Mozilla efface mes traces systematiquement

charliemouse Messages postés 87 Date d'inscription   Statut Membre Dernière intervention   -  
 Utilisateur anonyme -
bonjour,

Je viens de m'aperceevoir, que depuis ma dernière infection,
mozilla efface mes traces sur tout les forums
et toutes les sessions d'identifications, parce
qu'il s'est paramétré "tout seul"
le truc c'est que lorsque je veux supprimer dans mes
traces effacer les sessions
Ya rien à faire...
on peut faire autres chose que désinstaller et réinstaller
j'ai tellement de truc là de dans!
merci de votre aide
Configuration: Windows XP
Firefox 2.0.0.4

14 réponses

  1. Utilisateur anonyme
     
    tu as essayer de rétablir la configuration par défaut, dans outils...onglet général ?

    0
    1. charliemouse Messages postés 87 Date d'inscription   Statut Membre Dernière intervention  
       
      Hi!
      Ben vi je viens de réessayer, mais impossible de décocher
      effacer les sessions d'identifications..:-O
      0
  2. Utilisateur anonyme
     
    faudra d'abord éliminer ton infection...
    fais ceci avec Iexplorer
    http://support.f-secure.fr/fra/home/ols.shtml
    copie le rapport ici:
    0
    1. charliemouse
       
      bonjour,

      impossible de scanner par là, j'ai hajic quelques chose
      ça peut aller?
      j'ai changer d'anti virus, j'ai antivir
      et j'ai zone alarm en parefeu
      a priori mozilla n'accepte pas
      que je décoche session identification
      dans effacer mes traces
      0
  3. Utilisateur anonyme
     
    0
    1. charliemouse
       
      re voici et j'oubliai sur ccm il me faut me réidentifier à chaque fois...

      Logfile of HijackThis v1.99.1
      Scan saved at 15:50:54, on 17/07/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\WINDOWS\system32\HPConfig.exe
      C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\MsPMSPSv.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\ehome\ehtray.exe
      C:\WINDOWS\system32\carpserv.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\Program Files\HPQ\One-Touch\OneTouch.EXE
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
      C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      C:\Program Files\Mobipocket.com\Mobipocket Reader\readernotify.exe
      C:\Program Files\Wellnomics WorkPace\workpace.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\wbem\wmiapsrv.exe
      C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
      C:\WINDOWS\msagent\AgentSvr.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.generation-nt.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [CARPService] carpserv.exe
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [Desktop Zoom] C:\Program Files\HPQ\Desktop Zoom\hpwinadj.exe -s
      O4 - HKLM\..\Run: [TV Now] C:\Program Files\HPQ\Notebook Utilities\TvNow.exe /RK
      O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
      O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
      O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [Mobipocket Reader Notifications] C:\Program Files\Mobipocket.com\Mobipocket Reader\readernotify.exe
      O4 - HKCU\..\Run: [Wellnomics WorkPace 3.5.1] "C:\Program Files\Wellnomics WorkPace\workpace.exe"
      O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
      O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O14 - IERESET.INF: START_PAGE_URL=www.generation-nt.com
      O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
      O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
      O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
      O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      0
    2. charliemouse
       
      Bonsoir, bonjour,

      j'ai supprimer ce que tu m'as dis, malheureusement,
      mozilla me boude toujours
      pas moyen de réentrer mes sessions
      d'identification
      voilà... koi fer doc?
      0
  4. Utilisateur anonyme
     
    termines le processus:
    C:\Program Files\Wellnomics WorkPace\workpace.exe
    https://leblogdeclaude.blogspot.com/2007/07/terminer-un-processus.html
    -----------------------------
    cocher + fixer
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Mobipocket Reader Notifications] C:\Program Files\Mobipocket.com\Mobipocket Reader\readernotify.exe
    O4 - HKCU\..\Run: [Wellnomics WorkPace 3.5.1] "C:\Program Files\Wellnomics WorkPace\workpace.exe"
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    -------------------------------------------
    ensuite fais ceci:
    https://leblogdeclaude.blogspot.com/2007/03/informatique-procdure-navifix.html

    0
    1. charliemouse
       
      je m'excuse mais c'est mon premier pc
      j'ai terminer le processus,
      de workpace
      mais k'entends tu par cocher et fixer?
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    0
    1. charliemouse
       
      il semble que word remarche normalement, voici le dernier rapport
      Search Navipromo version 2.0.5 commencé le mar. 17/07/2007 à 16:40:18,35

      !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
      !!! Poster ce rapport sur le forum pour le faire analyser !!!
      !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

      Fix lancé depuis C:\Program Files\navilog1
      Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO

      Executé en mode normal

      *** Recherche Programmes installes ***




      *** Recherche dossiers dans C:\WINDOWS ***




      *** Recherche dossiers dans C:\Program Files ***




      *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




      *** Recherche dossiers dans C:\Documents and Settings\Administrateur\Application Data ***



      *** Recherche avec BlackLight Engine/F-secure ***
      BlackLight Engine est un produit de F-secure, pour + d'infos :
      https://www.f-secure.com/en


      F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
      ======================================

      Copyright 2005-2006 F-Secure Corporation. All rights reserved.
      This is a beta version. It will expire on 1st of October, 2007.
      Version information: 2.2.1064.

      [+] Started on 07/17/07 at 16:40:34.
      [+] Initializing ...
      [+] Starting scan, press Ctrl-C to abort.
      [+] Scanning for hidden items .........................................................................................
      [+] Scan complete.
      [+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
      [+] Exited on 07/17/07 at 16:51:22 (return code = 0).


      *** Recherche fichiers ***




      *** Recherche cles registre ***


      Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



      Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



      Recherche Clé Magic Control



      *** Module de Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Recherche fichiers connus:


      2)Recherche Heuristique :
      *
      **
      ***
      ****
      *****
      ******
      *******
      ********

      3)Recherche Certificats :


      *** Analyse Terminé le mar. 17/07/2007 à 16:53:42,35 ***
      je n'ai rien oublié?
      0
  7. Utilisateur anonyme
     
    Bien, ce log est clean.
    repostes un rapport Hijackthis,(comme au <6>)
    pour voir si tu as bien cocher+ fixer les lignes du <7>
    https://leblogdeclaude.blogspot.com/2007/05/comment-utiliser-hijackthis-fixer.html
    -------------------------
    0
    1. charliemouse
       
      Voilà, chef! :-)) en tout cas merci pour word,
      j'espère que le reste vas suivre!
      tu es super bien organisé!
      bravo
      1 petite question, pourquoi ccm me reconnais jamais?

