Bonjour, depui quelque jour, g une fenetre qui saffiche systematikement en lancant internet.ce message di "your computer was infected by unknown virus.it's dangerous for your system (critical files cant be lost)" est ce ke kelkun svp pourai mexpliker comen sen debarassser.merci

Unknown trojan

Réponse 21 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 mars 2008 à 17:13

qul fichier est infécté selon avast?

________

refais combofix et recolle le rapport

Réponse 22 / 41

enzo13
7 mars 2008 à 17:23

fichier infecté: C:\WINDOWS\btrsca.exe
nom du logiciel malveillant: Win32:Agent-SRS [Tri] ou [Trj] je voi pa bien la derniere lettre ki est entre crochet
type de logiciel malveillant: Cheval de troie

Réponse 23 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 mars 2008 à 17:25

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :
C:\WINDOWS\btrsca.exe
C:\bhij.exe

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

_______________

refais combofix et recolle le rapport

Réponse 24 / 41

enzo13
7 mars 2008 à 17:31

File/Folder C:\WINDOWS\btrsca.exe not found.
File/Folder C:\bhij.exe not found.

OTMoveIt2 v1.0.20 log created on 03072008_172937

kan jai essayé tout a lheure de le mettre en quarantaine avec avast on ma di action impossible car le fichier nest pa empaqueter ou un truk comme ca

Réponse 25 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 mars 2008 à 17:47

apparement les fichiers ne sont pas presents donc c'est bon

recolle un combofix

puis rescanne avec avast pour voir

Réponse 26 / 41

enzo13
7 mars 2008 à 18:08

g lancer combofix aparemen il a supprimer plin de virus mai des kil a redemarrer lordi il a pa reussi a trouver le compte rendu.et avast ne me lance plu de message dalerte donc je pense ke c bon kesten pense

Réponse 27 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 mars 2008 à 18:24

ca devrait etre bon recolle un nouveau combofix et hijackhtis

Réponse 28 / 41

enzo13
7 mars 2008 à 18:38

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:31, on 2008-03-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\killbagle\Catchme.cfexe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {E9601C0B-FA98-4E6D-A015-AE5B43F47962} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinReanimator] "C:\Program Files\WinReanimator\WinReanimator.exe" /hide
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{165EC82A-C379-40CC-92D4-021E9F4FF695}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{B497EAFD-1937-4E26-8AD1-74367149A9F9}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{165EC82A-C379-40CC-92D4-021E9F4FF695}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{165EC82A-C379-40CC-92D4-021E9F4FF695}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify: iebvss32 - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

Réponse 29 / 41

enzo13
7 mars 2008 à 18:41

nn en fait il me sor plin dautre signalement de ce type
reli plu haut dabor

Réponse 30 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 mars 2008 à 19:08

oui desactive le tea timer de spybot, le temps de la desinsfection , c'est pour cela que certains persistent et accepte tout ce qui est modifie
car en desinfectant on modifie le registre ce que décèle spybot

____________

scan avec avg antispyware et colle le rapport

https://www.01net.com/telecharger/

Réponse 31 / 41

enzo13
7 mars 2008 à 19:57

VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 19:53 2008-03-07

+ Résultat de l'analyse:

