Virus redirection vers go.google etc...

Résolu
drie Messages postés 123 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
à chaque fois que je click sur un résultat de google ou autre on me redirige vers des sites commerciaux juste après que go.google (pour google, go.yahoo pour yahoo, etc) soit écrit dans la barre d'état, je suis donc obliger de copier l'adresse pour aller sur les sites. Il y a beaucoup d'autre problème depuis que j'ai attrapé ce virus comme internet qui mes parfois plus de 2 mn avant d'afficher un résultat sur google par exemple, certains site ne s'affiche plus ça me fait une page blanche et le pire c'est que l'ordi plante souvent au bout d'un certain moment.
J'ai déjà essayer Malwarebytes au début ça marchait mais maintenant plus moyen de le lancer même après plusieurs réinstallations, j'ai aussi essayer SmitfraudFix lui j'ai jamais pu le lancer quand je veux le lancer et un code d'erreur apparait.
Aidez moi...
Configuration: Windows XP
Firefox 3.0.5

29 réponses

  • 1
  • 2
  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt,

    télécharge combofix (par sUBs) ici :renommé en killfix pour l'occasion

    http://sd-1.archive-host.com/membres/up/193094576412487685/Killfix.exe

    et enregistre le sur le bureau.

    déconnecte toi d'internet et ferme toutes tes applications.

    désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

    double-clique sur combofix.exe et suis les instructions

    à la fin, il va produire un rapport C:\ComboFix.txt

    réactive ton parefeu, ton antivirus, la garde de ton antispyware

    copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

    Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

    Tu as un tutoriel complet ici :

    https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
    0
  2. ramiré Messages postés 261 Date d'inscription   Statut Membre 8
     
    clic sur ccleanner fait une analise et supprime renouvel lopération quan tu analise il doit plu rien avoire, une foi fini clic sur registre et analise et fait reparré et renouvél lopération il doit ne plu rien avoire http://download.piriform.com/ccsetup215.exe
    0
  3. ramiré Messages postés 261 Date d'inscription   Statut Membre 8
     
    bon soir jlpjlp, c'est pas des cookies infécté qui peuve cosé c est déagrément?
    0
  4. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    vu les soucis rencontrés je pense pas
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. drie Messages postés 123 Statut Membre 12
     
    Déjà merci beaucoup de m'aider à tous les deux même si je savais que ça ne ne venait pas des cookies (j'ai beaucoup essaayer d'antivirus spyware etc sans résultat) je poste le raport dans le procahian message pour ne pas se perdre ;) .
    0
  7. drie Messages postés 123 Statut Membre 12
     
    ComboFix 09-01-19.05 - Adrien 2009-01-22 20:50:50.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.382.113 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Adrien\Bureau\Killfix.exe
    AV: avast! antivirus 4.8.1296 [VPS 090122-0] *On-access scanning disabled* (Updated)
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\DAMIEN\Cookies\epuh.dll
    c:\documents and settings\DAMIEN\Cookies\fofemywupe.ban
    c:\documents and settings\DAMIEN\Cookies\gevugy.scr
    c:\documents and settings\DAMIEN\Cookies\igaga._sy
    c:\documents and settings\DAMIEN\Cookies\xotoba.inf
    c:\documents and settings\DAMIEN\Local Settings\Temporary Internet Files\bipynak.pif
    c:\documents and settings\DAMIEN\Local Settings\Temporary Internet Files\sijaz.dll
    c:\documents and settings\DAMIEN\Local Settings\Temporary Internet Files\ysazucykov.sys
    c:\documents and settings\Garcia\Cookies\cebibumo.inf
    c:\documents and settings\Garcia\Cookies\ebutykifa.bat
    c:\documents and settings\Garcia\Cookies\evobenehyv.pif
    c:\documents and settings\Garcia\Cookies\farygux.scr
    c:\documents and settings\Garcia\Cookies\idula.inf
    c:\documents and settings\Garcia\Cookies\ilur.com
    c:\documents and settings\Garcia\Cookies\irigij._sy
    c:\documents and settings\Garcia\Cookies\rulo._dl
    c:\documents and settings\Garcia\Cookies\sifosyl.inf
    c:\documents and settings\Garcia\Cookies\ytyriq.dll
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\esazyja.bat
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\evepob._sy
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\fetizet.bat
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\ivewafob.pif
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\ohudaka.dat
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\oxokocijoc.dl
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\rixekepo.vbs
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\tewafos._sy
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\uvoqojur.dll
    c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\ysopijycos.inf
    c:\documents and settings\Garcia\Menu Démarrer\Programmes\AntiSpywareXP2009
    c:\documents and settings\Garcia\Menu Démarrer\Programmes\AntiSpywareXP2009\AntiSpywareXP2009.lnk
    c:\documents and settings\Garcia\Menu Démarrer\Programmes\AntiSpywareXP2009\Uninstall.lnk
    c:\windows\brastk.exe
    c:\windows\karna.dat
    c:\windows\system32\av.dat
    c:\windows\system32\brastk.exe
    c:\windows\system32\dllcache\figaro.sys
    c:\windows\system32\drivers\TDSSmxfe.sys
    c:\windows\system32\karna.dat
    c:\windows\system32\TDSSehys.log
    c:\windows\system32\TDSSixgp.dll
    c:\windows\system32\TDSSkrxx.dll
    c:\windows\system32\TDSSmtpe.dat
    c:\windows\system32\TDSSnmxh.log
    c:\windows\system32\TDSSnpur.dll
    c:\windows\system32\TDSSoitu.dll
    c:\windows\system32\TDSSpqxt.dll
    c:\windows\system32\TDSSsahc.log
    c:\windows\system32\TDSSyaqu.dll
    c:\windows\system32\windows_update.exe
    c:\windows\system32\wini10801.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_TDSSSERV.SYS
    -------\Legacy_TDSSSERV.SYS
    -------\Legacy_BOONTY_GAMES
    -------\Legacy_FREEZESCREENSAVER
    -------\Service_Boonty Games
    -------\Service_FreezeScreenSaver

