salut,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede piou » 09 Aoû 2005, 18:42

Salut,

et désolé pour le sujet...

1-J'ai plus de problème de clavier ni de souris
2-PSGuard n'est plus nullepart (orthographe?) sauf dans "ajout/suppression de programmes".Je le supprime?
3-Y'a ce problème de ligne vide dans msconfig>démarrage dont je parle dans le post précédent.
4-y'a également ce problème de chargement au démarrage et d'attente avant de pouvoir ouvrir un programme par les icônes du bureau.
5-En mode sans échec, CWShredder me trouve chaque fois "CWS MSconfig" malgré que je le fixe à tous les coups.
6-J'abandonne ma lutte pour retrouver l'assistant de gravure...
7-je ne sais pas si des problèmes ressortent du log de Startdreck.(je n'ose pas trop m'aventurer à suivre exactement la page de Tesgaz, pas assez de connaissances de ma machine)
8-Faut il que j'installe le SP2, et dans quelles conditions?

Voilà en résumé,
Merci
piou
piou
 

Messagede piou » 10 Aoû 2005, 17:20

Salut,

y'a encore un truc qui m'intrigue.
Je viens d'installer le SP2 pour windows XP pro.J'ai ensuite installé 16 autres mises à jour disponibles sur windows update.Depuis, quand j'allume mon pc, j'ai une icône que je n'avaias pas avant dans ma barre des tâches (en bas à droite).Il s'agit d'une icône de connection (deux petits ordinateurs) avec un triangle jaune et un point d'exclamation dedans.Quand je double clique dessu j'ai une fenêtre "etat de connexion au réseau local" qui s'ouvre avec en tre autre "etat: connectivité limitée ou inexistante".

Quand je vais dans "panneau de configuration">"connexions réseaux", j'ai dans "large bande" ma connection adsl sous pare feu comme avant et dans "réseau local ou internet à haute vitesse", je retrouve cette icone avec le point d'exclamation.

Je n'avais pas ça avant! Je suis sur un pc de particulier, chez moi.
Si quelqu'un a une idée...

MERCI
piou
piou
 

Messagede piou » 11 Aoû 2005, 18:17

Salut,

j'ai pu me débarasser de l'icône dont je parlais hier....
Pour le reste, je suis au même point.

Merci
piou
piou
 

Messagede piou » 19 Aoû 2005, 12:54

Salut,

je fais à nouveau ressurgir mon post parce que je n'avais pas trouvé de solution et ça m'embête!!

Ca concerne encore ce "PSGuard"!!!!

Je rappelle que j'avais été infecté par "Smitfraud.c" et que c'est à ce moment que "PSGuard" était apparu.
Je m'étais débarassé de Smitfraud par le fix de Balltrap, mais PSGuard était encore présent.

A ce jour, j'ai installé le SP2 de windows XP pro.

J'ai souvent un petit blazon rouge avec une croix blanche dedans qui me dit que mon pc est peut etre en danger, que mon antivirus n'est plus branché,....

Cela fait deux fois de suite que je scanne mon pc en mode sans échec: ad aware ne trouve rien, a²Free ne trouve rien, Panda Titanium antivirus 2004 ne trouve rien...

Par contre CWShredder trouve CHAQUE fois "CWS MSconfig"!
Spybot trouve CHAQUE fois PSGuard, ainsi que des trucs "windows security center..." qui sont en rouge!!

Je coche tout, je répare, et il ne veut jamais réparer PSGuard ("des fichiers sont encore en mémoire...") et me propose de se relancer au prochain démarrage>>>OK>>>il se lance, trouve de nouveau PSGard mais ne peu de nouveau pas le fixer!!!

Je voudrais vraiment me débarrasser de ça une bonne fois pour toutes!!!!! (CWS MSconfig et PSGuard)

Je peux vous faire un log HJT ou tout ce que vous voulez si ça peut vous aider.

MERCI d'avance,
piou
piou
 

Messagede nickW » 19 Aoû 2005, 13:16

Bonjour,

Pourrais-tu envoyer en réponse:

1/ Un log HijackThis

2/ Un rapport Spybot-S&D
Lancer SpyBot-S&D, faire une Recherche de mises à jour et les appliquer si trouvées.
Lancer un balayage complet ("Vérifier tout"), corriger les problèmes en rouge.
Sur la barre de menus principale, cliquer sur "Mode" et choisir "Mode avancé".
Dans le menu de gauche, choisir "Outils" puis "Voir le rapport".
Vérifier que toutes les options sont cochées sauf "N'incluez pas d'élément désactivé ou connu comme légal.".