      Logfile of HijackThis v1.99.1
      Scan saved at 19:17:30, on 17/07/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\WINDOWS\system32\HPConfig.exe
      C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\MsPMSPSv.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\ehome\ehtray.exe
      C:\WINDOWS\system32\carpserv.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\Program Files\HPQ\One-Touch\OneTouch.EXE
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
      C:\WINDOWS\msagent\AgentSvr.exe
      C:\Program Files\Wellnomics WorkPace\workpace.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.generation-nt.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [CARPService] carpserv.exe
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [Desktop Zoom] C:\Program Files\HPQ\Desktop Zoom\hpwinadj.exe -s
      O4 - HKLM\..\Run: [TV Now] C:\Program Files\HPQ\Notebook Utilities\TvNow.exe /RK
      O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
      O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O14 - IERESET.INF: START_PAGE_URL=www.generation-nt.com
      O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
      O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
      O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
      O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      0
  8. Utilisateur anonyme
     
    à part le fait que ton PC est encombré de pleins de choses inutiles qui démarrent au Boot du PC...
    je ne vois plus rien de nocif dans ce log.
    je te conseille de faire le tri à l'aide de Spyboot:
    https://leblogdeclaude.blogspot.com/2007/03/informatique-supprimer-des-logiciels-au.html

    --------------
    je ne vois plus que ces lignes à cocher+ fixer:

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    -------------------

    0
    1. charliemouse
       
      merci je vais faire le spyboot je voudrais just
      être bien sûre que ce que tu entends par
      démarre au boot cela veut dire au démarrage?
      :-))
      0
  9. Utilisateur anonyme
     
    oui...le boot, c'est le préchargement, avant que ton bureau ne soit dispo....
    Donc faut éviter, de charger tout un tas de bidules...ça accélère la machine...elle respire !
    0
    1. charliemouse
       
      hi!

      euh! je pense que tout se règle ou presque, mozilla me reconnait,
      mais ne demande pas les mots de passes
      mais ça peut le faire,
      par contre le spy boot m a fait décocher
      mon antivirus et mon firewall!

      voilà j'y suis retournée et j'ai recoché les cases, ça suffira?
      j'espère que j'ai pas fait d'autre bêtise
      le truc c que je ne suis pas sure
      ke mon antivir se lance au démarrage...
      je vais retenter
      0
  10. Utilisateur anonyme
     
    par contre le spy boot m a fait décocher
    mon antivirus et mon firewall!


    Spyboot , ne fais rien de lui-même...LOL
    Mais il est ultra simple de faire marche arrière, sans soucis...donc pas de soucis !
    -----------------
    si tu veux, tu me copie ce que tu as dans spyboot...
    avec la petite disquette au dessus, tufais exporter, et tu fais ça sur le bureau (tu cherches pas après)
    tu auras ce fichier;
    SpybotSD.System startup report.txt
    ----------------------------------------
    tu dois avoir un texte genre ceci:
    "
    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2006-02-05 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2007-05-23 advcheck.dll (1.5.3.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2007-01-02 Tools.dll (2.0.1.0)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2007-07-11 Includes\Cookies.sbi
    2007-05-30 Includes\Dialer.sbi
    2007-07-11 Includes\DialerC.sbi
    2007-07-11 Includes\Hijackers.sbi
    2007-07-11 Includes\HijackersC.sbi
    2007-07-11 Includes\Keyloggers.sbi
    2007-07-11 Includes\KeyloggersC.sbi
    2007-07-11 Includes\Malware.sbi
    2007-07-11 Includes\MalwareC.sbi
    2007-07-11 Includes\PUPS.sbi
    2007-07-11 Includes\PUPSC.sbi
    2007-07-11 Includes\Revision.sbi
    2007-05-30 Includes\Security.sbi
    2007-07-11 Includes\SecurityC.sbi
    2007-07-11 Includes\Spybots.sbi
    2007-07-11 Includes\SpybotsC.sbi
    2005-02-17 Includes\Tracks.uti
    2007-07-03 Includes\Trojans.sbi
    2007-07-11 Includes\TrojansC.sbi
    2007-06-06 Plugins\TCPIPAddress.dll

    Located: HK_LM:Run, DSLAGENTEXE
    command: dslagent.exe USB
    file: C:\WINDOWS\system32\dslagent.exe
    size: 16384
    MD5: a3bb10c6a8228e162eaf278884fdb12c

    Located: HK_LM:Run, F-Secure Manager
    command: "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
    file: C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
    size: 172081
    MD5: 01a46bcab8750d09aa7a671fceaf502e

    Located: HK_LM:Run, F-Secure TNB
    command: "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    file: C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe
    size: 724992
    MD5: de027f63b353cac137d6cee3dd783f6f

    Located: HK_LM:Run, GSICONEXE
    command: GSICON.EXE
    file: C:\WINDOWS\system32\GSICON.EXE
    size: 90112
    MD5: 5496351880a91c5bf235e0f099eb22e0

    Located: HK_LM:Run, Logitech Utility
    command: Logi_MwX.Exe
    file: C:\WINDOWS\Logi_MwX.Exe
    size: 20992
    MD5: c921a733fa3f1e4c3505d436dbc5ea47

    Located: HK_LM:Run, Norton Ghost 10.0
    command: "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
    file: C:\Program Files\Norton Ghost\Agent\GhostTray.exe
    size: 1537648
    MD5: 5f8bdc81ac2063c1c4bbafb23f219b90

    ect......
    ------------------------------------------------------

    0
    1. charliemouse
       
      hi
      c'est ça doc?

      --- Search result list ---


      --- System information ---
      Windows XP (Build: 2600) Service Pack 2
      / .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998)
      / .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB930494)
      / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
      If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
      For more information, visit https://support.microsoft.com/en-us/help/917283/ms06-033-a-vulnerability-in-asp-net-could-allow-information-disclosure
      / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
      If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
      For more information, visit https://support.microsoft.com/en-us/help/922770
      / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
      If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
      For more information, visit https://support.microsoft.com/en-us/help/928365/description-of-the-security-update-for-the-net-framework-2-0-for-windo
      / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
      / Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
      / Windows XP: Mise à jour de sécurité pour Windows XP (KB923689)
      / Windows XP / SP3: Correctif Windows XP - KB873339
      / Windows XP / SP3: Correctif Windows XP - KB885835
      / Windows XP / SP3: Correctif Windows XP - KB885836
      / Windows XP / SP3: Correctif Windows XP - KB885884
      / Windows XP / SP3: Correctif Windows XP - KB886185
      / Windows XP / SP3: Correctif Windows XP - KB887472
      / Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB887998)
      / Windows XP / SP3: Correctif Windows XP - KB888302
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
      / Windows XP / SP3: Correctif Windows XP - KB890859
      / Windows XP / SP3: Correctif Windows XP - KB891781
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
      / Windows XP / SP3: Windows Installer 3.1 (KB893803)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899589)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB908531)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB911280)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911567)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917422)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918118)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918899)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB919007)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920213)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920214)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920670)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920683)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920685)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB920872)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921398)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921883)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB922582)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922616)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922819)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923191)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923414)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923694)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923980)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924191)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924270)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924496)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924667)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925454)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925486)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925902)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926255)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926436)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927779)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927802)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB927891)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928090)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928255)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928843)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB929123)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB929338)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB929969)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB930178)
      / Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB930494)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB930916)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931261)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931768)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931784)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB931836)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB932168)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB933566)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB935839)
      / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB935840)
      / Windows XP / SP3: Mise à jour pour Windows XP (KB936357)


