Execution automatique intempestive

alphabroc -
alphabroc Messages postés 21 Statut Membre - 16 janv. 2009 à 12:20

Bonjour,

depuis quelques temps une fenetre " execution automatique" s'ouvre sur mon ecran d'ordinateur pendant qques secondes puis disparais. Cela se reproduit tres souvent. Le systeme en est tres ralentit, que puis je faire.
Voici un log hijackthis: Merci d'avance

Logfile of HijackThis v1.99.1
Scan saved at 21:08:18, on 11/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\program files\rnamfler\naomf.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\rnamfler\naofsvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
c:\program files\rnamfler\radprcmp.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st#home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {12AE2025-3A9E-4640-BE1A-F30876B1A97E} - C:\WINDOWS\system32\geBstqrP.dll (file missing)
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: (no name) - {2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [wrna3ls] C:\program files\rnamfler\naomf.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [s9201] "C:\Documents and Settings\All Users.WINDOWS\Application Data\SoftLand Ltd\Antivirus 2008 XP\av2008xp.exe" /autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AccuWeatherDesktopAlerts] C:\Program Files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [Setup] C:\WINDOWS\system32\msiexeca.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - Startup: Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

Afficher la suite

A voir également:

Execution automatique intempestive
Réponse automatique thunderbird - Guide
Logiciel de sauvegarde automatique gratuit - Guide
Recherche automatique des chaînes ne fonctionne pas - Guide
Réponse automatique gmail - Guide
Sommaire automatique word - Guide

35 réponses

Réponse 21 / 35

alphabroc Messages postés 21 Statut Membre

voici le log,

ComboFix 09-01-13.04 - Propriétaire 2009-01-15 15:42:43.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.420 [GMT 1:00]
Lancé depuis: c:\documents and settings\Propriétaire\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090115-0] *On-access scanning disabled* (Outdated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\rnamfler\radhslib.dll
c:\program files\rnamfler\radprlib.dll
c:\program files\winvi
c:\windows\system32\ccvbvueq.ini
c:\windows\system32\cfx32.ocx
c:\windows\system32\cvvutidb.ini
c:\windows\system32\eghwynsu.ini
c:\windows\system32\ighoitqf.ini
c:\windows\system32\inmnladp.ini
c:\windows\system32\NVGgfMoq.ini
c:\windows\system32\NVGgfMoq.ini2
c:\windows\system32\PrqtsBeg.ini
c:\windows\system32\PrqtsBeg.ini2
c:\windows\system32\qdooknig.ini
c:\windows\system32\qflxnkqi.ini
c:\windows\system32\QWyFffii.ini
c:\windows\system32\QWyFffii.ini2
c:\windows\system32\tdnbyych.ini
c:\windows\system32\ttvaudhq.ini

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-15 au 2009-01-15 ))))))))))))))))))))))))))))))))))))
.

2009-01-15 14:57 . 2009-01-15 15:19 <REP> d-------- C:\ToolBar SD
2009-01-15 13:38 . 2009-01-15 14:31 <REP> d-------- c:\program files\Navilog1
2009-01-15 13:16 . 2009-01-15 13:31 <REP> d-------- c:\program files\UsbFix
2009-01-15 11:56 . 2009-01-15 11:56 <REP> d-------- C:\rsit
2009-01-15 11:56 . 2009-01-15 11:56 <REP> d-------- c:\program files\trend micro
2009-01-15 11:13 . 2009-01-15 11:13 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\Malwarebytes
2009-01-15 11:12 . 2009-01-15 11:13 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-15 11:12 . 2009-01-15 11:12 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 11:12 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-15 11:12 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-14 19:26 . 2009-01-14 19:26 <REP> d-------- c:\program files\Fichiers communs\Skype
2009-01-14 19:26 . 2009-01-15 15:50 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\Skype
2009-01-04 16:30 . 2009-01-05 12:05 230 --a------ C:\config.xml
2009-01-04 15:58 . 2009-01-04 15:58 <REP> d-------- c:\program files\Microsoft Research
2009-01-04 14:22 . 2009-01-04 14:22 <REP> d-------- c:\program files\Windows Defender
2009-01-03 10:36 . 2009-01-03 10:36 <REP> d-------- c:\program files\PicLensIE
2009-01-01 13:33 . 2009-01-01 13:33 <REP> d-------- c:\program files\Microsoft Silverlight
2008-12-28 15:42 . 2008-12-28 15:42 <REP> d-------- c:\documents and settings\Iduna\Application Data\HiYo
2008-12-25 23:41 . 2009-01-15 09:06 <REP> d-------- c:\program files\Spyware Doctor
2008-12-25 23:41 . 2008-12-25 23:41 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\PC Tools
2008-12-25 23:41 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2008-12-25 23:41 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2008-12-25 23:41 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2008-12-25 23:41 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2008-12-25 21:58 . 2008-12-25 21:58 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\HiYo
2008-12-23 20:16 . 2009-01-04 15:07 <REP> d-------- c:\documents and settings\Iduna\Application Data\EoRezo
2008-12-19 22:16 . 2009-01-04 14:04 <REP> d-------- c:\documents and settings\Propriétaire\.housecall6.6
2008-12-19 22:16 . 2009-01-04 14:04 <REP> d-------- c:\documents and settings\Propriétaire\.housecall6.6
2008-12-18 21:24 . 2008-12-18 21:26 <REP> d-------- c:\program files\RegCleaner
2008-12-18 20:24 . 2009-01-04 19:58 <REP> d-------- c:\program files\EoRezo
2008-12-18 20:24 . 2009-01-04 19:58 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\EoRezo