Sélectionner (en haut) le bouton "Voir le rapport".
Appuyer sur "Exporter", dans la boîte de dialogue qui apparaît, choisir un emplacement et un nom de sauvegarde pour le fichier (en conservant le Type "Fichiers textes").

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede piou » 19 Aoû 2005, 14:37

Salut,

voilà les rapports.Pour Spybot, j'ai scanné en mode normal, il m'a encore trouvé les mêmes trucs alors que je les avais fixé il y a deux heures en mode sans échec et il ne peut corriger PSGuard (rouge) et log (vert).

Logfile of HijackThis v1.99.1
Scan saved at 15:35:29, on 19/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\System32\DrvMon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/ ... xiaIIA.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2142441015
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{313D7377-A112-43E1-A45D-01D498835DE5}: NameServer = 195.238.2.21 195.238.2.22
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe

Et pour Spybot:


--- Search result list ---
PSGuard: Réglages (Clé du registre, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\ShudderLTD\PSGuard

Windows Security Center.FirewallDisableNotify: Réglages (Modification du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

Windows Security Center.AntiVirusDisableNotify: Réglages (Modification du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Windows Security Center.UpdateDisableNotify: Réglages (Modification du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0

Log: Activity: SchedLgU.Txt (Sauver le fichier, fixing failed)
C:\WINDOWS\SchedLgU.Txt

Log: Shutdown: System32\wbem\logs\wbemess.log (Sauver le fichier, fixed)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Sauver le fichier, fixed)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

MS Media Player: Anonymous ID (Modification du registre, fixed)
HKEY_USERS\S-1-5-21-854245398-261478967-725345543-1006\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0

MS Direct3D: Most recent application (Modification du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name!=

MS DirectDraw: Most recent application (Modification du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=

MS Office 11.0 (Word): Recent file list (Valeur du registre, fixed)
HKEY_USERS\S-1-5-21-854245398-261478967-725345543-1006\Software\Microsoft\Office\11.0\Word\Data\Settings

Windows Explorer: Run history (2 fichiers) (Clé du registre, fixed)
HKEY_USERS\S-1-5-21-854245398-261478967-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: User Assistant history IE (4 fichiers) (Clé du registre, fixed)
HKEY_USERS\S-1-5-21-854245398-261478967-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: User Assistant history files (19 fichiers) (Clé du registre, fixed)
HKEY_USERS\S-1-5-21-854245398-261478967-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: Recent file global history (Clé du registre, fixed)
HKEY_USERS\S-1-5-21-854245398-261478967-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: Computer name (Modification du registre, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Computer name (Modification du registre, fixed)
HKEY_USERS\S-1-5-21-854245398-261478967-725345543-1006\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Computer name (Modification du registre, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Cache: Cache (21) (Cache, fixed)


Cookie: Cookie (16) (Cookie, fixed)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-29 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-08-12 Includes\Dialer.sbi (*)
2005-08-12 Includes\Hijackers.sbi (*)
2005-06-23 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-08-12 Includes\Malware.sbi (*)
2005-08-12 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-08-06 Includes\Security.sbi (*)
2005-08-12 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2005-08-12 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Internet Explorer 6 / SP1: Correctif Windows XP - KB883939
/ Outlook Express 6 / SP1: Correctif Windows XP - KB897715
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Correctif Windows XP - KB873333
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890175
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066)
/ Windows XP / SP3: Correctif Windows XP - KB893086
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB896727)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899588)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221


--- Startup entries list ---
Located: HK_LM:Run,
command:
file:

Located: HK_LM:Run, AlcWzrd
command: ALCWZRD.EXE
file: C:\WINDOWS\ALCWZRD.EXE
size: 2550272
MD5: deb0a8f583174f05de7ca8fc27c4aaee

Located: HK_LM:Run, APVXDWIN
command: "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
file: C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
size: 258048
MD5: 0ff51313b67228b0e8226e4ac354e3e5

Located: HK_LM:Run, Name of App
command: C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
file: C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
size: 663655
MD5: 8b1191283f4edd9cd3a18c5cc207925c

Located: HK_LM:Run, PinnacleDriverCheck
command: C:\WINDOWS\System32\PSDrvCheck.exe
file: C:\WINDOWS\System32\PSDrvCheck.exe
size: 406016
MD5: 39d31d333c39caa9a13b738804b43284

Located: HK_LM:Run, Raccourci vers la page des propriétés de High Definition Audio
command: HDAudPropShortcut.exe
file: C:\WINDOWS\system32\HDAudPropShortcut.exe
size: 61952
MD5: 3e7a11c1c4ebd2c3c52197238df4e14b