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-22 au 2009-01-22 ))))))))))))))))))))))))))))))))))))
    .

    2009-01-21 16:35 . 2009-01-21 16:35 <REP> d-------- c:\documents and settings\All Users\Application Data\Blizzard
    2009-01-21 16:31 . 2009-01-21 16:31 <REP> d-------- C:\Logs
    2009-01-20 15:11 . 2009-01-20 15:11 <REP> d-------- c:\program files\TeamViewer
    2009-01-11 22:18 . 2009-01-11 22:18 <REP> d-------- c:\program files\Veoh Networks
    2009-01-11 15:18 . 2009-01-11 15:18 <REP> d-------- c:\documents and settings\Adrien\Application Data\Apple Computer
    2009-01-11 11:51 . 2009-01-11 11:51 <REP> d-------- c:\documents and settings\Adrien\Application Data\fltk.org
    2009-01-09 15:44 . 2009-01-16 13:08 54,156 --ah----- c:\windows\QTFont.qfn
    2009-01-09 15:44 . 2009-01-09 15:44 1,409 --a------ c:\windows\QTFont.for
    2009-01-05 11:23 . 2008-04-14 03:33 290,816 --a--c--- c:\windows\system32\dllcache\OLDD.tmp
    2009-01-05 11:23 . 2008-04-14 03:33 43,520 --a--c--- c:\windows\system32\dllcache\OLDA.tmp
    2009-01-05 11:23 . 2008-04-14 03:33 20,540 --a--c--- c:\windows\system32\dllcache\OLD4.tmp
    2009-01-05 11:23 . 2008-04-14 03:33 20,540 --a--c--- c:\windows\system32\dllcache\OLD18.tmp
    2009-01-05 11:23 . 2008-04-14 03:33 16,439 --a--c--- c:\windows\system32\dllcache\OLD7.tmp
    2009-01-05 11:23 . 2008-04-14 03:33 16,439 --a--c--- c:\windows\system32\dllcache\OLD1B.tmp
    2009-01-02 22:40 . 2009-01-03 09:44 <REP> d-------- c:\program files\Fichiers communs\DVDVIDEOSOFT
    2008-12-26 11:02 . 2008-12-26 11:02 <REP> d-------- c:\program files\Eidos
    2008-12-26 10:35 . 2008-12-26 10:35 <REP> d-------- c:\program files\AUDIO OBJ SCR
    2008-12-25 20:09 . 2008-12-25 20:09 <REP> d-------- c:\documents and settings\Adrien\Application Data\Gearbox Software
    2008-12-24 12:03 . 2008-12-25 20:01 <REP> d-------- c:\windows\ERUNT
    2008-12-23 14:43 . 2008-12-23 14:43 <REP> d-------- c:\program files\NCH Swift Sound
    2008-12-23 14:43 . 2008-12-23 14:43 <REP> d-------- c:\documents and settings\All Users\Application Data\NCH Swift Sound
    2008-12-23 11:23 . 2008-04-14 03:31 281,600 --a--c--- c:\windows\system32\dllcache\OLD28.tmp
    2008-12-22 20:09 . 2008-12-03 19:54 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
    2008-12-22 20:09 . 2008-12-03 19:54 15,504 --a------ c:\windows\system32\drivers\mbam.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-01-21 13:46 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment
    2009-01-20 14:11 --------- d-----w c:\documents and settings\Adrien\Application Data\TeamViewer
    2009-01-15 16:33 --------- d-----w c:\documents and settings\Adrien\Application Data\uTorrent
    2008-12-26 09:38 --------- d-----w c:\documents and settings\Adrien\Application Data\AUDIO OBJ SCR
    2008-12-26 09:37 --------- d-----w c:\documents and settings\All Users\Application Data\Cast ping base frag
    2008-12-26 09:23 --------- d-----w c:\program files\Microsoft FrontPage Express
    2008-12-26 09:23 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2008-12-23 08:34 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
    2008-12-07 10:29 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-11-27 20:53 --------- d-----w c:\documents and settings\Adrien\Application Data\vlc
    2008-11-27 20:34 --------- d-----w c:\documents and settings\Adrien\Application Data\DMV Technologies
    2008-11-24 20:10 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