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-15 14:49 --------- d---a-w c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-01-15 14:29 --------- d--h--r c:\program files\rnamfler
2009-01-15 07:54 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Google Updater
2009-01-15 07:45 --------- d-----w c:\documents and settings\Propriétaire\Application Data\skypePM
2009-01-14 21:20 --------- d-----w c:\program files\Google
2009-01-14 18:26 --------- d-----w c:\program files\Skype
2009-01-14 18:26 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Skype
2009-01-04 22:18 --------- d-----w c:\program files\DivX
2009-01-04 19:00 --------- d-----w c:\program files\Windows Live
2009-01-04 18:57 --------- d-----w c:\program files\Apple Software Update
2009-01-04 18:50 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Samsung
2009-01-04 18:47 --------- d-----w c:\program files\Fichiers communs\PrintFit Shared
2009-01-04 18:41 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-02 14:03 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2009-01-01 11:40 --------- d-----w c:\program files\SUPERAntiSpyware
2008-12-31 13:19 --------- d-----w c:\documents and settings\Propriétaire\Application Data\LimeWire
2008-12-31 10:29 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Comptabilité et Facturation
2008-12-31 10:08 --------- d-----w c:\program files\LimeWire
2008-12-25 11:24 --------- d-----w c:\program files\Veoh Networks
2008-12-18 21:35 --------- d-----w c:\program files\Alwil Software
2008-12-18 19:00 --------- d-----w c:\program files\Microsoft ActiveSync
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-05 15:18 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\WLInstaller
2008-11-23 19:35 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2008-11-21 21:46 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-11-21 21:46 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-11-19 21:24 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Leadertech
2008-11-19 20:11 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-18 21:40 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\IM
2008-11-18 21:39 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\IncrediMail
2008-11-17 20:04 2,306,113 ----a-w c:\windows\system32\GPhotos.scr
2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll
2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll
2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll
2008-10-25 18:19 81,920 ----a-w c:\windows\system32\W32N50.DLL
2008-10-25 18:19 17,134 ----a-w c:\windows\system32\PCANDIS5.SYS
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:18 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2007-07-30 19:26 135,680 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 68856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-01-01 1830128]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-08-13 3660848]
"Google Update"="c:\documents and settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-03 133104]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2008-12-16 3528440]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"wrna3ls"="c:\program files\rnamfler\naomf.exe" [2006-04-01 1253960]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"fssui"="c:\program files\Windows Live\Contrôle parental\fssui.exe" [2007-12-17 243240]
"SoftwareHelper"="c:\documents and settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe" [2008-12-09 368224]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-08-25 1168264]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 c:\windows\system32\Hdaudpropshortcut.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
Pervasive.SQL Workgroup Engine.lnk - c:\pvsw\Bin\w3dbsmgr.exe [2004-07-22 106546]

c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
HPAiODevice(hp officejet g series) - 1.lnk - c:\program files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe [2002-11-20 151552]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-01-01 12:40 356352 c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ 'autocheck autochk *'