Located: HK_LM:Run, RemoteControl
command: "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
file: C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
size: 32768
MD5: 915a106a2fb87292cef0ad4f36adf313

Located: HK_LM:Run, SoundMan
command: SOUNDMAN.EXE
file: C:\WINDOWS\SOUNDMAN.EXE
size: 69632
MD5: 52004ab208d20fd36b1442aaf3c0c945

Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
size: 36975
MD5: d3e445a99a1142c35d8d3100b5564591

Located: HK_CU:Run, DrvMon.exe
command: C:\WINDOWS\System32\DrvMon.exe
file: C:\WINDOWS\System32\DrvMon.exe
size: 53248
MD5: a27463f4ad515f1714a92581b5356b6d

Located: Démarrage (tous utilisateurs), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166

Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
size: 237568
MD5: da6b945e561b1d1da67663bb45b4b868

Located: WinLogon, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 14/12/2004 01:56:50
Date (last access): 19/08/2005 15:13:12
Date (last write): 14/12/2004 01:56:50
Filesize: 63136
Attributes: archive
MD5: 42729C3DE75A7A51FC6F9EF6546C9199
CRC32: 4D60BD07
Version: 7.0.0.1333

{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 29/06/2005 11:59:38
Date (last access): 19/08/2005 15:11:46
Date (last write): 31/05/2005 01:04:00
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0



--- ActiveX list ---
Dexia netbanking (Dexia netbanking)
DPF name: Dexia netbanking
CLSID name:
Installer:
Codebase: http://netbanking.dexia.be/PC//Dynamic/ ... xiaIIA.cab

Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla

{0000000A-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\WMAVAX.inf
Codebase: http://download.microsoft.com/download/ ... wmavax.CAB

{33564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\WMV9VCM.inf
Codebase: http://download.microsoft.com/download/ ... mv9VCM.CAB

{6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
DPF name:
CLSID name: WUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\wuweb.inf
Codebase: http://update.microsoft.com/windowsupda ... 2142441015
Path: C:\WINDOWS\System32\
Long name: wuweb.dll
Short name:
Date (created): 26/05/2005 04:19:32
Date (last access): 19/08/2005 12:02:38
Date (last write): 26/05/2005 04:19:32
Filesize: 173536
Attributes: archive
MD5: C459F2D5E64C942F3F66E1CD7F1C4C00
CRC32: EEF66B50
Version: 5.8.0.2469

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_04
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_04\bin\
Long name: NPJPI150_04.dll
Short name: NPJPI1~1.DLL
Date (created): 03/06/2005 03:52:58
Date (last access): 19/08/2005 11:37:56
Date (last write): 03/06/2005 04:09:54
Filesize: 69746
Attributes: archive
MD5: 8548FE98BD687F35AFD0AED9C2A2DEE3
CRC32: 4058FA1B
Version: 5.0.40.5

{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class)
DPF name:
CLSID name: MsnMessengerSetupDownloadControl Class
Installer: C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.inf
Codebase: http://messenger.msn.com/download/msnme ... loader.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnMessengerSetupDownloader.ocx
Short name: MSNMES~1.OCX
Date (created): 17/03/2005 14:48:34
Date (last access): 19/08/2005 11:16:20
Date (last write): 17/03/2005 14:48:34
Filesize: 113152
Attributes: archive
MD5: 92D24B6643919005213F60D5B537196A
CRC32: 31684779
Version: 1.0.0.2

{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_06
Installer:
Codebase: http://java.sun.com/products/plugin/aut ... s-i586.cab
Path: C:\Program Files\Java\j2re1.4.2_06\bin\
Long name: NPJPI142_06.dll
Short name: NPJPI1~1.DLL
Date (created): 28/09/2004 20:26:10
Date (last access): 19/08/2005 11:37:16
Date (last write): 28/09/2004 20:26:00
Filesize: 65650
Attributes: archive
MD5: 69E5147BA901A9238C4EB08C84E1A85B
CRC32: 6CB34BCC
Version: 1.4.2.60

{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_04
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
Path: C:\Program Files\Java\jre1.5.0_04\bin\
Long name: NPJPI150_04.dll
Short name: NPJPI1~1.DLL
Date (created): 03/06/2005 03:52:58
Date (last access): 19/08/2005 15:31:58
Date (last write): 03/06/2005 04:09:54
Filesize: 69746
Attributes: archive
MD5: 8548FE98BD687F35AFD0AED9C2A2DEE3
CRC32: 4058FA1B
Version: 5.0.40.5