      --- Startup entries list ---
      Located: HK_LM:Run, !AVG Anti-Spyware
      command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      size: 6731312
      MD5: cc6bc45dd5a58158645e7fb2953604fe

      Located: HK_LM:Run, ATIPTA
      command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      size: 290816
      MD5: 22bf86e403b26052d79c28184d0b5e11

      Located: HK_LM:Run, avgnt
      command: "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
      file: C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      size: 327720
      MD5: ffc52645ca868e6fe125eb14018e2166

      Located: HK_LM:Run, CARPService
      command: carpserv.exe
      file: C:\WINDOWS\system32\carpserv.exe
      size: 4608
      MD5: 1079b06555a14b5e07d45b9b781d6e99

      Located: HK_LM:Run, Cpqset
      command: C:\Program Files\HPQ\Default Settings\cpqset.exe
      file: C:\Program Files\HPQ\Default Settings\cpqset.exe
      size: 184412
      MD5: 6bbfeca5d51ea82bac35e01c66762753

      Located: HK_LM:Run, ehTray
      command: C:\WINDOWS\ehome\ehtray.exe
      file: C:\WINDOWS\ehome\ehtray.exe
      size: 59392
      MD5: f90137a9897071ede961a5aba4ea524f

      Located: HK_LM:Run, QT4HPOT
      command: C:\Program Files\HPQ\One-Touch\OneTouch.EXE
      file: C:\Program Files\HPQ\One-Touch\OneTouch.EXE
      size: 102400
      MD5: 08ef015e726dec909b3929526337e145

      Located: HK_LM:Run, SynTPEnh
      command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      size: 610304
      MD5: 6eb8a26cfbb4e14cf5318cfce37e95e7

      Located: HK_LM:Run, SynTPLpr
      command: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      file: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      size: 110592
      MD5: 5dc0a404904ff058d0c080a48a960bf5

      Located: HK_LM:Run, ZoneAlarm Client
      command: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      file: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      size: 919280
      MD5: 3e1731c55f77d150791d4c7e87ad4e5c

      Located: HK_LM:Run, Desktop Zoom (DISABLED)
      command: C:\Program Files\HPQ\Desktop Zoom\hpwinadj.exe -s
      file:

      Located: HK_LM:Run, Display Settings (DISABLED)
      command: C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
      file:

      Located: HK_LM:Run, TV Now (DISABLED)
      command: C:\Program Files\HPQ\Notebook Utilities\TvNow.exe /RK
      file:

      Located: HK_CU:Run, msnmsgr
      command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      file: C:\Program Files\MSN Messenger\msnmsgr.exe
      size: 5354792
      MD5: 6b3c274963543b07951ca0e23a9f1fa3

      Located: HK_CU:Run, swg
      command: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      file: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      size: 171448
      MD5: 0fa44ea8b03aba3e1d240b5a333d8e6a

      Located: HK_CU:Run, VoipBuster
      command: "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
      file: C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
      size: 7390512
      MD5: 81eb54e42b25b6a8e975bcc0096e79b7

      Located: HK_CU:Run, CTFMON.EXE (DISABLED)
      command: C:\WINDOWS\system32\ctfmon.exe
      file: C:\WINDOWS\system32\ctfmon.exe
      size: 15360
      MD5: 5584247b568c2e53934873f4b655fe6a

      Located: HK_CU:Run, swg (DISABLED)
      command: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      file: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      size: 171448
      MD5: 0fa44ea8b03aba3e1d240b5a333d8e6a

      Located: Démarrage (tous utilisateurs), Microsoft Office.lnk (DISABLED)
      command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
      file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
      size: 83360
      MD5: 5bc65464354a9fd3beaa28e18839734a

      Located: System.ini, crypt32chain
      command: crypt32.dll
      file: crypt32.dll

      Located: System.ini, cryptnet
      command: cryptnet.dll
      file: cryptnet.dll

      Located: System.ini, cscdll
      command: cscdll.dll
      file: cscdll.dll

      Located: System.ini, ScCertProp
      command: wlnotify.dll
      file: wlnotify.dll

      Located: System.ini, Schedule
      command: wlnotify.dll
      file: wlnotify.dll

      Located: System.ini, sclgntfy
      command: sclgntfy.dll
      file: sclgntfy.dll

      Located: System.ini, SensLogn
      command: WlNotify.dll
      file: WlNotify.dll

      Located: System.ini, termsrv
      command: wlnotify.dll
      file: wlnotify.dll

      Located: System.ini, WgaLogon
      command:
      file:

      Located: System.ini, wlballoon
      command: wlnotify.dll
      file: wlnotify.dll



      --- Browser helper object list ---
      {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
      BHO name:
      CLSID name: Adobe PDF Reader Link Helper
      description: Adobe Acrobat reader
      classification: Legitimate
      known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
      info link: https://get2.adobe.com/reader/otherversions/
      info source: TonyKlein
      Path: C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\
      Long name: AcroIEHelper.dll
      Short name: ACROIE~1.DLL
      Date (created): 23/10/2006 0:08:42
      Date (last access): 18/07/2007 21:04:48
      Date (last write): 23/10/2006 0:08:42
      Filesize: 62080
      Attributes: archive
      MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
      CRC32: E388508F
      Version: 8.0.0.456

      {53707962-6F74-2D53-2644-206D7942484F} ()
      BHO name:
      CLSID name:
      description: Spybot-S&D IE Browser plugin
      classification: Legitimate
      known filename: SDhelper.dll
      info link: http://spybot.eon.net.au/
      info source: Patrick M. Kolla
      Path: C:\Program Files\Spybot - Search & Destroy\
      Long name: SDHelper.dll
      Short name:
      Date (created): 18/07/2007 20:14:14
      Date (last access): 18/07/2007 21:19:02
      Date (last write): 31/05/2005 1:04:00
      Filesize: 853672
      Attributes: archive
      MD5: 250D787A5712D7768DDC133B3E477759
      CRC32: D4589A41
      Version: 1.4.0.0