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\PVSW\\Bin\\w3dbsmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\explorer.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Documents and Settings\\Propriétaire\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Propriétaire\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-18 111184]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-05-28 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-28 55024]
R3 PAC7311;VGA USB Camera;c:\windows\system32\drivers\PA707UCM.SYS [2008-02-14 154752]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-28 7408]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-12-18 20560]
R4 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2008-12-05 43816]
R4 fsssvc;Windows Live OneCare Contrôle parental;c:\program files\Windows Live\Contrôle parental\fsssvc.exe [2007-12-17 523816]
R4 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-12-25 356920]
R4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [2008-02-03 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [2008-02-03 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [2008-02-03 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [2008-02-03 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [2008-02-03 100008]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2008-10-25 217088]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mchInjDrv
.
Contenu du dossier 'Tâches planifiées'

2009-01-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1060284298-725345543-1003.job
- c:\documents and settings\Propri []

2009-01-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

URLSearchHooks-{2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
BHO-{12AE2025-3A9E-4640-BE1A-F30876B1A97E} - c:\windows\system32\geBstqrP.dll
WebBrowser-{2BAE58C2-79F9-45D1-A286-81F911301C3A} - (no file)
HKCU-Run-AccuWeatherDesktopAlerts - c:\program files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
HKCU-Run-Vidalia - c:\program files\Vidalia Bundle\Vidalia\vidalia.exe
HKCU-Run-Setup - c:\windows\system32\msiexeca.exe
HKLM-Run-CorelDRAW Graphics Suite 11b - (no file)
HKLM-Run-EoEngine - (no file)

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
mWindow Title =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-15 15:49:42
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(532)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\rnamfler\naofsvc.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\windows\system32\PAStiSvc.exe
c:\progra~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
c:\windows\system32\hpoipm07.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wscntfy.exe
c:\program files\Java\jre1.6.0_07\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-01-15 15:53:59 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-15 14:53:55

Avant-CF: 85 980 762 112 octets libres
Après-CF: 86,056,501,248 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

259 --- E O F --- 2009-01-14 20:02:56

Réponse 22 / 35

alphabroc Messages postés 21 Statut Membre

Il me semble que la fenetre n'apparait plus. Est ce que tu as terminé?
En tout cas merci beaucoup pour ton aide et ta disponnibilitée.
Michael

Réponse 23 / 35

Utilisateur anonyme

Re,

* Postes un rapport Rsit pour le moment stp !

Réponse 24 / 35

alphabroc Messages postés 21 Statut Membre

questce que le rapport rsit

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 35

alphabroc Messages postés 21 Statut Membre

ok, j'ai trouvé voici le rapport rsit
Logfile of random's system information tool 1.05 (written by random/random)
Run by Propriétaire at 2009-01-15 16:58:32
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 86 GB (45%) free of 191 GB
Total RAM: 1023 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:59, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\rnamfler\naofsvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Propriétaire.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [wrna3ls] C:\program files\rnamfler\naomf.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

Réponse 26 / 35

Utilisateur anonyme

Re,

* Telecharges Ad-Remover sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

/!\ Deconnectes toi et fermes tous les programmes en cours /!\

* Double-cliques sur l'icone de ton bureau pour lancer l'installation :
--> installes le dans son emplacement par défaut : C:\Program files...

* Une fois installé, fermes le et double-cliques sur la nouvelle icone de ton bureau
--> au menu, choisis l'option A et patientes jusqu'à la fin du scan

* Postes le rapport généré

Réponse 27 / 35

alphabroc Messages postés 21 Statut Membre

voici le post ad R

------- Logfile of AD-Remover 1.0.9.1 | ONLY XP/VISTA -------

Updated by C_XX on 14/01/2009 at 20:00

START AT: 18:51:29 | Jeu 15/01/2009 | Microsoft® Windows XP™ SP3 (v5.1.2600)
BOOT MODE: Normal
OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
PC: PIERREETHABITAT | USER: Propri‚taire ( Current user is an administrator)
DRIVE(S):
- C:\ (File System: NTFS)
- E:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\system32\

--- RUNNING PROCESSES: 51

+--------------------| Boonty/Boonty Games Elements found :

.
.

+--------------------| Eorezo Elements found :

Process: "SoftwareUpdateHP.exe" [PID:~412]
.
HKCU\SOFTWARE\EoRezo
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run\\SoftwareHelper
.
C:\Program Files\EoRezo
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoAdv\atl90.dll
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
C:\Program Files\EoRezo\EoAdv\mfc90.dll
C:\Program Files\EoRezo\EoAdv\msvcr90.dll
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\cache
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\db
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\eoStats
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\host.cyp
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\SoftwareUpdate
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\user.cyp
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\eoStats\eoStats.txt
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\SoftwareUpdate\user_config.cyp
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo\SoftwareUpdate\user_profil.cyp
C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@eorezo[1].txt

+--------------------| Everest Casino/Everest Poker Elements found :

.
.