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/shoc ... wflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\System32\macromed\flash\
Long name: Flash.ocx
Short name:
Date (created): 09/06/2004 15:59:26
Date (last access): 19/08/2005 12:00:22
Date (last write): 09/06/2004 15:59:26
Filesize: 939224
Attributes: archive
MD5: FC3E17E12C2E31FAC34B416B3DAB829F
CRC32: D1CF3A57
Version: 7.0.19.0



--- Process list ---
PID: 0 ( 0) [System]
PID: 620 ( 4) \SystemRoot\System32\smss.exe
PID: 680 ( 620) \??\C:\WINDOWS\system32\csrss.exe
PID: 704 ( 620) \??\C:\WINDOWS\system32\winlogon.exe
PID: 752 ( 704) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 764 ( 704) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 944 ( 752) C:\WINDOWS\System32\Ati2evxx.exe
size: 389120
MD5: 4DEAA162480367B232F3EE3A6D34084B
PID: 960 ( 752) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1036 ( 752) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1144 ( 752) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1236 ( 752) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1320 ( 752) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1532 ( 752) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1292 ( 704) C:\WINDOWS\system32\Ati2evxx.exe
size: 389120
MD5: 4DEAA162480367B232F3EE3A6D34084B
PID: 1472 (1332) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 2A7BD330924252A2FD80344FC949BB72
PID: 1632 (1472) C:\WINDOWS\SOUNDMAN.EXE
size: 69632
MD5: 52004AB208D20FD36B1442AAF3C0C945
PID: 1636 (1472) C:\WINDOWS\ALCWZRD.EXE
size: 2550272
MD5: DEB0A8F583174F05DE7CA8FC27C4AAEE
PID: 1704 (1472) C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
size: 32768
MD5: 915A106A2FB87292CEF0AD4F36ADF313
PID: 1716 (1472) C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
size: 258048
MD5: 0FF51313B67228B0E8226E4AC354E3E5
PID: 1724 (1472) C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
size: 36975
MD5: D3E445A99A1142C35D8D3100B5564591
PID: 1728 (1472) C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
size: 663655
MD5: 8B1191283F4EDD9CD3A18C5CC207925C
PID: 208 ( 752) C:\WINDOWS\System32\dllhost.exe
size: 5120
MD5: 9B2CE161927038D4CABE0482A14FD052
PID: 404 ( 752) C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 322120
MD5: 11F714F85530A2BD134074DC30E99FCA
PID: 1680 ( 752) C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
size: 32768
MD5: C87B1D43DD17404B17693BAB55AA6874
PID: 476 ( 752) C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
size: 208896
MD5: BCEDCD73D879837B0BF898963A3D2C21
PID: 552 ( 476) C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
size: 94208
MD5: C05F656542B9E239F25F9BB4DBF9C7E0
PID: 520 ( 752) C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
size: 61440
MD5: A1F8899B212D7EF795E3BF9D39F3100A
PID: 880 ( 752) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1092 ( 752) C:\WINDOWS\System32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 2560 ( 752) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 2888 (1716) C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
size: 73728
MD5: 6A17733F75DAABB062AD6911CBF541BB
PID: 3460 (1472) C:\Program Files\Mozilla Firefox\firefox.exe
size: 6636649
MD5: C37A7772687AC646896CBEA56C938D76
PID: 4004 (1472) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 19/08/2005 15:31:57

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.tiscali.be/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: PAV_LAYERED over [MSAFD Tcpip [TCP/IP]]
GUID: {2AF25994-518C-4C5C-9F70-F335477CE07B}
Filename: C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavlsp.dll

Protocol 1: PAV_LAYERED over [MSAFD Tcpip [UDP/IP]]
GUID: {2AF25994-518C-4C5C-9F70-F335477CE07B}
Filename: C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavlsp.dll

Protocol 2: PAV_LAYERED over [MSAFD Tcpip [RAW/IP]]
GUID: {2AF25994-518C-4C5C-9F70-F335477CE07B}
Filename: C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavlsp.dll

Protocol 3: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 4: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 5: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 6: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 7: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 8: PAV_LAYERED
GUID: {6B320271-E041-22D0-9A38-11BB1164A02D}
Filename: C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavlsp.dll