    2008-11-24 20:10 --------- d-----w c:\documents and settings\Adrien\Application Data\Malwarebytes
    2008-11-24 18:39 230,432 ----a-w C:\SPC220NC.DAT
    2008-11-24 16:39 --------- d-----w c:\program files\L2trinity
    2008-11-22 13:23 --------- d-----w c:\documents and settings\Adrien\Application Data\InstallShield
    2008-11-22 09:03 100,352 ----a-w c:\windows\system32\drivers\qahgxuvlg1d.sys
    2008-11-06 17:59 17,950 ----a-w c:\documents and settings\All Users\Application Data\xami.bin
    2008-11-06 17:19 315,392 ----a-w c:\windows\HideWin.exe
    2008-11-06 16:52 17,921 ----a-w c:\windows\pyxu.reg
    2008-11-04 16:36 19,073 ----a-w c:\windows\epen.sys
    2008-11-04 16:36 15,455 ----a-w c:\windows\esakygonum.sys
    2008-11-04 16:36 14,433 ----a-w c:\program files\Fichiers communs\ylicizo.reg
    2008-11-04 16:36 14,276 ----a-w c:\windows\axuxyqer.bat
    2008-11-04 16:36 14,123 ----a-w c:\windows\kilobiqyz.dll
    2008-11-04 16:36 13,549 ----a-w c:\windows\nerivevace.scr
    2008-11-04 16:36 12,808 ----a-w c:\windows\yxuw.exe
    2008-11-04 16:36 11,073 ----a-w c:\windows\erepygiki.exe
    2008-11-04 16:27 18,933 ----a-w c:\windows\qopepufyn.dll
    2008-11-04 16:27 17,897 ----a-w c:\program files\Fichiers communs\syjesysof.vbs
    2008-11-04 16:27 16,640 ----a-w c:\program files\Fichiers communs\saga.db
    2008-11-04 16:27 15,938 ----a-w c:\program files\Fichiers communs\tyly.sys
    2008-11-04 16:27 15,038 ----a-w c:\windows\curotewaz.bat
    2008-11-04 16:27 13,823 ----a-w c:\program files\Fichiers communs\ohas.bat
    2008-11-04 16:27 13,246 ----a-w c:\windows\equvalu.bat
    2008-11-04 16:27 13,037 ----a-w c:\documents and settings\DAMIEN\Application Data\esyf.sys
    2008-11-04 16:27 12,657 ----a-w c:\documents and settings\DAMIEN\Application Data\huxovikob.exe
    2008-11-04 14:12 19,326 ----a-w c:\documents and settings\Garcia\Application Data\oxirifexop.exe
    2008-11-04 14:12 17,304 ----a-w c:\program files\Fichiers communs\dymonoha.sys
    2008-11-04 14:12 16,483 ----a-w c:\windows\waxuwabew.com
    2008-11-04 14:12 14,828 ----a-w c:\windows\danekezugi.dll
    2008-11-04 14:12 13,646 ----a-w c:\windows\poqyja.exe
    2008-11-04 14:12 13,176 ----a-w c:\documents and settings\All Users\Application Data\vywo.bat
    2008-11-04 14:12 12,038 ----a-w c:\documents and settings\All Users\Application Data\jisut.vbs
    2008-11-04 14:12 11,441 ----a-w c:\program files\Fichiers communs\wanuvupede.dl
    2008-11-04 14:12 10,517 ----a-w c:\documents and settings\All Users\Application Data\mymopuxowu.com
    2008-10-30 14:57 19,426 ----a-w c:\windows\puwynowyc.bin
    2008-10-30 14:57 19,255 ----a-w c:\documents and settings\All Users\Application Data\ipugu.bin
    2008-10-30 14:57 16,743 ----a-w c:\windows\ijicawafyf.bat
    2008-10-30 14:57 16,506 ----a-w c:\documents and settings\Garcia\Application Data\orereber.com
    2008-10-30 14:57 12,224 ----a-w c:\documents and settings\Garcia\Application Data\wipijoxyfo.bat
    2008-10-30 14:57 10,778 ----a-w c:\windows\agylyloj.sys
    2008-10-29 17:47 16,750 ----a-w c:\windows\kaqitive.bin
    2008-10-29 17:47 15,414 ----a-w c:\documents and settings\All Users\Application Data\ekuxaxeqyt.exe
    2008-10-29 17:47 13,827 ----a-w c:\windows\kypyra.exe
    2008-10-29 17:47 13,567 ----a-w c:\documents and settings\DAMIEN\Application Data\ijaq.sys
    2008-10-29 17:47 12,657 ----a-w c:\documents and settings\DAMIEN\Application Data\kisiqub.dat
    2008-10-29 17:47 12,432 ----a-w c:\program files\Fichiers communs\ecifehy.sys