+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :

.
.

+--------------------| It's TV Elements found :

.

+--------------------| Sweetim Elements found :

.
.

+--------------------| ADDED SCAN :

+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\smwaqqzo.default\prefs.js :

~~~~ Mozilla FireFox version [Unable to get version] ~~~~

* Browser Search Default Engine: "Yahoo"
* Browser Search Selected Engine: "Yahoo"
* Browser Search Default Url: "https://fr.search.yahoo.com/web?fr=ytff-"
* Browser Startup HomePage: "http://lo.st#home"

.
FOUND - user_pref("browser.startup.homepage", "http://lo.st#home");

+---------------------------------------------------------------------------+

~~~~ Internet Explorer version 7.0.5730.13 ~~~~

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.google.com/

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://www.msn.com/

+---------------------------------------------------------------------------+

[~3866 bytes] - "C:\AD-report-Scan-15.01.2009.log"

END AT: 18:52:46 | 15/01/2009 - Time elapsed: 76.9 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 77 lines ]
+---------------------------------------------------------------------------+

Réponse 28 / 35

Utilisateur anonyme

Re,

* Relances AD-Remover et choisis l'option B

* à l'ecran selectionnes ce qui est a supprimer A, 1, 2, 3.....

* S pour lancer la suppression
* Postes le rapport généré.

Réponse 29 / 35

alphabroc Messages postés 21 Statut Membre

voici le rapport
------- Logfile of AD-Remover 1.0.9.1 | ONLY XP/VISTA -------

Updated by C_XX on 14/01/2009 at 20:00

*** Limited to ***

Boonty/BoontyGames
Eorezo
Everest Casino/Everest Poker
Funwebproduct/MyWay/MyWebsearch
It's TV
Sweetim

******************

START AT: 19:08:09 | Jeu 15/01/2009 | Microsoft® Windows XP™ SP3 (v5.1.2600)
BOOT MODE: Normal
OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
PC: PIERREETHABITAT | USER: Propri‚taire ( Current user is an administrator)
DRIVE(S):
- C:\ (File System: NTFS)
- E:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\system32\

--- RUNNING PROCESSES: 54

(!) ---- IE start pages reset

+--------------------| Boonty/Boonty Games Elements Deleted :

.
.

+--------------------| Eorezo Elements Deleted :

Process: "SoftwareUpdateHP.exe" [PID:~412]
.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run\\SoftwareHelper
HKCU\SOFTWARE\EoRezo
HKLM\SOFTWARE\EoRezo
.
C:\Program Files\EoRezo
C:\Documents and Settings\Propri‚taire\Application Data\EoRezo
C:\Documents and Settings\Propri‚taire\Cookies\propri‚taire@eorezo[1].txt

+--------------------| Everest Casino/Everest Poker Elements Deleted :

.
.

+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

.
.

+--------------------| It's TV Elements Deleted :

.

+--------------------| Sweetim Elements Deleted :

.
.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.

+--------------------| ADDED SCAN :

+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\smwaqqzo.default\prefs.js :

~~~~ Mozilla FireFox version [Unable to get version] ~~~~

* Browser Search Default Engine: "Yahoo"
* Browser Search Selected Engine: "Yahoo"
* Browser Search Default Url: "https://fr.search.yahoo.com/web?fr=ytff-"
* Browser Startup HomePage: "http://lo.st#home"

.
REMOVED - user_pref("browser.startup.homepage", "http://lo.st#home");

+---------------------------------------------------------------------------+

~~~~ Internet Explorer version 7.0.5730.13 ~~~~

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.google.com/

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

[~2475 bytes] - "C:\AD-report-Clean-15.01.2009.log"
[~4198 bytes] - "C:\AD-report-Scan-15.01.2009.log"

END AT: 19:11:30 | 15/01/2009 - Time elapsed: 3 minutes, 20 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 65 lines ]
+---------------------------------------------------------------------------+

Réponse 30 / 35

Utilisateur anonyme

Re,

* Telecharges ToolsCleaner 2 sur ton bureau :

* double cliques sur l'icone pour le lancer
---> cliques sur Recherche et laisses le scanner le pc
---> à la fin clique sur Suppression pour finaliser
* Postes le rapport généré

PS: je dois m'absenter et serais de retour vers 21h pour finaliser !
A+

Réponse 31 / 35

Utilisateur anonyme

Oups !