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E11178EE-71BE-4BDB-9452-B590B3840F13}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E11178EE-71BE-4BDB-9452-B590B3840F13}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{850CAE2E-7362-4FFC-943A-9CCEAAC0CB5F}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{850CAE2E-7362-4FFC-943A-9CCEAAC0CB5F}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A1E42722-EA8C-436F-8FF7-0B1BF57FF9F1}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A1E42722-EA8C-436F-8FF7-0B1BF57FF9F1}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{64939F86-3916-49A8-96E6-5265E107D89B}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{64939F86-3916-49A8-96E6-5265E107D89B}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{15A499C2-821B-4880-8092-B100E8A615F3}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{15A499C2-821B-4880-8092-B100E8A615F3}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8CC1A5AE-F6F4-4DEA-9A9B-E235B5628F10}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8CC1A5AE-F6F4-4DEA-9A9B-E235B5628F10}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{313D7377-A112-43E1-A45D-01D498835DE5}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{313D7377-A112-43E1-A45D-01D498835DE5}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Espace de noms NLA (Network Location Awareness)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace



--- Uninstall list ---
a-squared Free 1.6 1.6 (a-squared Free_is1)
install location: C:\Program Files\a2 Free\
uninstall cmd: "C:\Program Files\a2 Free\unins000.exe"
publisher: Emsi Software GmbH
help link: http://forum.emsisoft.com

Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com

(AddressBook)

Adobe Download Manager 2.0 (Remove Only) 2.0 (AdobeESD)
uninstall cmd: "C:\Program Files\Fichiers communs\Adobe\ESD\uninst.exe"

ATI Display Driver 8.051-040825a-017635C-ATI (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

Belarc Advisor 7.0 (Belarc Advisor 2.0)
uninstall cmd: C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG

(Branding)

CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

CleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe

(Connection Manager)

(DirectAnimation)

(DirectDrawEx)

(DXM_Runtime)

EVEREST Home Edition v2.01 2.01 (EVEREST Home Edition_is1)
install location: C:\Program Files\Lavalys\EVEREST Home Edition\
uninstall cmd: "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
publisher: Lavalys Inc
help link: http://www.lavalys.com

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\piou\Local Settings\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

HP Image Zone 3.5 3.5 (HP Photo & Imaging)
uninstall cmd: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
publisher: HP
help link: http://www.hp.com/support

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

Jasc Paint Shop Pro 9.01 - (9.0.1.1) (Jasc Paint Shop Pro 9.01 - (9.0.1.1))
uninstall cmd: C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG

Jasc Paint Shop Pro 9.01 Patch (Jasc Paint Shop Pro 9.01 Patch)
uninstall cmd: C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG

High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB835221

Correctif Windows XP - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333

Correctif Windows XP - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

(KB884016)

Correctif Windows XP - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250

Correctif Windows XP - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Correctif Windows XP - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

Correctif Windows XP - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472

Correctif Windows XP - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742

Correctif Windows XP - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113

Correctif Windows XP - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046

Correctif Windows XP - KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175

Correctif Windows XP - KB890859 1 (KB890859)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

Correctif Windows XP - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

Mise à jour de sécurité pour Windows XP (KB893066) 2 (KB893066)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066

Correctif Windows XP - KB893086 1 (KB893086)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086

Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Mise à jour pour Windows XP (KB894391) 1 (KB894391)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Mise à jour de sécurité pour Windows XP (KB896422) 1 (KB896422)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422

Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

Mise à jour pour Windows XP (KB896727) 1 (KB896727)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896727

Mise à jour pour Windows XP (KB898461) 1 (KB898461)
install date: 20050803
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587

Mise à jour de sécurité pour Windows XP (KB899588) 1 (KB899588)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899588

Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591

Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214

Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

(Microsoft NetShow Player 2.0)

(MobileOptionPack)

Mozilla Firefox (1.0.6) 1.0.6 (fr-FR) (Mozilla Firefox (1.0.6))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\WINDOWS\UninstallFirefox.exe /ua "1.0.6 (fr-FR)"
publisher: Mozilla

Mozilla Thunderbird (1.0.2) 1.0.2 (fr) (Mozilla Thunderbird (1.0.2))
install location: C:\Program Files\Mozilla Thunderbird
uninstall cmd: C:\WINDOWS\UninstallThunderbird.exe /ua "1.0.2 (fr)"
publisher: Mozilla

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(MsJavaVM)

(NetMeeting)

(OutlookExpress)

(Panda Antivirus Lite)
uninstall cmd: .