C:\Program Files\Rockstar Games\GTA San Andreas\hlm-intro.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{D20C9604-8FB2-49B8-940C-53067999CFAA}\RP168\A0091415.exe -> Downloader.Agent.ica : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{D20C9604-8FB2-49B8-940C-53067999CFAA}\RP168\A0091669.exe -> Downloader.Agent.ica : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{D20C9604-8FB2-49B8-940C-53067999CFAA}\RP165\A0086039.dll -> Not-A-Virus.Adware.E404 : Ignoré.
C:\System Volume Information\_restore{D20C9604-8FB2-49B8-940C-53067999CFAA}\RP165\A0087906.sys -> Rootkit.Agent.aaq : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\yuksel\Cookies\yuksel@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.10:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.11:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.12:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.165:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.166:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.175:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.47:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.75:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.9:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\user\Cookies\user@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\user\Cookies\user@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\user\Cookies\user@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\user\Cookies\user@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@aolfr.122.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@microsoftwlmessengermkt.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@shopping.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.16:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.17:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\system@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\system@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\system@adengage[1].txt -> TrackingCookie.Adengage : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\system@ads.adengage[2].txt -> TrackingCookie.Adengage : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.27:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.28:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\user\Cookies\user@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.36:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\user\Cookies\user@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\user\Cookies\user@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@enhance[1].txt -> TrackingCookie.Enhance : Nettoyé.
:mozilla.105:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\user\Cookies\user@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@findwhat[1].txt -> TrackingCookie.Findwhat : Nettoyé.
:mozilla.314:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@ehg-neuftelecom.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@ehg-nokiafin.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@ehg-yvesrocher.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.136:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.137:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.236:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
:mozilla.138:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.132:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.133:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.134:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.42:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.43:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.44:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@auto.search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@ie.search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.265:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\user\Cookies\user@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\system@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.187:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\user\Cookies\user@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\system@paycounter[1].txt -> TrackingCookie.Paycounter : Nettoyé.
:mozilla.19:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.20:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.21:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.22:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.23:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.24:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.25:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.26:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.223:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.224:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\user\Cookies\user@real[2].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\user\Cookies\user@realguide.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@real[1].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.226:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.244:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.245:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.246:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.247:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.248:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.58:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\user\Cookies\user@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\user\Cookies\user@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.50:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.258:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.259:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.260:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.261:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\user\Cookies\user@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@h.starware[2].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@try.starware[2].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@trafficmp[1].txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.287:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\user\Cookies\user@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.298:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.299:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.300:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.301:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\user\Cookies\user@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.154:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\system@free.wegcash[1].txt -> TrackingCookie.Wegcash : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@programs.wegcash[1].txt -> TrackingCookie.Wegcash : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\system@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.343:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.344:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.345:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\49wnlp9d.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@c2.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\yuksel\Cookies\yuksel@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
C:\System Volume Information\_restore{D20C9604-8FB2-49B8-940C-53067999CFAA}\RP165\A0086035.DLL -> Trojan.BHO.awy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\Gng45.sys.vir -> Trojan.Srizbi.j : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{D20C9604-8FB2-49B8-940C-53067999CFAA}\RP169\A0091861.sys -> Trojan.Srizbi.j : Nettoyé et sauvegardé (mise en quarantaine).

Fin du rapport

Réponse 32 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 mars 2008 à 20:21

vire ce qui est dans quarantine en allant dans poste de travail puis

C:\QooBox\Quarantine

_____________

utilise aussi pour supprimer tes traces

CCLEANER: (lance un nettoyage et repare le registre) : ne pas installer la barre yahoo

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

______________

desactive la restauration systeme puis redemarre ton ordi puis réactive la
https://www.informatruc.com

______________

spybot tu as bien la derniere version sortie en janvier??

si c'est pas le cas desinstalle ton ancienne version puis mets la nouvelle ici:

https://www.safer-networking.org/download/

puis scan avec

_____________

encore des soucis??

Réponse 33 / 41

enzo13
7 mars 2008 à 21:30

g fai tou komme tu ma di
apré avoir scanner avec spybot, il ma sorti 3 probleme:
je te colle le rapport entier

--- Search result list ---
Win32.Agent.gvu: [SBI $CF6AD9E9] Réglages (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1708537768-1677128483-682003330-1004\Software\Microsoft\Bind

Win32.Tiny.abk: [SBI $70B44025] Fichier temporaire (Fichier, nothing done)
C:\WINDOWS\Temp\7CF28762C38CA0D4.tmp

Zlob.DNSChanger.Rtk: [SBI $FE3023DF] Réglages (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System=...KDALX.EXE...