    2008-10-29 17:47 12,189 ----a-w c:\documents and settings\DAMIEN\Application Data\eruju.dat
    2008-10-29 17:47 10,509 ----a-w c:\documents and settings\DAMIEN\Application Data\tuneq.exe
    2008-10-29 17:31 16,823 ----a-w c:\program files\Fichiers communs\yharotaru.dll
    2008-10-29 17:31 10,296 ----a-w c:\windows\utypun.bin
    2008-10-29 17:31 10,122 ----a-w c:\program files\Fichiers communs\ejenad.com
    2008-10-29 17:13 18,846 ----a-w c:\windows\jylojosoni.bin
    2008-10-29 17:13 18,809 ----a-w c:\documents and settings\Garcia\Application Data\ilulubora.exe
    2008-10-29 17:13 17,433 ----a-w c:\windows\lidys.com
    2008-10-29 17:13 16,924 ----a-w c:\documents and settings\Garcia\Application Data\etuvil.reg
    2008-10-29 17:13 15,445 ----a-w c:\windows\ucody.exe
    2008-10-29 17:13 15,386 ----a-w c:\documents and settings\All Users\Application Data\jedylexu.reg
    2008-10-29 17:13 10,979 ----a-w c:\documents and settings\Garcia\Application Data\junyfuca.pif
    2008-10-06 14:48 167 ---ha-w c:\documents and settings\LocalService\hpothb07.dat
    2008-10-06 14:48 0 ---ha-w c:\documents and settings\miss marie bn\hpothb07.dat
    2008-03-19 19:08 0 ----a-w c:\program files\temp01
    2007-03-21 15:28 774,144 ----a-w c:\program files\RngInterstitial.dll
    2007-02-08 07:18 110,592 ----a-w c:\documents and settings\Garcia\artpclnt.dll
    2004-07-22 09:51 3,432,656 ----a-w c:\program files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 ----a-w c:\program files\BDANT.cab
    2004-07-19 21:53 976,020 ----a-w c:\program files\BDAXP.cab
    2004-07-09 13:17 13,265,040 ----a-w c:\program files\dxnt.cab
    2004-07-09 08:13 703,080 ----a-w c:\program files\BDA.cab
    2004-07-09 08:13 15,493,481 ----a-w c:\program files\DirectX.cab
    2004-07-09 03:08 472,576 ----a-w c:\program files\dxsetup.exe
    2004-07-09 03:08 2,242,560 ----a-w c:\program files\dsetup32.dll
    2004-07-09 02:03 62,976 ----a-w c:\program files\DSETUP.dll
    2008-02-22 09:27 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll
    2008-02-22 09:27 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
    2008-02-22 09:27 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
    2008-02-22 09:27 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
    2008-02-22 09:27 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
    2008-09-29 18:08 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092920080930\index.dat
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "Settings two"="c:\docume~1\Adrien\APPLIC~1\AUDIOO~1\Option play.exe" [2008-12-26 593920]
    "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2008-12-16 3528440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
    "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-30 185896]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
    "Monitor"="c:\windows\Philips\SPC220NC\Monitor.exe" [2006-11-03 319488]
    "Base frag grid bows"="c:\documents and settings\All Users\Application Data\Cast ping base frag\SECOND ELSE.exe" [2008-12-30 737280]
    "snpstd3"="c:\windows\vsnpstd3.exe" [2004-12-16 339968]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "SynchronousMachineGroupPolicy"= 0 (0x0)
    "SynchronousUserGroupPolicy"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "ForceClassicControlPanel"= 1 (0x1)
    "NoSimpleStartMenu"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoStrCmpLogical"= 0 (0x0)
    "MaxRecentDocs"= 15 (0xf)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3acm"= l3codecp.acm