      {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
      BHO name:
      CLSID name: SSVHelper Class
      Path: C:\Program Files\Java\jre1.6.0_01\bin\
      Long name: ssv.dll
      Short name:
      Date (created): 29/05/2007 21:45:52
      Date (last access): 18/07/2007 21:04:52
      Date (last write): 14/03/2007 3:43:40
      Filesize: 501400
      Attributes: archive
      MD5: 70FD57D6EDBED8D80C1995257C99D27E
      CRC32: 3CE654AC
      Version: 6.0.10.6

      {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
      BHO name:
      CLSID name: Windows Live Sign-in Helper
      Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
      Long name: WindowsLiveLogin.dll
      Short name: WINDOW~1.DLL
      Date (created): 7/07/2006 13:29:52
      Date (last access): 18/07/2007 21:04:52
      Date (last write): 7/07/2006 13:29:52
      Filesize: 324416
      Attributes: archive
      MD5: 52A70C80A446FA3BBCDAF59A9AB26AF4
      CRC32: B1456034
      Version: 4.0.249.1

      {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
      BHO name:
      CLSID name: Google Toolbar Helper
      description: Google toolbar
      classification: Open for discussion
      known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
      info link: http://www.google.com/intl/fr/toolbar/ie/index.html
      info source: TonyKlein
      Path: c:\program files\google\
      Long name: GoogleToolbar3.dll
      Short name: GOOGLE~3.DLL
      Date (created): 27/01/2007 12:52:22
      Date (last access): 18/07/2007 21:06:56
      Date (last write): 20/01/2007 0:56:04
      Filesize: 2436160
      Attributes: readonly archive
      MD5: 6D44E0C3B43D27484FBB355E470C4188
      CRC32: 2DE875CD
      Version: 4.0.1601.4978



      --- ActiveX list ---
      {00000055-9980-0010-8000-00AA00389B71} ()
      DPF name:
      CLSID name:
      Installer: C:\WINDOWS\Downloaded Program Files\fhg.inf
      Codebase: http://codecs.microsoft.com/codecs/i386/fhg.CAB
      description:
      classification: Legitimate
      known filename:
      info link:
      info source: Safer Networking Ltd.

      {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool)
      DPF name:
      CLSID name: Office Genuine Advantage Validation Tool
      Installer: C:\WINDOWS\Downloaded Program Files\OGAControl.inf
      Codebase: http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
      Path: C:\WINDOWS\system32\
      Long name: OGACheckControl.DLL
      Short name: OGACHE~1.DLL
      Date (created): 13/10/2006 12:30:10
      Date (last access): 16/07/2007 20:27:20
      Date (last write): 13/10/2006 12:30:10
      Filesize: 668976
      Attributes: archive
      MD5: 7A8B261883866E18006885FC9DB46E27
      CRC32: 7562521A
      Version: 1.6.18.0

      {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class)
      DPF name:
      CLSID name: MessengerStatsClient Class
      Installer:
      Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      description:
      classification: Legitimate
      known filename: MessengerStatsPAClient.dll
      info link:
      info source: Safer Networking Ltd.
      Path: C:\WINDOWS\Downloaded Program Files\
      Long name: MessengerStatsPAClient.dll
      Short name: MESSEN~2.DLL
      Date (created): 6/04/2004 20:03:54
      Date (last access): 15/07/2007 9:31:44
      Date (last write): 6/04/2004 20:03:54
      Filesize: 172072
      Attributes: archive
      MD5: 94D1773AEAA2197AFEE3A6F8404FE4E9
      CRC32: 76C3823D
      Version: 9.2.7513.1

      {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class)
      DPF name:
      CLSID name: VerifyGMN Class
      Installer: C:\WINDOWS\Downloaded Program Files\hpobjinstaller_gmn.inf
      Codebase: http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
      description:
      classification: Legitimate
      known filename: hpobjinstaller_gmn.dll
      info link:
      info source: Safer Networking Ltd.
      Path: C:\WINDOWS\Downloaded Program Files\
      Long name: hpobjinstaller_gmn.dll
      Short name: HPOBJI~1.DLL
      Date (created): 8/05/2006 16:24:56
      Date (last access): 15/07/2007 9:31:42
      Date (last write): 8/05/2006 16:24:56
      Filesize: 666168
      Attributes: archive
      MD5: 4D380946F7F20EEF8E69ACFD5B22A146
      CRC32: 522AE8A1
      Version: 1.0.0.12

      {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control)
      DPF name:
      CLSID name: BDSCANONLINE Control
      Installer: C:\WINDOWS\Downloaded Program Files\oscan8.inf
      Codebase: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      description:
      classification: Legitimate
      known filename: oscan8.ocx
      info link:
      info source: Safer Networking Ltd.
      Path: C:\WINDOWS\DOWNLO~1\
      Long name: oscan8.ocx
      Short name:
      Date (created): 1/06/2006 2:54:16
      Date (last access): 15/07/2007 9:31:44
      Date (last write): 1/06/2006 2:54:16
      Filesize: 471040
      Attributes: archive
      MD5: 9026F860148F0569BD92AEEFC4BDDFD7
      CRC32: D1520CCE
      Version: 1.0.0.1

      {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
      DPF name: Java Runtime Environment 1.6.0
      CLSID name: Java Plug-in 1.6.0_01
      Installer:
      Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
      description: Sun Java
      classification: Legitimate
      known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
      info link:
      info source: Patrick M. Kolla
      Path: C:\Program Files\Java\jre1.6.0_01\bin\
      Long name: npjpi160_01.dll
      Short name: NPJPI1~1.DLL
      Date (created): 14/03/2007 2:04:46
      Date (last access): 18/07/2007 8:29:04
      Date (last write): 14/03/2007 3:43:42
      Filesize: 132760
      Attributes: archive
      MD5: F112FB2FD2EF66D439799E3F834DF000
      CRC32: D2B09219
      Version: 6.0.0.6

      {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
      DPF name:
      CLSID name: MessengerStatsClient Class
      Installer:
      Codebase: http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      description:
      classification: Legitimate
      known filename: messengerstatsclient.dll
      info link:
      info source: Safer Networking Ltd.
      Path: C:\WINDOWS\Downloaded Program Files\
      Long name: messengerstatsclient.dll
      Short name: MESSEN~1.DLL
      Date (created): 29/05/2003 16:00:20
      Date (last access): 15/07/2007 9:31:44
      Date (last write): 29/05/2003 16:00:20
      Filesize: 160864
      Attributes: archive
      MD5: B069B555A00AA026F657AA4FD13AE154
      CRC32: 89BB01E1
      Version: 7.1.9502.1