--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---

2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-03-07 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-03-05 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-03-05 Includes\DialerC.sbi (*)
2008-03-05 Includes\HeavyDuty.sbi (*)
2008-03-05 Includes\Hijackers.sbi (*)
2008-03-05 Includes\HijackersC.sbi (*)
2008-02-27 Includes\Keyloggers.sbi (*)
2008-03-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-02-27 Includes\Malware.sbi (*)
2008-03-05 Includes\MalwareC.sbi (*)
2008-02-20 Includes\PUPS.sbi (*)
2008-03-05 Includes\PUPSC.sbi (*)
2008-03-05 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-03-05 Includes\SecurityC.sbi (*)
2008-02-20 Includes\Spybots.sbi (*)
2008-03-05 Includes\SpybotsC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-02-27 Includes\Trojans.sbi (*)
2008-03-05 Includes\TrojansC.sbi (*)
2007-12-24 Plugins\TCPIPAddress.dll

--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
/ Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683)
/ Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
/ Windows XP: Mise à jour de sécurité pour Windows XP (KB941569)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Correctif Windows XP - KB885626
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB904942)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB908531)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB911280)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
/ Windows XP / SP3: Correctif pour Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918118)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB919007)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920213)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920670)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920683)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920685)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB920872)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921503)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB922582)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922819)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923191)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923980)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924270)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924496)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924667)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926255)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926436)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927779)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927802)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB927891)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928255)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928843)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB929123)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB930178)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB930916)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931261)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931784)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB932168)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB933360)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB933729)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB935839)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB935840)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB936021)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB936357)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB937143)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB938127)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB938828)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB938829)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB939653)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB941202)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB941568)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB941644)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB942615)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB942763)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB942840)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB943055)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB943460)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB943485)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB944653)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB946026)

--- Startup entries list ---
Located: HK_LM:Run, !AVG Anti-Spyware
command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6731312
MD5: CC6BC45DD5A58158645E7FB2953604FE

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 79224
MD5: 88D86112DD9F2BB6A603674706C7E846

Located: HK_LM:Run, EzPrint
command: "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
file: C:\Program Files\Lexmark 5400 Series\ezprint.exe
size: 98304
MD5: 404F68EAA178E29D2A96121A5184BC70

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 020B109C1D515879C04A36D6BCA949B8

Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: B1388BF29A0522C7CCD08A563383401B

Located: HK_LM:Run, Lexmark 5400 Series Fax Server
command: "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
file: C:\Program Files\Lexmark 5400 Series\fm3032.exe
size: 294912
MD5: 6C9FB7A576813630C7F0AC9244C5B5D6

Located: HK_LM:Run, LXCTCATS
command: rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, lxctmon.exe
command: "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
file: C:\Program Files\Lexmark 5400 Series\lxctmon.exe
size: 291760
MD5: C33FD040D3A74D58E6675DD734C5D040

Located: HK_LM:Run, NeroFilterCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3E4C03CEFAD8DE135263236B61A49C90

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 385024
MD5: F89DA660C511652EE511FE3AB2F04BFC

Located: HK_LM:Run, RemoteControl
command: "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
file: C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
size: 32768
MD5: 1EEA64D8599B5B7BD8721498E4019CF0

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
size: 132496
MD5: D4F0F7437327DBAA264338BAAFB5E5AF

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
size: 185896
MD5: 74BC945EB2584E90619A56EF5028AB0F

Located: HK_LM:Run, WinReanimator
command: "C:\Program Files\WinReanimator\WinReanimator.exe" /hide
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, CTFMON.EXE
where: PE_C_YUKSEL...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, MSMSGS
where: PE_C_YUKSEL...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259

Located: HK_CU:Run, msnmsgr
where: PE_C_YUKSEL...
command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
file: C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5674352
MD5: A7EFC7EA7EF6FB022A8A95813EDCBE5D

Located: HK_CU:Run, QuickTime Task
where: PE_C_YUKSEL...
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 385024
MD5: F89DA660C511652EE511FE3AB2F04BFC

Located: HK_CU:Run, Sony Ericsson PC Suite
where: PE_C_YUKSEL...
command: "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
file: C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
size: 360448
MD5: 7C655A8CEBA25E82062F4DD926695E5B