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 1000 series.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\hp psc 1000 series.lnk
    backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk
    backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WiFi Station.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WiFi Station.lnk
    backup=c:\windows\pss\WiFi Station.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
    --a------ 2006-03-20 17:34 213936 c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    --a------ 2008-05-30 12:29 185896 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "e:\\program files\\TV\\TVAnts\\Tvants.exe"=
    "e:\\program files\\RomuSoft\\romustrike\\romustrike.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "e:\\program files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
    "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
    "500:UDP"= 500:UDP:@xpsp2res.dll,-22017

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-10-16 111184]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-01-14 21632]
    R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2006-05-22 659456]
    R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-10-16 20560]
    R4 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-06-11 46112]
    S3 cpuz130;cpuz130;\??\c:\docume~1\Adrien\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Adrien\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
    S3 dump_wmimmc;dump_wmimmc;\??\e:\program files\gPotato.eu\Street Gears\GameGuard\dump_wmimmc.sys --> e:\program files\gPotato.eu\Street Gears\GameGuard\dump_wmimmc.sys [?]
    S3 npkycryp;npkycryp;\??\e:\program files\Lineage II\system\npkycryp.sys --> e:\program files\Lineage II\system\npkycryp.sys [?]
    S3 SPC220NC;Philips SPC220NC Webcam;c:\windows\system32\drivers\SPC220NC.SYS [2008-11-22 507136]
    S4 Droppix Service;Droppix Service;c:\program files\Fichiers communs\Droppix\DxService.exe [2008-11-19 221184]
    S4 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
    S4 LMIRfsClientNP;LMIRfsClientNP; [x]

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    Contenu du dossier 'Tâches planifiées'

    2009-01-22 c:\windows\Tasks\A6F060CF91881617.job
    - c:\docume~1\adrien\applic~1\audioo~1\Save Bleh Four.exe [2008-12-26 10:38]

    2008-06-15 c:\windows\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1205612787.job
    - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-06 00:52]

    2009-01-22 c:\windows\Tasks\GoogleUpdateTaskUser.job
    - c:\documents and settings\Garcia\Local Settings\Application Data\Google\Update\GoogleUpdate.exe []

    2009-01-22 c:\windows\Tasks\Maintenance en 1 clic.job
    - c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]

    2009-01-16 c:\windows\Tasks\Norton Security Scan.job
    - c:\program files\Norton Security Scan\Nss.exe []

    2008-10-30 c:\windows\Tasks\rpc.job
    - c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []

    2009-01-22 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    MSConfigStartUp-bait deaf idle setup - c:\documents and settings\All Users\Application Data\Htm Support Bait Deaf\Long Dog.exe

    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.yzsyjjxciavkcxaatu.org/W9KsMaXr2G0lX254v8/GzulchwNrjcfZ1Am1HUMvX5M.html
    mWindow Title =
    IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
    IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    Trusted Zone: *.localhost
    FF - ProfilePath - c:\documents and settings\Adrien\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
    FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
    FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
    FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
    FF - plugin: e:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-22 20:56:51
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\*–€|ÿÿÿÿ;•€|é•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(816)
    c:\windows\system32\LMIRfsClientNP.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
    c:\program files\CDBurner\NMSAccessU.exe
    c:\windows\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Heure de fin: 2009-01-22 21:00:50 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-01-22 20:00:46

    Avant-CF: 15,110,959,104 octets libres
    Après-CF: 15,534,383,104 octets libres

    333 --- E O F --- 2009-01-22 11:15:37
    0
  8. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
    guide: http://site-naheulbeuk.com/
    Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
    • Redémarre ton ordinateur
    • Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
    • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
    • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
    • Choisis ton compte.
    Déroule la liste des instructions ci-dessous :
    • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    • Appuie sur Y pour commencer le processus de nettoyage.
    • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
    • Appuie sur une touche pour redémarrer le PC.
    • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
    • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
    • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

    ___________________________

    scan avec
    MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport

    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    _______________________________

    Télécharge ici :

    http://images.malwareremoval.com/random/RSIT.exe

    random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

    Double-clique sur RSIT.exe afin de lancer RSIT.

    Clique Continue à l'écran Disclaimer.

    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

    Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    0
  9. drie Messages postés 123 Statut Membre 12
     
    SDFix :

    [b]SDFix: Version 1.240 [/b]
    Run by Adrien on 22/01/2009 at 21:31

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix

    [b]Checking Services [/b]:

    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting

    [b]Checking Files [/b]:

    Trojan Files Found:

    C:\Documents and Settings\All Users\Documents\igum.scr - Deleted
    C:\WINDOWS\afegyc._sy - Deleted
    C:\WINDOWS\ogucysewuv._sy - Deleted
    C:\WINDOWS\system32\iwyzasot._sy - Deleted
    C:\WINDOWS\system32\magypuga._sy - Deleted
    C:\WINDOWS\system32\wexypal._sy - Deleted

    Removing Temp Files

    [b]ADS Check [/b]:

    [b]Final Check [/b]:

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-22 21:37:20
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    [b]Remaining Services [/b]:

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "E:\\program files\\TV\\TVAnts\\Tvants.exe"="E:\\program files\\TV\\TVAnts\\Tvants.exe:*:Enabled:Tvants.exe"
    "E:\\program files\\RomuSoft\\romustrike\\romustrike.exe"="E:\\program files\\RomuSoft\\romustrike\\romustrike.exe:*:Enabled:romustrike.exe"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "E:\\program files\\uTorrent\\uTorrent.exe"="E:\\program files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
    "C:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"="C:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe:*:Enabled:Veoh Web Player "

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [b]Remaining Files [/b]:

    File Backups: - C:\SDFix\backups\backups.zip

    [b]Files with Hidden Attributes [/b]:

    Tue 25 Nov 2008 757 A.SHR --- "C:\BOOT.BAK"
    Mon 10 Dec 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
    Tue 23 Jan 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Wed 29 Oct 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"

    [b]Finished![/b]
    0
  10. drie Messages postés 123 Statut Membre 12
     
    HijackThis log:
    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Adrien at 2009-01-22 21:54:29
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 15 GB (49%) free of 30 GB
    Total RAM: 382 MB (25% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:55:17, on 22/01/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\CDBurner\NMSAccessU.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    E:\program files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Documents and Settings\Adrien\Bureau\RSIT.exe
    C:\Program Files\trend micro\Adrien.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qbegilarztvjzromzss.com/W9KsMaXr2G21wPlHk156LfkS/h0_PuIDSXR4B_GBSMDQ7p1NlAqApH4RwoCMsknq.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yzsyjjxciavkcxaatu.org/W9KsMaXr2G0lX254v8/GzulchwNrjcfZ1Am1HUMvX5M.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe
    O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\SECOND ELSE.exe
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Settings two] C:\DOCUME~1\Adrien\APPLIC~1\AUDIOO~1\Option play.exe
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-530e2de3e99e5130.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurner\NMSAccessU.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    0
  11. drie Messages postés 123 Statut Membre 12
     