      {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class)
      DPF name:
      CLSID name: ZoneIntro Class
      Installer:
      Codebase: http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
      description:
      classification: Legitimate
      known filename: ZIntro.ocx
      info link:
      info source: Safer Networking Ltd.
      Path: C:\WINDOWS\Downloaded Program Files\
      Long name: ZIntro.ocx
      Short name:
      Date (created): 27/11/2006 17:03:22
      Date (last access): 15/07/2007 9:31:44
      Date (last write): 27/11/2006 17:03:22
      Filesize: 151080
      Attributes: archive
      MD5: D7DC7336A1758679259C09E88D6C1A0E
      CRC32: 3D28955F
      Version: 9.5.3083.1

      {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
      DPF name: Java Runtime Environment 1.4.2
      CLSID name: Java Plug-in 1.4.2
      Installer:
      Codebase: https://www.oracle.com/java/technologies/
      description:
      classification: Legitimate
      known filename: npjpi142.dll
      info link:
      info source: Safer Networking Ltd.
      Path: C:\Program Files\Java\j2re1.4.2\bin\
      Long name: NPJPI142.dll
      Short name:
      Date (created): 18/10/2006 5:47:36
      Date (last access): 18/07/2007 8:25:32
      Date (last write): 18/10/2006 5:47:36
      Filesize: 65636
      Attributes: archive
      MD5: 4ACFBF6AB1BBE79DBD665C186B3B5AFD
      CRC32: BE89D675
      Version: 1.4.2.0

      {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
      DPF name: Java Runtime Environment 1.6.0
      CLSID name: Java Plug-in 1.6.0_01
      Installer:
      Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
      Path: C:\Program Files\Java\jre1.6.0_01\bin\
      Long name: npjpi160_01.dll
      Short name: NPJPI1~1.DLL
      Date (created): 14/03/2007 2:04:46
      Date (last access): 18/07/2007 21:23:32
      Date (last write): 14/03/2007 3:43:42
      Filesize: 132760
      Attributes: archive
      MD5: F112FB2FD2EF66D439799E3F834DF000
      CRC32: D2B09219
      Version: 6.0.0.6

      {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
      DPF name: Java Runtime Environment 1.6.0
      CLSID name: Java Plug-in 1.6.0_01
      Installer:
      Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
      description:
      classification: Legitimate
      known filename: npjpi150_06.dll
      info link:
      info source: Safer Networking Ltd.
      Path: C:\Program Files\Java\jre1.6.0_01\bin\
      Long name: npjpi160_01.dll
      Short name: NPJPI1~1.DLL
      Date (created): 14/03/2007 2:04:46
      Date (last access): 18/07/2007 21:23:32
      Date (last write): 14/03/2007 3:43:42
      Filesize: 132760
      Attributes: archive
      MD5: F112FB2FD2EF66D439799E3F834DF000
      CRC32: D2B09219
      Version: 6.0.0.6

      {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
      DPF name:
      CLSID name: Shockwave Flash Object
      Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
      Codebase: http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
      description: Macromedia Shockwave Flash Player
      classification: Legitimate
      known filename:
      info link:
      info source: Patrick M. Kolla
      Path: C:\WINDOWS\system32\Macromed\Flash\
      Long name: Flash9b.ocx
      Short name:
      Date (created): 9/11/2006 15:46:28
      Date (last access): 18/07/2007 20:55:28
      Date (last write): 9/11/2006 15:46:28
      Filesize: 2262648
      Attributes: readonly archive
      MD5: F3B3EE66CA76C94510555ABE9D00A353
      CRC32: A51F3CB4
      Version: 9.0.28.0