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-21-1708537768-1677128483-682003330-1004...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: HK_CU:Run, MSMSGS
where: S-1-5-21-1708537768-1677128483-682003330-1004...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259

Located: HK_CU:Run, MsnMsgr
where: S-1-5-21-1708537768-1677128483-682003330-1004...
command: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5674352
MD5: A7EFC7EA7EF6FB022A8A95813EDCBE5D

Located: HK_CU:Run, Sony Ericsson PC Suite
where: S-1-5-21-1708537768-1677128483-682003330-1004...
command: "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
file: C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
size: 360448
MD5: 7C655A8CEBA25E82062F4DD926695E5B

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1708537768-1677128483-682003330-1004...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F

Located: HK_CU:Run, WintelUpdate
where: S-1-5-21-1708537768-1677128483-682003330-1004...
command: C:\bhij.exe
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A

Located: Démarrage (tous utilisateurs), Adobe Reader Synchronizer.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
file: C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
size: 734872
MD5: 169C293CE9460A05646D17DC6AA2FB2C

Located: Démarrage (utilisateur), OpenOffice.org 2.2.lnk
where: C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
size: 393216
MD5: 7636C40413BB9AC278BD2C8AE24E3E0C

Located: Démarrage (utilisateur), OpenOffice.org 2.2.lnk
where: C:\Documents and Settings\yuksel\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
size: 393216
MD5: 7636C40413BB9AC278BD2C8AE24E3E0C

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

--- Browser helper object list ---
{3049C3E9-B461-4BC5-8870-4C09146192CA} (RealPlayer Download and Record Plugin for Internet Explorer)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: RealPlayer Download and Record Plugin for Internet Explorer
Path: C:\Program Files\Real\RealPlayer\
Long name: rpbrowserrecordplugin.dll
Short name: RPBROW~1.DLL
Date (created): 2008-03-04 15:38:38
Date (last access): 2008-03-07 20:43:22
Date (last write): 2008-03-04 15:38:38
Filesize: 370296
Attributes: archive
MD5: 4D630E9EF94CF8814DFD0E5938230822
CRC32: 02C3DBBF
Version: 1.0.0.522

{E9601C0B-FA98-4E6D-A015-AE5B43F47962} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

--- ActiveX list ---
{512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class)
DPF name:
CLSID name: TotalScan Installer Class
Installer: C:\WINDOWS\Downloaded Program Files\ascstubie.inf
Codebase: https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ascstubie.dll
Short name: ASCSTU~1.DLL
Date (created): 2007-08-21 14:37:26
Date (last access): 2008-03-07 21:06:08
Date (last write): 2007-08-21 14:37:26
Filesize: 124208
Attributes: archive
MD5: 0AD87599756B34C0214AFCE961E78DD5
CRC32: EA254381
Version: 1.0.0.7

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_03
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_03\bin\
Long name: npjpi160_03.dll
Short name: NPJPI1~1.DLL
Date (created): 2007-09-24 23:31:44
Date (last access): 2008-03-04 12:24:52
Date (last write): 2007-09-25 01:11:34
Filesize: 132496
Attributes: archive
MD5: D6A4682A6FF41832A3F1A7AB9AE08199
CRC32: 9080B537
Version: 6.0.30.5

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_02
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_02\bin\
Long name: npjpi160_02.dll
Short name: NPJPI1~1.DLL
Date (created): 2007-07-12 02:22:38
Date (last access): 2008-03-04 12:24:54
Date (last write): 2007-07-12 04:00:36
Filesize: 132496
Attributes: archive
MD5: E3811F1A1C5063C941EC0E2766C3EA39
CRC32: AEFD3747
Version: 6.0.20.6