    info.txt logfile of random's system information tool 1.05 2009-01-22 21:55:24

    ======Uninstall list======

    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    3D Canvas-->MsiExec.exe /I{78699791-0625-4667-9E70-626A1CCEC94D}
    Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
    Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Aqsis Renderer 1.1.0-->G:\Aqsis\uninst.exe
    Architecte 3D Platinium Demo-->E:\PROGRA~1\ARCHIT~1\UNWISE.EXE E:\PROGRA~1\ARCHIT~1\INSTALL.LOG
    Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVIConverter 3.0-->E:\program files\AVIConverter\uninst.exe
    Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
    Blender (remove only)-->"E:\Program Files\Blender Foundation\Blender\uninstall.exe"
    Bricscad 8.1-->C:\Program Files\InstallShield Installation Information\{DD551D95-9478-4A6C-B1C9-E8DC09299911}\setup.exe -runfromtemp -l0x040c -removeonly
    Bubble Bobble Quest-->C:\WINDOWS\UnGins.exe "E:\Program Files\Bubble Bobble Quest\install.log"
    Build-a-lot (remove only)-->"C:\Program Files\Build-a-lot\Uninstall.exe"
    C.I.L. version 2.1-->"E:\program files\CIL\unins000.exe"
    Call of Duty - United Offensive Single Player Demo-->G:\UNINST~1\UNWISE.EXE G:\UNINST~1\INSTALL.LOG
    CamStudio-->E:\Program Files\CamStudio\uninstall.exe
    Camtasia Studio 3-->E:\program files\Camtasia Studio 3\CSuninst.EXE
    Carrie the Caregiver 2: Preschool (remove only)-->"C:\Program Files\Carrie the Caregiver 2 - Preschool\Uninstall.exe"
    CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
    Client Windows Rights Management avec Service Pack 2-->MsiExec.exe /X{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}
    Code de la Route - 10 Examens blancs-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{ED10B5D2-CF69-486C-9771-82CDB1C760AB}
    ConvertMovie 4.1-->F:\ConvertMovie 4.1\uninst.exe
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Crawler 3D Marine & Tropical Aquarium Screensaver-->"c:\progra~1\crawler\ssaver\cssaver.exe" /UNINST_SAV_3DAQUARIUM
    Cybots-->E:\Cybots\Cybots\setup.exe cmd_execuninstall opt_client
    DeliPlayer-->E:\Program Files\DeliPlayer2\uninst.exe -morbid:E:\Program Files\DeliPlayer2\install.log
    Démo de Harry Potter et l'Ordre du Phénix™-->E:\Program Files\Electronic Arts\Démo de Harry Potter et l'Ordre du Phénix\EAUninstall.exe
    Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
    Digby's Donuts Deluxe-->"C:\Program Files\Zylom Games\Digby's Donuts Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
    D-Link DWA-111 Wireless G USB Adapter-->C:\Program Files\InstallShield Installation Information\{12556CE0-804A-40B7-8054-BD666764ED36}\Setup.exe -runfromtemp -l0x040c -removeonly
    Dofus 1.24.0-->E:\Program Files\Dofus\uninstall.exe
    Dofus-Arena-->E:\Program Files\DofusArena2\uninstall.exe
    DofusCalc 1.5.1052-->"E:\Program Files\Dofus\DofusCalc\unins000.exe"
    Dolphin 1.3 beta-->E:\Program Files\Dolphin\uninst.exe
    Dr Daisy Pet Vet-->"C:\Program Files\Gamenext\Dr Daisy Pet Vet\Uninstall.exe" "C:\Program Files\Gamenext\Dr Daisy Pet Vet\install.log"
    Dream Day Wedding-->"C:\Program Files\Gamenext\Dream Day Wedding\Uninstall.exe" "C:\Program Files\Gamenext\Dream Day Wedding\install.log"
    Dress Shop Hop (remove only)-->"C:\Program Files\Dress Shop Hop\Uninstall.exe"
    Dynamite 1.1-->"E:\Jeux\Dynamite\unins000.exe"
    eMule-->"E:\Program Files\eMule 2\Uninstall.exe"
    Envisioneer Express 3.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1EBD2C18-069A-4582-BF40-2B506AF6CFAD}
    Escape from Paradise-->"C:\Program Files\Gamenext\Escape from Paradise\Uninstall.exe" "C:\Program Files\Gamenext\Escape from Paradise\install.log"
    Evel Knievel-->e:\program files\ek\unstall.exe
    Express Burn-->C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
    Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
    Eye for Design Deluxe-->"C:\Program Files\Zylom Games\Eye for Design Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Farm Frenzy (remove only)-->"C:\Program Files\Farm Frenzy\Uninstall.exe"
    Fashion Craze (remove only)-->"C:\Program Files\Fashion Craze\Uninstall.exe"
    Fashion Fits! (remove only)-->"C:\Program Files\Fashion Fits!\Uninstall.exe"
    Fashion Rush (remove only)-->"C:\Program Files\Fashion Rush\Uninstall.exe"
    FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
    Flash Decompiler Trillix-->"E:\Program Files\Eltima Software\Flash Decompiler Trillix\unins000.exe"
    Flatspace II-->"E:\Program Files\Flatspace II\ReflexiveArcade\unins000.exe"
    ƒpƒ\ƒtƒ@ƒ~-->"E:\Program Files\Pasofami\setup.exe" /r
    Free Naruto Screensaver-->"E:\Program Files\Free Naruto Screensaver\unins000.exe"
    Funny Worms Screen Saver v.1.04-->E:\Program Files\Funny Worms\uninst.exe
    Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
    Garden Dreams fr-->"C:\Program Files\BoontyGames\Garden Dreams\unins000.exe"
    Giftshop Deluxe-->"C:\Program Files\Zylom Games\Giftshop Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Go-Go Gourmet (remove only)-->"C:\Program Files\Go-Go Gourmet\Uninstall.exe"
    Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
    Google Gears-->MsiExec.exe /I{95774351-6087-3A3B-8CA8-70BEE49D2BD5}
    Google SketchUp 6 Exporters-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EB459C2F-41CA-4222-B9CA-F8EBA40B8DAB}\setup.exe" -l0x40c -removeonly
    Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
    Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
    Google SketchUp LayOut 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C12D609B-EB71-411B-82C3-9BE6D40435D7}\setup.exe" -l0x40c -removeonly
    Google SketchUp Pro 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12E75B98-8463-4C1F-8DDA-F6CF31566A55}\setup.exe" -l0x40c -removeonly