* http://pc-system.fr/

Réponse 32 / 35

alphabroc Messages postés 21 Statut Membre

ok, a toute a l'heure

[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\TB.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\Toolbar SD: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\UsbFix.lnk: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\Rsit.exe: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\SmitFraudfix: trouvé !
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\UsbFix: trouvé !
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: trouvé !
C:\Documents and Settings\Propriétaire\Recent\HijackThis.lnk: trouvé !
C:\Program Files\HijackThis: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\UsbFix: trouvé !
C:\Program Files\Hijackthis\hijackthis.log: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users.WINDOWS\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Propriétaire\Recent\HijackThis.lnk: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\fixnavi.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\TB.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\UsbFix.lnk: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\Rsit.exe: supprimé !
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: supprimé !
C:\Program Files\Hijackthis\hijackthis.log: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\Toolbar SD: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\SmitFraudfix: supprimé !
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\UsbFix: supprimé !
C:\Program Files\HijackThis: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\UsbFix: supprimé !

Réponse 33 / 35

Utilisateur anonyme

*Mets Adobe à jour là et supprimes l'(es) ancienne(s) versions si presentes :
( decoche la casse proposant la Toolbar Google )
https://get2.adobe.com/reader/otherversions/

* Installe la dernière version de Java ici :
https://www.java.com/fr/download/manual.jsp

* Une fois à jour, telecharges JavaRa.zip
http://raproducts.org/click/click.php?id=1

* Decompresses le fichier sur ton bureau ( clic droit ---> extraire tout)

* Double-cliques sur le fichier obtenu ---> JavaRa.exe
( le " exe " peut ne pas s'afficher )

* Cliques sur Search For Updates
---> selectionnes Using junch.exe
----> puis cliques sur Search

* Autorises le processus a se connecter si il te le demande
---> cliques sur Install et suis les instructions...

* Quand l'installation est terminée :
---> revient à l'écran de JavaRa.exe
---> cliques sur Remove Old Versions
---> Cliques sur oui et laisses l'outil travailler
---> cliques ensuite sur Ok et à nouveau sur Ok

* Un rapport va s'ouvrir, postes le stp

Si tu as besoin de FlashPlayer tu peux le prendre ici :
https://get.adobe.com/flashplayer/?loc=fr
( Decoche la case proposant la Toolbar google )

* Ensuite, telecharges CCleaner ( exellent soft )
https://www.ccleaner.com/ccleaner/download
( Decoches la case proposant la Toolbar Yahoo

* Une fois installé, ouvres CCleaner :
--> cliques sur options--> avancé et decoche la case devant :
( effacer les fichiers plus vieux que 48 h)

* fermes ensuite tous les programmes en cours, lances CCleaner :
---> cliques sur Nettoyeur et lances l'analyse
---> puis lances le nettoyage, plusieurs fois si il le faut
* Refermes CCleaner, on s'en servira aprés...

* Si je peux te conseiller, changes d'antivirus :
-- Avast n'est plus l'antivirus qu'il était et je te conseillerais de changer pour Avira antivir.
( tu as le libre-choix de ne pas changer si tu veux...)

* Sinon pour supprimer Avast proprement :
https://www.avast.com/fr-fr/uninstall-utility

* Pout telecharger Avira Antivir :
https://www.avira.com/

* Si tu as choisis avira, fais un scan de ton pc en mode sans echec
---> au redemarrage en mode normal, avira scannera a nouveau le pc,
laisses le faire

* Postes le rapport généré

* Si tu gardes avast, fais un scan en ligne avec Kaspersky :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
( avec Internet Explorer )

* Tu dois accepter l'activex en cliquant sur la barre
* Tu dois d'abord attendre qu'il mette à jour les definitions virales
* Une fois fait, tu peux lancer le scan
* Postes le rapport généré

Réponse 34 / 35

alphabroc Messages postés 21 Statut Membre

ok je fais tout ca demain matin.
Je te tent au courant,
a bientot

Réponse 35 / 35

alphabroc Messages postés 21 Statut Membre

JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Fri Jan 16 12:16:03 2009

Found and removed: C:\Program Files\Java\j2re1.4.2_05

Found and removed: C:\Program Files\Java\jre1.5.0_11

Found and removed: C:\Program Files\Java\jre1.6.0_01

Could not delete: C:\Program Files\Java\jre1.6.0_07

Asking Windows to delete (null) on reboot.Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142050}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

------------------------------------

Finished reporting.

Execution automatique intempestive

35 réponses

Votre réponse

Newsletters