{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_03
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_03\bin\
Long name: npjpi160_03.dll
Short name: NPJPI1~1.DLL
Date (created): 2007-09-24 23:31:44
Date (last access): 2008-03-07 21:23:54
Date (last write): 2007-09-25 01:11:34
Filesize: 132496
Attributes: archive
MD5: D6A4682A6FF41832A3F1A7AB9AE08199
CRC32: 9080B537
Version: 6.0.30.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_03
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_03\bin\
Long name: npjpi160_03.dll
Short name: NPJPI1~1.DLL
Date (created): 2007-09-24 23:31:44
Date (last access): 2008-03-07 21:23:54
Date (last write): 2007-09-25 01:11:34
Filesize: 132496
Attributes: archive
MD5: D6A4682A6FF41832A3F1A7AB9AE08199
CRC32: 9080B537
Version: 6.0.30.5

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9d.ocx
Short name:
Date (created): 2007-06-11 12:04:32
Date (last access): 2008-03-07 20:41:08
Date (last write): 2007-06-11 12:04:32
Filesize: 2267368
Attributes: readonly archive
MD5: B01E2A41389FBA42B7B5A026EA88C9B7
CRC32: 8980B6EC
Version: 9.0.47.0

--- Process list ---
PID: 0 ( 0) [System]
PID: 436 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 484 ( 436) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 508 ( 436) \??\C:\WINDOWS\system32\winlogon.exe
size: 506368
PID: 552 ( 508) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
PID: 564 ( 508) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 9F3744A5C6F49291A7A685040A013399
PID: 720 ( 552) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 776 ( 552) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 844 ( 552) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 968 ( 552) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1016 ( 552) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1064 ( 552) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
size: 17272
MD5: 591E7CDF35DE74D55CD462A13FBADE5E
PID: 1112 ( 552) C:\Program Files\Alwil Software\Avast4\ashServ.exe
size: 140664
MD5: DBBB6E20EC8C38902C4935B249AEBE2A
PID: 1420 ( 552) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1708 ( 552) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 110592
MD5: 69DA2BB73AC426CDEEBDACC68438BA3D
PID: 1728 ( 552) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
size: 312880
MD5: 5DCD235C061022BCDA9AA48670B64211
PID: 1788 (1768) C:\WINDOWS\Explorer.EXE
size: 1037312
MD5: D0288319660EDCFED07C7E74C4EA38A5
PID: 1836 ( 552) C:\WINDOWS\system32\lxctcoms.exe
size: 528384
MD5: 4C937AA8261062ED9781885C6CB61D5E
PID: 1952 ( 552) C:\WINDOWS\system32\slserv.exe
size: 73796
MD5: 8AA5505E7043298E1FF047F212E4B7AD
PID: 2004 ( 552) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 232 (1788) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
size: 32768
MD5: 1EEA64D8599B5B7BD8721498E4019CF0
PID: 240 (1788) C:\Program Files\Lexmark 5400 Series\lxctmon.exe
size: 291760
MD5: C33FD040D3A74D58E6675DD734C5D040
PID: 264 (1788) C:\Program Files\Lexmark 5400 Series\ezprint.exe
size: 98304
MD5: 404F68EAA178E29D2A96121A5184BC70
PID: 316 (1788) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
size: 79224
MD5: 88D86112DD9F2BB6A603674706C7E846
PID: 336 (1788) C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
size: 185896
MD5: 74BC945EB2584E90619A56EF5028AB0F
PID: 356 (1788) C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
size: 132496
MD5: D4F0F7437327DBAA264338BAAFB5E5AF
PID: 460 (1788) C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 020B109C1D515879C04A36D6BCA949B8
PID: 852 (1788) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6731312
MD5: CC6BC45DD5A58158645E7FB2953604FE
PID: 1004 (1788) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A
PID: 676 (1788) C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
PID: 1540 (1788) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
size: 360448
MD5: 7C655A8CEBA25E82062F4DD926695E5B
PID: 2084 (2076) C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
size: 2359296
MD5: 92972B746849766DDB3AF2D1F12FC676
PID: 2100 (2084) C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
size: 2510848
MD5: 0D601C7C65AF904254C45A0FAA37F3C5
PID: 2364 ( 552) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
size: 247160
MD5: 36088BA16E85C081D7BC48725872D540
PID: 2400 ( 552) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
size: 345464
MD5: 86ACF7955F4DB72880F61D724A97855A
PID: 2768 ( 552) C:\Program Files\iPod\bin\iPodService.exe
size: 504104
MD5: E1BD28CA09EE8F30E8EDBD6C19F5579D
PID: 2948 ( 552) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 2FE681D10C5FC343DBBC0610B8DD4D24
PID: 3608 ( 552) C:\Program Files\MSN Messenger\usnsvc.exe
size: 97136
MD5: C5B70A6AA947667CE0E5FC84A05EC8B6
PID: 3052 (1788) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 2703D940A62B731AA220529DD7331A78
PID: 1736 (3272) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5146448
MD5: 2ECA8CDEED7C82F879E766DA92A3561A
PID: 2276 (3272) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F
PID: 4 ( 0) System