      --- Process list ---
      PID: 0 ( 0) [System]
      PID: 824 ( 4) \SystemRoot\System32\smss.exe
      PID: 880 ( 824) \??\C:\WINDOWS\system32\csrss.exe
      PID: 904 ( 824) \??\C:\WINDOWS\system32\winlogon.exe
      PID: 948 ( 904) C:\WINDOWS\system32\services.exe
      size: 108544
      MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
      PID: 960 ( 904) C:\WINDOWS\system32\lsass.exe
      size: 13312
      MD5: 9F3744A5C6F49291A7A685040A013399
      PID: 1124 ( 948) C:\WINDOWS\system32\svchost.exe
      size: 14336
      MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
      PID: 1200 ( 948) C:\WINDOWS\system32\svchost.exe
      size: 14336
      MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
      PID: 1340 ( 948) C:\WINDOWS\System32\svchost.exe
      size: 14336
      MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
      PID: 1396 ( 948) C:\WINDOWS\system32\svchost.exe
      size: 14336
      MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
      PID: 1604 ( 948) C:\WINDOWS\system32\svchost.exe
      size: 14336
      MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
      PID: 1644 ( 948) C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      size: 75568
      MD5: DE71661665A86A2305918E8B91ACEDB9
      PID: 332 ( 948) C:\WINDOWS\system32\spoolsv.exe
      size: 57856
      MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
      PID: 388 ( 948) C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      size: 204840
      MD5: 9E2CBEF5D6FE51D55AABF22F4EDC8AB3
      PID: 780 ( 652) C:\WINDOWS\Explorer.EXE
      size: 1036288
      MD5: 4C33E5B9A6197B6ED215F6CFBA0A2DAA
      PID: 1436 ( 948) C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      size: 57896
      MD5: 25C11F08FBA4DBFA6741DEC9ABA779F2
      PID: 1456 ( 948) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      size: 312880
      MD5: 5DCD235C061022BCDA9AA48670B64211
      PID: 1656 ( 948) C:\WINDOWS\eHome\ehRecvr.exe
      size: 194560
      MD5: 27434C42A13C11F92CA45840B720D671
      PID: 1724 ( 948) C:\WINDOWS\eHome\ehSched.exe
      size: 103424
      MD5: 4E1F623FD2DCAB00B20BD53D751F6AFA
      PID: 1828 ( 948) C:\WINDOWS\system32\HPConfig.exe
      size: 151552
      MD5: CD040AC1F1B10F5AE56A1F51D107AB9B
      PID: 1904 ( 948) C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
      size: 53248
      MD5: 25B50908F4C033CA812E3AD898C942B8
      PID: 160 ( 948) C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
      size: 270336
      MD5: 8520BEB4B37160D45CB99E8C1BBC8222
      PID: 504 ( 948) C:\WINDOWS\system32\HPZipm12.exe
      size: 69632
      MD5: D31F88C5F19EEFA366A415D6BC5F2ABC
      PID: 664 ( 948) C:\WINDOWS\system32\svchost.exe
      size: 14336
      MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
      PID: 1520 ( 948) C:\WINDOWS\system32\MsPMSPSv.exe
      size: 53248
      MD5: 668056D5C3C11AB7D266819A96B964E8
      PID: 132 ( 780) C:\WINDOWS\ehome\ehtray.exe
      size: 59392
      MD5: F90137A9897071EDE961A5ABA4EA524F
      PID: 1808 ( 780) C:\WINDOWS\system32\carpserv.exe
      size: 4608
      MD5: 1079B06555A14B5E07D45B9B781D6E99
      PID: 1864 (1124) C:\WINDOWS\eHome\ehmsas.exe
      size: 45568
      MD5: 04F893509C03C84F717A83189ED51336
      PID: 2064 ( 780) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      size: 110592
      MD5: 5DC0A404904FF058D0C080A48A960BF5
      PID: 3012 ( 948) C:\WINDOWS\System32\alg.exe
      size: 44544
      MD5: 2FE681D10C5FC343DBBC0610B8DD4D24
      PID: 3044 ( 780) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      size: 610304
      MD5: 6EB8A26CFBB4E14CF5318CFCE37E95E7
      PID: 3108 ( 948) C:\WINDOWS\system32\dllhost.exe
      size: 5120
      MD5: D66259C3BCEFC9CAEB481ED52A4EAC74
      PID: 3236 ( 780) C:\Program Files\HPQ\One-Touch\OneTouch.EXE
      size: 102400
      MD5: 08EF015E726DEC909B3929526337E145
      PID: 3464 ( 780) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      size: 290816
      MD5: 22BF86E403B26052D79C28184D0B5E11
      PID: 3976 ( 780) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      size: 6731312
      MD5: CC6BC45DD5A58158645E7FB2953604FE
      PID: 4056 ( 780) C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      size: 327720
      MD5: FFC52645CA868E6FE125EB14018E2166
      PID: 552 ( 780) C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      size: 919280
      MD5: 3E1731C55F77D150791D4C7E87AD4E5C
      PID: 2544 ( 780) C:\Program Files\MSN Messenger\msnmsgr.exe
      size: 5354792
      MD5: 6B3C274963543B07951CA0E23A9F1FA3
      PID: 1920 ( 948) C:\WINDOWS\system32\svchost.exe
      size: 14336
      MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
      PID: 3064 ( 780) C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
      size: 7390512
      MD5: 81EB54E42B25B6A8E975BCC0096E79B7
      PID: 4020 ( 948) C:\WINDOWS\system32\wbem\wmiapsrv.exe
      size: 126464
      MD5: 77945EA0BFDD662203F07FE5513A409D
      PID: 2168 (1124) C:\Program Files\Internet Explorer\iexplore.exe
      size: 93184
      MD5: 833E2B3F0E2484C0F2B804AE871B4381
      PID: 2648 (1124) C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      size: 171448
      MD5: 0FA44EA8B03ABA3E1D240B5A333D8E6A
      PID: 2700 ( 780) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
      size: 4393096
      MD5: 09CA174A605B480318731E691DC98539
      PID: 4 ( 0) System


      --- Browser start & search pages list ---
      Spybot - Search & Destroy browser pages report, 18/07/2007 21:23:33

      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
      C:\WINDOWS\system32\blank.htm
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
      https://www.google.com/?gws_rd=ssl
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
      http://www.google.com/toolbar/ie8/sidebar.html
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
      http://runonce.msn.com/?v=msgrv75
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
      http://www.google.com/toolbar/ie8/sidebar.html
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
      http://www.google.com/search?q=%s
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
      %SystemRoot%\system32\blank.htm
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
      http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
      http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
      www.generation-nt.com
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
      http://www.google.com/toolbar/ie8/sidebar.html
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
      http://www.google.com/toolbar/ie8/sidebar.html
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
      https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm


      --- Winsock Layered Service Provider list ---
      Protocol 0: MSAFD Irda [IrDA]
      GUID: {3972523D-2AF1-11D1-B655-00805F3642CC}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Infrared protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD Irda [IrDA]

      Protocol 1: MSAFD Tcpip [TCP/IP]
      GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP IP protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD Tcpip [*]

      Protocol 2: MSAFD Tcpip [UDP/IP]
      GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP IP protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD Tcpip [*]

      Protocol 3: MSAFD Tcpip [RAW/IP]
      GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP IP protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD Tcpip [*]

      Protocol 4: RSVP UDP Service Provider
      GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
      Filename: %SystemRoot%\system32\rsvpsp.dll
      Description: Microsoft Windows NT/2k/XP RVSP
      DB filename: %SystemRoot%\system32\rsvpsp.dll
      DB protocol: RSVP * Service Provider

      Protocol 5: RSVP TCP Service Provider
      GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
      Filename: %SystemRoot%\system32\rsvpsp.dll
      Description: Microsoft Windows NT/2k/XP RVSP
      DB filename: %SystemRoot%\system32\rsvpsp.dll
      DB protocol: RSVP * Service Provider

      Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F3695A30-EE6B-4DAC-9744-6F19D5DA9023}] SEQPACKET 5
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F3695A30-EE6B-4DAC-9744-6F19D5DA9023}] DATAGRAM 5
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{BA38CBF4-3661-46A1-9D11-5FE48DFADD68}] SEQPACKET 4
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{BA38CBF4-3661-46A1-9D11-5FE48DFADD68}] DATAGRAM 4
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6A53A3FD-5E0C-4457-906B-252334CB5C3D}] SEQPACKET 0
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6A53A3FD-5E0C-4457-906B-252334CB5C3D}] DATAGRAM 0
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B02E0E99-7C44-41FE-B634-9FEA4385055F}] SEQPACKET 1
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B02E0E99-7C44-41FE-B634-9FEA4385055F}] DATAGRAM 1
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{71018C0A-65C0-419E-8C66-BD894C1C50B1}] SEQPACKET 2
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{71018C0A-65C0-419E-8C66-BD894C1C50B1}] DATAGRAM 2
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{926E0DA6-4A4D-4814-A7D2-2638694165D1}] SEQPACKET 3
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{926E0DA6-4A4D-4814-A7D2-2638694165D1}] DATAGRAM 3
      GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
      Filename: %SystemRoot%\system32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP NetBios protocol
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: MSAFD NetBIOS *