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Picasa 2 2.0 (Picasa2)
uninstall cmd: "C:\Program Files\Picasa2\Uninstall.exe"
publisher: Google, Inc.
help link: http://www.picasa.com/

Intel(R) PRO Network Adapters and Drivers (PROSet)
uninstall cmd: Prounstl.exe

(SchedulingAgent)

(ShockwaveFlash)

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

SpywareBlaster v3.4 3.4.0 (SpywareBlaster_is1)
install location: C:\Program Files\SpywareBlaster\
uninstall cmd: "C:\Program Files\SpywareBlaster\unins000.exe"
publisher: Javacool Software LLC

Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Lecteur Windows Media 10 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows XP Service Pack 2 20040819.151636 (Windows XP Service Pack)
uninstall cmd: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=811113

HP PSC & OfficeJet 3.5 3.5 ({0FABD3D7-3036-4e78-B29D-58957ADB0A12})
uninstall cmd: "C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat
publisher: HP
help link: http://www.hp.com/support

Adobe Photoshop Album 2.0 Starter Edition 2.00.000 ({11B569C2-4BF6-4ED0-9D17-A4273943CB24})
version: 33554432
version (major): 2
estimated size: 15751
install date: 20050801
install source: C:\WINDOWS\Downloaded Installations\{30F65707-62BC-4443-BB21-86DA6E7F8A55}\
uninstall cmd: MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
publisher: Adobe Systems, Inc.
readme: C:\Program Files\Adobe\Photoshop Album Starter Edition\2.0\readme.txt

1.1.0.2 ({1C17FC00-1AB2-449F-A9B6-45EBCFBF5BA9})
version: 1

DocProc 3.5.0.0 ({1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 61074
install date: 20050624
install source: D:\Setup\DocProc\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

Multimedia Launcher ({1FBF6C24-C1FD-4101-A42B-0C564F9E8E79})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall

AiO_Scan 40.0.105.000 ({24C8FBF7-26C6-48ca-834B-A4E5C09E362F})
version: 671088745
version (major): 40
estimated size: 242
install date: 20050624
install source: D:\Setup\AiO_Scan\
publisher: Hewlett-Packard

Scan 3.5.0.0 ({257EC58E-03FD-472B-A9B6-93F23A3C4CB0})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 7582
install date: 20050624
install source: D:\Setup\scan\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

FW LiveUpdate 1.0.0 ({28061673-EEBA-49A5-9E2D-9B5D8BACAF7F})
version: 16777216
install date: 20050809
install location: C:\Program Files\SAMSUNG\FW LiveUpdate
install source: C:\DOCUME~1\piou\LOCALS~1\Temp\bye18B.tmp\Disk1\
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28061673-EEBA-49A5-9E2D-9B5D8BACAF7F}\setup.exe" -l0x9 -removeonly
publisher: SAMSUNG

SkinsHP1 5.35.0.043 ({29B50D30-EAFC-4cea-9F76-3A0E3729E9B0})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 145
install date: 20050624
install source: D:\Setup\SkinsHP\
publisher: Hewlett-Packard

Memories Disc Creator 2.0 2.0.479.1607 ({2E132061-C78A-48D4-A899-1D13B9D189FA})
version: 33554911
version (major): 2
estimated size: 43778
install date: 20050623
install source: D:\Setup\MemoriesDisc\
uninstall cmd: MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
publisher: Memories Disc Creator 2.0
comments: Vos remarques
contact: (208) 323-2551
help link: Memories Disc Creator 2.0
help telephone: (208) 323-2551

AIOMinimal 40.0.105.000 ({300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D})
version: 671088745
version (major): 40
estimated size: 327
install date: 20050624
install source: D:\Setup\AIOMinimal\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

J2SE Runtime Environment 5.0 Update 4 1.5.0.40 ({3248F0A8-6813-11D6-A77B-00B0D0150040})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 121261
install date: 20050719
install source: http://java.sun.com/webapps/download/Ge ... dows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_04\README.txt

HP Software Update 1.0.22.20030804 ({34957B51-9676-41CE-9E52-44AE91B73F1C})
version: 16777238
version (major): 1
estimated size: 965
install date: 20050624
install source: D:\Setup\HPSoftwareUpdate\
uninstall cmd: MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
publisher: Hewlett-Packard
help link: http://www.hp.com/support

WebFldrs XP 9.50.6513 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154278257
version (major): 9
version (minor): 50
estimated size: 2652
install date: 20050620
install source: C:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

HPSystemDiagnostics 1.5.0.0 ({3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 897
install date: 20050624
install source: D:\Setup\Sherlock\
publisher: Your Company Name
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

Unload 3.5.0 ({415B8A4E-0EA2-4C69-975C-EEE07B837FD7})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 5204
install date: 20050624
install source: D:\Setup\UnloadIntent\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