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 2008-03-07 21:23:53

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.google.com/?gws_rd=ssl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.google.fr/?gws_rd=ssl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.google.com/?gws_rd=ssl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.google.com/?gws_rd=ssl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr/?ocid=iehp
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
https://www.google.com/?gws_rd=ssl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm

--- Winsock Layered Service Provider list ---

--- Uninstall list ---
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (03/26/2007 5.10.0.5391) 03/26/2007 5.10.0.5391 (745E2BCA96480F7C8B1916868CE0857DF78830AB)
uninstall cmd: C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\hdart.inf
publisher: Realtek Semiconductor Corp.

(AddressBook)

avast! Antivirus 4.7 (avast!)
version (major): 4
version (minor): 7
install location: C:\PROGRA~1\ALWILS~1\Avast4
install source: C:\PROGRA~1\ALWILS~1\Avast4\setup
uninstall cmd: rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
publisher: Alwil Software
help link: https://www.avast.com/fr-fr/index

AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: https://www.avg.com/fr-fr/homepage

BitTorrent 5.0.9 (BitTorrent)
uninstall cmd: "C:\Program Files\BitTorrent\uninstall.exe"

(Branding)

CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

(Connection Manager)

(DirectAnimation)

(DirectDrawEx)

(DXM_Runtime)

eMule (eMule)
uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"

Files Secure 2.1 (Files Secure)
version (major): 2
version (minor): 1
install location: C:\Program Files\Files-Secure
uninstall cmd: C:\Program Files\Files-Secure\Uninstall.exe

(Fontcore)

HijackThis 2.0.2 2.0.2 (HijackThis)
uninstall cmd: "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
publisher: TrendMicro

Hijackthis Version Française (Hijackthis Version Française_is1)
install location: C:\Program Files\Hijackthis Version Française\
uninstall cmd: "C:\Program Files\Hijackthis Version Française\unins000.exe"
publisher: Pc-Help-Bordeaux
help link: http://pchelpbordeaux.free.fr

(ICW)

Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20071212
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

(IE40)

(IE4Data)

(IE5BAKEX)

Windows Internet Explorer 7 20070813.185237 (ie7)
install date: 20071212
uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/office/internet-explorer-help-23360e49-9cd3-4dda-ba52-705336cc0de2?ui=en-US&rs=en-001&ad=US

(IEData)

(InstallShield Uninstall Information)

Correctif Windows XP - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/873339

(KB884016)

(KB884267)

(KB885353)

Correctif Windows XP - KB885626 20040909.122822 (KB885626)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885626$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885626

Correctif Windows XP - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885835/ms04-044-vulnerabilities-in-windows-kernel-and-lsass-could-allow-eleva

Correctif Windows XP - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/885836/ms04-041-a-vulnerability-in-wordpad-could-allow-code-execution

Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/886185

(KB886612)

(KB887078)

Correctif Windows XP - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/887472

(KB887626)

High Definition Audio - KB888111 20040219.000000 (KB888111WXPSP2)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us

Correctif Windows XP - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/888302

(KB888656)

(KB889858)

Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/890046

Correctif Windows XP - KB890859 1 (KB890859)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/890859

(KB891122)

Correctif Windows XP - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/891781

Windows Genuine Advantage Validation Tool (KB892130) (KB892130)
install date: 20080110
publisher: Microsoft Corporation
help link: https://www.microsoft.com/en-us/howtotell/default.aspx