      Namespace Provider 0: TCP/IP
      GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
      Filename: %SystemRoot%\System32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: TCP/IP

      Namespace Provider 1: NTDS
      GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
      Filename: %SystemRoot%\System32\winrnr.dll
      Description: Microsoft Windows NT/2k/XP name space provider
      DB filename: %SystemRoot%\system32\winrnr.dll
      DB protocol: NTDS

      Namespace Provider 2: Espace de noms NLA (Network Location Awareness)
      GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
      Filename: %SystemRoot%\System32\mswsock.dll
      Description: Microsoft Windows NT/2k/XP name space provider
      DB filename: %SystemRoot%\system32\mswsock.dll
      DB protocol: NLA-Namespace



      --- Uninstall list ---
      Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
      uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
      publisher: Lavasoft
      help link: https://www.adaware.com/

      (AddressBook)

      Adobe Flash Player Plugin 9.0.45.0 (Adobe Flash Player Plugin)
      uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
      publisher: Adobe Systems Incorporated

      Avira AntiVir PersonalEdition Classic (AntiVir PersonalEdition Classic)
      uninstall cmd: C:\Program Files\AntiVir PersonalEdition Classic\setup.exe /REMOVE
      publisher: Avira GmbH
      help link: https://support.avira.com/hc/en-us

      ATI Display Driver 8.003.3-040515a-016016C (ATI Display Driver)
      uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

      AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
      install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
      uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
      publisher: Grisoft Ltd.
      help link: https://www.avg.com/fr-fr/homepage

      BitComet 0.81 0.81 (BitComet)
      uninstall cmd: C:\Program Files\BitComet\uninst.exe
      publisher: ~RnySmile~

      CCleaner (remove only) (CCleaner)
      uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

      Conexant 56K ACLink Modem (CNXT_MODEM_PCI_VEN_10B9&DEV_5457&SUBSYS_0850103C)
      uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_10B9&DEV_5457&SUBSYS_0850103C\HXFSETUP.EXE -U -Ihpm08505K.inf

      Conexant AC-Link Audio (Conexant PCI Audio)
      uninstall cmd: CIAunwdm.exe

      (Connection Manager)

      (DirectAnimation)

      (DirectDrawEx)

      DivX Content Uploader 1.1.0 (DivX Content Uploader)
      install location: C:\Program Files\DivX
      uninstall cmd: C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
      publisher: DivX, Inc.

      (DXM_Runtime)

      (Fontcore)

      HijackThis 1.99.1 1.99.1 (HijackThis)
      uninstall cmd: C:\Program Files\Hijackthis Version Française\HijackThis.exe /uninstall
      publisher: Soeperman Enterprises Ltd.

      Hijackthis Version Française 1.99.0.1 (Hijackthis Version Française_is1)
      install location: C:\Program Files\Hijackthis Version Française\
      uninstall cmd: "C:\Program Files\Hijackthis Version Française\unins000.exe"
      publisher: PC-HELP-BORDEAUX
      help link: http://pchelpbordeaux.free.fr/

      HP Imaging Device Functions 7.0 7.0 (HP Imaging Device Functions)
      uninstall cmd: C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
      publisher: HP
      help link: https://support.hp.com/us-en?openCLC=true

      HP Solution Center 7.0 7.0 (HP Solution Center & Imaging Support Tools)
      uninstall cmd: C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
      publisher: HP
      help link: https://support.hp.com/us-en?openCLC=true

      HP Customer Participation Program 7.0 7.0 (HPExtendedCapabilities)
      uninstall cmd: C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
      publisher: HP
      help link: https://support.hp.com/us-en?openCLC=true

      (ICW)

      (IE40)

      (IE4Data)

      (IE5BAKEX)

      (IEData)

      (InstallShield Uninstall Information)

      (InstallShield_{4D022637-CA7C-462B-AD02-DD28FAD8FC2F})

      Correctif Windows XP - KB873339 20041117.092459 (KB873339)
      uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/873339

      (KB884016)

      Correctif Windows XP - KB885835 20041027.181713 (KB885835)
      uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/885835/ms04-044-vulnerabilities-in-windows-kernel-and-lsass-could-allow-eleva

      Correctif Windows XP - KB885836 20041028.173203 (KB885836)
      uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/885836/ms04-041-a-vulnerability-in-wordpad-could-allow-code-execution

      Correctif Windows XP - KB885884 20040924.025457 (KB885884)
      uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/885884

      Correctif Windows XP - KB886185 20041021.090540 (KB886185)
      uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/886185

      Correctif Windows XP - KB887472 20041014.162858 (KB887472)
      uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/887472

      Microsoft .NET Framework 1.0 Hotfix (KB887998) (KB887998)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation

      Correctif Windows XP - KB888302 20041207.111426 (KB888302)
      uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/888302

      Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/890046

      Correctif Windows XP - KB890859 1 (KB890859)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/890859

      Correctif Windows XP - KB891781 20050110.165439 (KB891781)
      uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/891781

      Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/893756

      (KB893803)

      Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
      uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/893803/windows-installer-3-1-v2-3-1-4000-2435-is-available

      Mise à jour pour Windows XP (KB894391) 1 (KB894391)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/894391/

      Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/896358/ms05-026-a-vulnerability-in-html-help-could-allow-remote-code-executio

      Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

      Mise à jour de sécurité pour Windows XP (KB896424) 1 (KB896424)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/896424

      Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/896428

      Mise à jour pour Windows XP (KB898461) 1 (KB898461)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/898461/

      Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/899587

      Mise à jour de sécurité pour Windows XP (KB899589) 1 (KB899589)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/899589

      Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/899591

      Mise à jour pour Windows XP (KB900485) 2 (KB900485)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/900485

      Mise à jour de sécurité pour Windows XP (KB900725) 1 (KB900725)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/900725

      Mise à jour de sécurité pour Windows XP (KB901017) 1 (KB901017)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/901017

      Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/901214

      Mise à jour de sécurité pour Windows XP (KB902400) 1 (KB902400)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/902400/ms05-051-vulnerabilities-in-ms-dtc-and-com-could-allow-remote-code-exe

      Mise à jour de sécurité pour Windows XP (KB904706) 2 (KB904706)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/904706

      Mise à jour de sécurité pour Windows XP (KB905414) 1 (KB905414)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/905414

      Mise à jour de sécurité pour Windows XP (KB905749) 1 (KB905749)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/905749

      Mise à jour de sécurité pour Windows XP (KB908519) 1 (KB908519)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/908519

      Mise à jour pour Windows XP (KB908531) 2 (KB908531)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/908531

      Mise à jour pour Windows XP (KB910437) 1 (KB910437)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/910437