Copy 5.35.0.065 ({48242276-DB89-42e8-9678-BD4280D7B99A})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 1327
install date: 20050624
install source: D:\Setup\Copy\
publisher: Hewlett-Packard

PrintScreen 5.35.0.035 ({57C7C46A-D35D-492d-A328-4F8C9B5B4B52})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 1702
install date: 20050624
install source: D:\Setup\printscreen\
publisher: Hewlett-Packard

MP3 Player Utilities 1.45 ({5BBFB0E4-2250-49C3-A8A3-65BE2197D13B})
version: 19726336
version (major): 1
version (minor): 45
estimated size: 3941
install date: 20050807
install source: E:\MP3Set1_45\
uninstall cmd: MsiExec.exe /I{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}
publisher:

5500Trb 40.0.105.000 ({62F79C52-E264-44ab-ABC2-7BEA2962C70D})
version: 671088745
version (major): 40
estimated size: 317
install date: 20050624
install source: C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\AiOHelp\
publisher: Hewlett-Packard

Windows Genuine Advantage v1.3.0254.0 1.3.0254.0 ({63569CE9-FA00-469C-AF5C-E5D4D93ACF91})
version: 16974078
version (major): 1
version (minor): 3
estimated size: 519
install date: 20050803
install source: C:\DOCUME~1\piou\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
publisher: Microsoft
comments: Your Comments
contact: Customer Support Department
help link: http://www.microsoft.com/genuine/downlo ... .aspx/help
help telephone: 1-425.882.8080

AiOSoftware 40.0.105.000 ({63F2408D-A675-4d97-A256-70EACB6B9B4A})
version: 671088745
version (major): 40
estimated size: 4778
install date: 20050624
install source: D:\Setup\AiOSoftware\
publisher: Hewlett-Packard

PowerDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall

5500_Help 40.0.105.000 ({6D4E56A1-22EE-44d8-BD14-7B9FB7F80D1B})
version: 671088745
version (major): 40
estimated size: 705
install date: 20050624
install source: C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\AiOHelp\
publisher: Hewlett-Packard

Java 2 Runtime Environment, SE v1.4.2_06 1.4.2_06 ({7148F0A8-6813-11D6-A77B-00B0D0142060})
version (major): 1
version (minor): 4
estimated size: 110872
install date: 20050719
install source: http://java.sun.com/webapps/download/Ge ... dows-i586/
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142060}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Lisez-moi.txt

Director 5.35.0.051 ({723C033E-63EA-4227-BAB2-0AA8693C16EB})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 1467
install date: 20050624
install source: D:\Setup\Director\
publisher: Hewlett-Packard

5500 40.0.105.000 ({73C23496-A105-4b6f-B8F0-22523DFE4E4E})
version: 671088745
version (major): 40
estimated size: 68
install date: 20050624
install source: C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\Product\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

InstantShare 3.5.0.21 ({745A92AF-53B4-41A7-91C3-9B026B1D5897})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 20043
install date: 20050624
install source: D:\Setup\InstantShare\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

TrayApp 5.35.0.035 ({81DD5688-695A-4c1d-AE7D-368BF857725A})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 391
install date: 20050624
install source: D:\Setup\TrayApp\
publisher: Hewlett-Packard

QFolder 1.00.0000 ({8777AC6D-89F9-4793-8266-DE406F343E89})
version: 16777216
version (major): 1
estimated size: 177
install date: 20050624
install source: D:\setup\QFolder\
publisher: Hewlett-Packard

Microsoft Office Professional Edition 2003 11.0.5614.0 ({9011040C-6000-11D3-8CFE-0150048383C9})
version: 184554990
version (major): 11
estimated size: 693645
install date: 20050620
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

Microsoft Office FrontPage 2003 11.0.5614.0 ({9017040C-6000-11D3-8CFE-0150048383C9})
version: 184554990
version (major): 11
estimated size: 398212
install date: 20050620
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{9017040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

Microsoft Office Project Professional 2003 11.0.5614.0 ({903B040C-6000-11D3-8CFE-0150048383C9})
version: 184554990
version (major): 11
estimated size: 322923
install date: 20050620
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{903B040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1036\PJREADME.HTM

Microsoft Office Visio Professional 2003 11.0.3216.5614 ({9051040C-6000-11D3-8CFE-0150048383C9})
version: 184552592
version (major): 11
estimated size: 380650
install date: 20050620
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Visio11\1036\VIREADME.HTM

Microsoft .NET Framework 1.1 French Language Pack 1.1.4322 ({9A394342-4A68-4EBA-85A6-55B559F4E700})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 3138
install date: 20050623
install source: C:\DOCUME~1\user\LOCALS~1\Temp\Langpacks\FRA\
uninstall cmd: MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1036\RepairRedist.htm