(KB892313)

(KB893240)

(KB893241)

Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/893756

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/893803/windows-installer-3-1-v2-3-1-4000-2435-is-available

Mise à jour pour Windows XP (KB894391) 1 (KB894391)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/894391/

(KB895181)

(KB895316)

(KB895572)

Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896358/ms05-026-a-vulnerability-in-html-help-could-allow-remote-code-executio

Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/896428

(KB897586)

Mise à jour pour Windows XP (KB898461) 1 (KB898461)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/898461/

(KB898549)

Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899587

Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899591

(KB900399)

Mise à jour pour Windows XP (KB900485) 2 (KB900485)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/900485

Mise à jour de sécurité pour Windows XP (KB900725) 1 (KB900725)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/900725

Mise à jour de sécurité pour Windows XP (KB901017) 1 (KB901017)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/901017

Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/901214

(KB902344)

Mise à jour de sécurité pour Windows XP (KB902400) 1 (KB902400)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/902400/ms05-051-vulnerabilities-in-ms-dtc-and-com-could-allow-remote-code-exe

Mise à jour de sécurité pour Windows XP (KB904706) 2 (KB904706)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/904706

Mise à jour pour Windows XP (KB904942) 2 (KB904942)
install date: 20071212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/904942/authentication-fails-when-you-use-outlook-or-outlook-express-to-try-to

Mise à jour de sécurité pour Windows XP (KB905414) 1 (KB905414)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905414

Mise à jour de sécurité pour Windows XP (KB905749) 1 (KB905749)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905749

(KB907658)

Mise à jour de sécurité pour Windows XP (KB908519) 1 (KB908519)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/908519

Mise à jour pour Windows XP (KB908531) 2 (KB908531)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/908531

Mise à jour pour Windows XP (KB910437) 1 (KB910437)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/910437

Mise à jour pour Windows XP (KB911280) 2 (KB911280)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911280

Mise à jour de sécurité pour Windows XP (KB911562) 1 (KB911562)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911562

Mise à jour de sécurité pour Lecteur Windows Media (KB911564) (KB911564)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911564

(KB911565)

(KB911854)

Mise à jour de sécurité pour Windows XP (KB911927) 1 (KB911927)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/911927

Mise à jour de sécurité pour Windows XP (KB913580) 1 (KB913580)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/913580

Mise à jour de sécurité pour Windows XP (KB914388) 1 (KB914388)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/914388

Mise à jour de sécurité pour Windows XP (KB914389) 1 (KB914389)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/914389

Correctif pour Windows XP (KB914440) 12 (KB914440)
install date: 20071212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/914440

Hotfix for Windows XP (KB915865) 10 (KB915865)
install date: 20071212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/915865

Mise à jour pour Windows XP (KB916595) 1 (KB916595)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/916595

Mise à jour de sécurité pour Windows XP (KB917344) 1 (KB917344)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/917344

Mise à jour de sécurité pour Windows XP (KB917953) 1 (KB917953)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/917953

Mise à jour de sécurité pour Windows XP (KB918118) 1 (KB918118)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/918118

Mise à jour de sécurité pour Windows XP (KB918439) 1 (KB918439)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/918439

Mise à jour de sécurité pour Windows XP (KB919007) 1 (KB919007)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/919007/ms06-052-vulnerability-in-pragmatic-general-multicast-pgm-could-result

Mise à jour de sécurité pour Windows XP (KB920213) 1 (KB920213)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/920213

Mise à jour de sécurité pour Windows XP (KB920670) 1 (KB920670)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/920670

Mise à jour de sécurité pour Windows XP (KB920683) 1 (KB920683)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/920683

Mise à jour de sécurité pour Windows XP (KB920685) 1 (KB920685)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/920685

Mise à jour pour Windows XP (KB920872) 1 (KB920872)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/920872

Mise à jour de sécurité pour Windows XP (KB921503) 1 (KB921503)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/921503

Mise à jour pour Windows XP (KB922582) 1 (KB922582)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/922582/error-message-when-you-try-to-update-a-microsoft-windows-based-compute