      Mise à jour pour Windows XP (KB911280) 2 (KB911280)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/911280

      Mise à jour de sécurité pour Windows XP (KB911562) 1 (KB911562)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/911562

      Mise à jour de sécurité pour Windows XP (KB911567) 1 (KB911567)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/911567

      Mise à jour de sécurité pour Windows XP (KB911927) 1 (KB911927)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/911927

      Mise à jour de sécurité pour Windows XP (KB912919) 1 (KB912919)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/912919

      Mise à jour de sécurité pour Windows XP (KB913433) (KB913433)
      uninstall cmd: C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/913433

      Mise à jour de sécurité pour Windows XP (KB913580) 1 (KB913580)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: https://support.microsoft.com/en-us/help/913580

      Mise à jour de sécurité pour Windows XP (KB914388) 1 (KB914388)
      install date: 20061018
      uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
      publisher: Microsoft Corporation
      help link: --------------tu as un ancien modem actif, dans ce PC ?
      Located: HK_LM:Run, CARPService
      command: carpserv.exe
      file: C:\WINDOWS\system32\carpserv.exe
      size: 4608
      MD5: 1079b06555a14b5e07d45b9b781d6e99
      tu es bien en ADSL ?
      ;-)

      0
      1. charliemouse
         
        oki,

        qu'est-ce tu appelles un ancien modem?
        sinon vi je suis en adsl
        voilà :-))
        0
    2. Utilisateur anonyme
       
      Le programme en question permet d'entendre le bruit caractéristique du branchement d'un modem classique au NET...inutile si tu es en ADSL...évidemment !
      CARPService
      recherche ce service, et stoppe-le:
      https://leblogdeclaude.blogspot.com/2007/07/comment-stopper-un-service.html
      ---------------------------
      Bon, je vois que ta version Java n'est pas à jour: ( Java Plug-in 1.6.0_01 )
      fais ceci:
      https://leblogdeclaude.blogspot.com/2007/07/mettre-jour-votre-version-java.html

      on fera le reste après...

      0
      1. charliemouse
         
        bonsoir,

        Je n'ai pas trouvé carpservice.
        ? c'est bien ce que tu m'as demandé.
        merci
        0
    3. Utilisateur anonyme
       
      pas grave...
      tu as mis ta version Java à jour ?
      tu peux décocher ceci avec Spybot:
      ----------------------------------------------------------------------------
      Located: HK_CU:Run, VoipBuster
      command: "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
      file: C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
      size: 7390512
      MD5: 81eb54e42b25b6a8e975bcc0096e79b7

      Located: HK_CU:Run, swg
      command: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      size: 171448
      MD5: 0fa44ea8b03aba3e1d240b5a333d8e6a

      Located: HK_CU:Run, msnmsgr
      command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      file: C:\Program Files\MSN Messenger\msnmsgr.exe
      size: 5354792
      MD5: 6b3c274963543b07951ca0e23a9f1fa3

      Located: HK_LM:Run, ehTray
      command: C:\WINDOWS\ehome\ehtray.exe
      file: C:\WINDOWS\ehome\ehtray.exe
      size: 59392
      MD5: f90137a9897071ede961a5aba4ea524f

      Located: HK_LM:Run, Cpqset
      command: C:\Program Files\HPQ\Default Settings\cpqset.exe
      file: C:\Program Files\HPQ\Default Settings\cpqset.exe
      size: 184412
      MD5: 6bbfeca5d51ea82bac35e01c66762753

      Located: HK_LM:Run, CARPService
      command: carpserv.exe
      file: C:\WINDOWS\system32\carpserv.exe
      size: 4608
      MD5: 1079b06555a14b5e07d45b9b781d6e99

      Located: HK_LM:Run, !AVG Anti-Spyware
      command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      size: 6731312
      MD5: cc6bc45dd5a58158645e7fb2953604fe
      ------------------------------------------------------------------------------

      -------------refais un rapport Hijackthis
      0
      1. charliemouse
         
        bonjour,

        voilà le rapport
        Logfile of HijackThis v1.99.1
        Scan saved at 11:27:13, on 20/07/2007
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\ZoneLabs\vsmon.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
        C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
        C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
        C:\WINDOWS\eHome\ehRecvr.exe
        C:\WINDOWS\eHome\ehSched.exe
        C:\WINDOWS\system32\HPConfig.exe
        C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
        C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
        C:\WINDOWS\system32\HPZipm12.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\MsPMSPSv.exe
        C:\WINDOWS\system32\dllhost.exe
        C:\WINDOWS\system32\wuauclt.exe
        C:\WINDOWS\Explorer.EXE
        C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\Program Files\HPQ\One-Touch\OneTouch.EXE
        C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
        C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
        C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
        C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
        C:\Program Files\MSN Messenger\msnmsgr.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Program Files\Mozilla Firefox\firefox.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.generation-nt.com
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
        O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
        O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
        O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
        O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
        O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
        O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
        O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - Global Startup: Microsoft Office.lnk.disabled
        O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
        O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
        O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
        O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
        O14 - IERESET.INF: START_PAGE_URL=www.generation-nt.com
        O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
        O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
        O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
        O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
        O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
        O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
        O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
        O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
        O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
        O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
        O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
        O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
        O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

        eu juste une question, antivri ma mis deu truc en quarantaine hier soir,
        si je les enlève ça fait koi?
        :-)
        0
    4. Utilisateur anonyme
       
      cocher + fixer
      --------------------------
      https://leblogdeclaude.blogspot.com/2007/05/comment-utiliser-hijackthis-fixer.html
      ------------------------------------------------------------------
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

      O4 - Global Startup: Microsoft Office.lnk.disabled
      O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      ------------------------------------------------------------
      termines ce service:
      AVG Anti-Spyware
      la version freeware ne protège pas en temps réel.
      https://leblogdeclaude.blogspot.com/2007/07/comment-stopper-un-service.html
      ------------------------------------------------

      fais ceci:
      https://leblogdeclaude.blogspot.com/2007/03/informatique-procdure-navifix.html
      copies le rapport

      0
      1. charliemouse Messages postés 87 Date d'inscription   Statut Membre Dernière intervention  
         
        bonjour,

        je me demandais si je pouvais vider la quarantaine de mon avg antispy
        j'ai encore des trojan obfuscated.en
        le 1er dans
        C\docum1\local1\temp7db64c.exe
        c\docmentsetting\all users\application data interichorn là y sont 2 apriori.
        l'autre jour j'avais supprimé des fichier comme interichorn
        en mode sans echec
        je peux les effacer ou il faut encore faire un truc spécial?
        merci
        0