CreativeProjects 5.35.0.059 ({9B03C535-3AEA-4ef2-B326-0A01A2207034})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 98269
install date: 20050624
install source: D:\Setup\CreativeProjects\
publisher: Hewlett-Packard

Pinnacle InstantCD/DVD Suite 8.3.0.10 ({A01872BE-2123-4F1B-B295-E3D1774DC0C9})
version: 134414336
version (major): 8
version (minor): 3
estimated size: 874070
install date: 20050620
install location: [INSTANTCDDVD]
install source: D:\InstantCDDVD\
uninstall cmd: MsiExec.exe /I{A01872BE-2123-4F1B-B295-E3D1774DC0C9}
publisher: Pinnacle Systems Inc
comments: Build number: 0004
help link: http://www.pinnaclesys.com/menusupport_ ... angue_ID=7

Readme 40.0.105.000 ({A2500497-FD32-493e-B8E5-28D6728DBEF5})
version: 671088745
version (major): 40
estimated size: 40
install date: 20050624
install source: D:\Setup\readme\
publisher: Hewlett-Packard

MSN Messenger 7.0 7.0.0813 ({ABEB838C-A1A7-4C5D-B7E1-8B4314600813})
version: 117441325
version (major): 7
estimated size: 11993
install date: 20050812
install source: C:\WINDOWS\Installer\MSN Messenger 7.0.0813\
uninstall cmd: MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600813}
publisher: Microsoft Corporation

Adobe Acrobat 7.0.1 and Reader 7.0.1 Update 7.0.2 ({AC76BA86-0000-7EC8-7489-000000000702})
version: 117440514
version (major): 7
estimated size: 1813
install date: 20050801
install source: C:\Program Files\Adobe\{0C55731F-7B21-4936-839A-BA09B2EAED59}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000702}
publisher: Adobe Systems
comments: Adobe Acrobat 7.0.1 and Reader 7.0.1 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687

Adobe Acrobat 7.0.2 and Reader 7.0.2 Update 7.0.3 ({AC76BA86-0000-7EC8-7489-000000000703})
version: 117440515
version (major): 7
estimated size: 2425
install date: 20050801
install source: C:\Program Files\Adobe\{AC703000-70F3-4E65-BC6A-CF781045277C}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000703}
publisher: Adobe Systems
comments: Adobe Acrobat 7.0.2 and Reader 7.0.2 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687

Adobe Reader 7.0 7.0.0 ({AC76BA86-7AD7-1033-7B44-A70000000000})
version: 117440512
version (major): 7
estimated size: 63015
install date: 20050704
install location: C:\Program Files\Adobe\Acrobat 7.0\Reader\
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

Spelling Dictionaries For Adobe Reader Package 7.0.0 ({AC76BA86-7AD7-5464-3428-7E8A450000A7})
version: 117440512
version (major): 7
estimated size: 25897
install date: 20050801
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\SpellingDictionary\{6850D81D-1BEF-4E38-A24F-AE7D342AA811}\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7E8A450000A7}
publisher: Adobe Systems
comments: This is a placeholder for ARP comments for Spelling Dictionaries for Adobe Reader 7.0
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687

Fax 40.0.105.000 ({AF226123-1A6F-4ec1-8DEF-E35E7A0D0127})
version: 671088745
version (major): 40
estimated size: 25585
install date: 20050
piou
 

Messagede nickW » 19 Aoû 2005, 17:11

Re-bonjour,

Si l'icône dont tu parles ressemble à ceci:
Image

tu devrais lire cette page:
http://www.microsoft.com/france/windows ... intro.mspx

Je regarde le reste....

Salut,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede piou » 19 Aoû 2005, 17:36

Re,

merci pour le lien, je l'avais déjà consulté auparavant. Ce qui m'intrigue, c'est que j'ai décoché les options d'avertissement du pare feu, de l'antivirus et des mises à jour automatiques, mais que ça réapparait chaque fois coché! De plus il me dit que mon antivirus est foireux alors que Panda me dit que je suis au niveau maximum de sécurité.
Je pensais donc que c'était peut être lié à ce truc que Spybot me trouve à chaque fois "Windows security center..." qui apparait dans le rapport...qu'en penses tu d'après ce dernier?

Donc il y a ça qui revient ainsi que CWShredder et PSGuard qui semble être tenace.

Merci pour l'aide, ça commence à bien faire cette crasse

piou
piou
 

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 20 invités

cron