Mise à jour de sécurité pour Windows XP (KB922819) 1 (KB922819)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/922819

Mise à jour de sécurité pour Windows XP (KB923191) 1 (KB923191)
install date: 20070828
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/923191

Mise à jour de sécurité pour Windows XP (KB923414) 1 (KB923414)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/923414

Mise à jour de sécurité pour Windows XP (KB923980) 1 (KB923980)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/923980

Mise à jour de sécurité pour Windows XP (KB924270) 1 (KB924270)
install date: 20070829
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/924270

Mise à jour de sécurité pour Windows XP (KB924496) 1 (KB92449

Réponse 34 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
8 mars 2008 à 11:09

encore des soucis??

____________
recolle un rapport hijakchit

Réponse 35 / 41

enzo13
8 mars 2008 à 12:16

nn ca va ya plu de souci.javai une dernier kestion a te poser.apré avoir installer tous ces programme, jaimerai savoir kel sont ceu ke tu me conseillerai de garder pour me proteger de toute les menaces?

Logfile of HijackThis v1.99.1
Scan saved at 12:14, on 2008-03-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {E9601C0B-FA98-4E6D-A015-AE5B43F47962} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinReanimator] "C:\Program Files\WinReanimator\WinReanimator.exe" /hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{165EC82A-C379-40CC-92D4-021E9F4FF695}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{B497EAFD-1937-4E26-8AD1-74367149A9F9}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{165EC82A-C379-40CC-92D4-021E9F4FF695}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{165EC82A-C379-40CC-92D4-021E9F4FF695}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: iebvss32 - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: oledll - {12345B67-1234-1234-D123-7F84D123BC7D} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

Réponse 36 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
8 mars 2008 à 13:05

relnce hijakchits et fix :

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {E9601C0B-FA98-4E6D-A015-AE5B43F47962} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
O20 - Winlogon Notify: iebvss32 - C:\WINDOWS\
O21 - SSODL: oledll - {12345B67-1234-1234-D123-7F84D123BC7D} - (no file)

_______________

pour protéger gratos ton ordi

https://www.commentcamarche.net/telecharger/ 4 securite

mettre un antivirus

AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
AD AWARE + SPYBOT
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware on sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
https://www.commentcamarche.net/telecharger/ 157 zonealarm

-----------

CCLEANER pour effacer les traces de surf

Réponse 37 / 41

enzo13
8 mars 2008 à 14:50

olala g un autre probleme mintenant mon ordinateur redemarre achak foi ke je lalumme apré 10-15 minute.g un message derreur de microsoft windows ki aparai et ki me di ke le syteme a recuperer une erreur serieuse.je voudrai bien tenvoyer le rapport mai je nariv pa a le copier

Réponse 38 / 41

enzo13
8 mars 2008 à 14:52

ah ca yé voici le signalemen de lerreur:

BCCode : c2 BCP1 : 00000007 BCP2 : 00000CD4 BCP3 : 02060033
BCP4 : 8195D628 OSVer : 5_1_2600 SP : 2_0 Product : 768_1

Réponse 39 / 41

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
8 mars 2008 à 15:03

tout allais bien pourtant!!!

ton windows est legal?

tu a mis quelque chose de plus (logiciel) depuis le message 36?

Réponse 40 / 41

enzo13
8 mars 2008 à 15:27

oui il est legal.mai g mi exactement ce ke tu ma conseiller dinstaller.javai deja avast et spybot.g rajouter spywareblaster et zone alarme.sauf ke je nariv pa a installer ad aware.je croi ke sa vien du fai dinstaller ad aware en fait parce ke ca fai un bon momen kil ne c pa etein lordi.kan jessaye dinstaller adaware il me dise kil ne peuve pa car soit lordi est en mode sans echec ce ki né pa le ca soit kil y a un probleme o niveau de niveau.je voudré bien reesayer de linstaller pour te dire ce kil me diz exactemen mai g peur ke lordi redemarre

Unknown trojan

41 réponses

Discussions similaires