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
    greenstreet Picture Browser-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Fichiers communs\GST\Utilities\PBrowser.isu"
    GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    hp psc 1100 series-->MsiExec.exe /X{01161F64-6897-4885-93A0-A9F7BE9A4253}
    ImTOO MPEG Encoder-->F:\MPEG Encoder 3\Uninstall.exe
    Interactive Screensaver - Splinter Cell-->C:\WINDOWS\Interactive Screensaver - Splinter Cell.scr /u
    InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
    iSnooker V1.6.7f-->E:\Program Files\TheSnookerClub\iSnooker\Uninstal.exe
    Ivalice Launcher Version 11-->"E:\Program Files\World of Warcraft\unins000.exe"
    IziSpot 4-->MsiExec.exe /X{78DEE332-4FE2-469F-9CF7-F54C47E11F21}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    Joint Operations: Typhoon Rising - Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F6DED87-B0E2-462F-A4FE-7DAE4A2CB774}\setup.exe" -l0x9
    L2TY Launcher 1.9-->C:\Program Files\InstallShield Installation Information\{9B9E4DB6-BF14-4161-AD0C-F7E5D6878E47}\setup.exe -runfromtemp -l0x040c -removeonly
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LEGO Star Wars-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{E914A24F-2412-4374-B420-86D21D6D444A} /l1036
    Les Sims : Entre Chiens et Chats-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C32C567-DC0F-4C80-B06C-7873850A2E06}\setup.exe" -l040c
    Les Sims 2-->E:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
    Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
    LimeWire 4.12.6-->"E:\Program Files\LimeWire\uninstall.exe"
    Lineage II-->C:\Program Files\InstallShield Installation Information\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}\setup.exe -runfromtemp -l0x0009 -removeonly
    LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
    Living 3D Waterfalls Screen Saver-->"C:\PROGRA~1\Freeze.com\Living 3D Waterfalls\UNINSTAL.EXE"
    LogMeIn-->MsiExec.exe /I{BA2D4D22-0B99-4D63-BCEE-D2EA4736F27F}
    Lords of Everquest Édition Française (Ubisoft)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF0EE7B1-05DD-478E-80FE-A1847FBB9B15}\setup.exe" -l0x40c
    LOST PLANET TRIAL DX9-->MsiExec.exe /X{729F9233-40C5-41C6-A271-E09A9337D0C9}
    Magic Seeds (remove only)-->"C:\Program Files\Magic Seeds\Uninstall.exe"
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Medal of Honor Airborne Démo-->MsiExec.exe /X{25F28E36-FDBB-11DB-8314-0800200C9A66}
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft FrontPage Express-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\fpxpress.inf, Uninstall
    Microsoft Halo Trial-->"E:\Program Files\Microsoft Games\Halo Trial\UNINSTAL.EXE" /runtemp /addremove
    Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-011F-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Plus! Dancer LE-->MsiExec.exe /X{1A103D70-5C9B-4E1A-B306-5106C68F9914}
    Microsoft Reader Text-to-Speech pour le français-->MsiExec.exe /X{6F1547AA-8DA7-4FAC-BA11-BE1659E7086E}
    Microsoft Reader-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x40c
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
    Microsoft WinUsb 1.0-->"C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Mozilla Firefox (2.0)-->C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
    Mozilla Firefox (2.0.0.19)-->E:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
    MP3 Player Utilities 4.18-->MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}
    Mr. Putts Mini Golf-->C:\WINDOWS\GPInstall.exe "/UNINST=E:\program files\golf\UnInst.log" "/APPNAME=Mr. Putts Mini Golf"
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{1787603C-E6E3-42D4-8034-55F358486F1D}
    MTA: Race for San Andreas - Server 1.1.1-->E:\Program Files\MTA San Andreas\Server\Uninstall.exe
    Mystic Inn (remove only)-->"C:\Program Files\Mystic Inn\Uninstall.exe"
    naruto Screensaver-->C:\WINDOWS\system32\naruto.scr /u
    NEED FOR SPEED UNDERGROUND 2 Screen Saver-->C:\WINDOWS\NEED FOR SPEED UNDERGROUND 2.scr /u
    NEED FOR SPEED UNDERGROUND 2 SCREENSAVER MAKER-->"E:\Program Files\NFSU2\unins000.exe"
    Norton™ Security Scan-->MsiExec.exe /I{DA15D535-5E1D-4076-B520-8571346D6238}
    oggcodecs-->MsiExec.exe /I{D65F0073-A820-4085-B997-A061171595A7}
    Pepakura Viewer 3-->"E:\Program Files\tamasoftware\pepakura3en\viewer\epuninst.exe" /s
    Philips SPC220NC Webcam-->C:\Program Files\InstallShield Installation Information\{6CC0CB79-C873-404A-820B-248934D04191}\setup.exe -runfromtemp -l0x040c -removeonly
    Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
    Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
    Photo et imagerie HP 2.0 - hp psc 1100 series-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
    PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
    PhotoFiltre-->"E:\Program Files\PhotoFiltre\Uninst.exe"
    Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
    Pixia 3.3b-->"F:\Pixia\unins000.exe"
    Plantasia Deluxe-->"C:\Program Files\Zylom Games\Plantasia Deluxe\GameInstaller.exe" --uninstall UnInstall.log
    Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
    Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
    Psychonauts Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4388155B-A19E-41DE-B262-CF2DE2C8D32E}\setup.exe" -l0x9 -removeonly
    QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
    Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c -removeonly
    Real Desktop 1.32a Light-->"E:\Program Files\Real Desktop\unins000.exe"
    RealArcade-->C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
    Recyclorama (remove only)-->"C:\Program Files\Recyclorama\Uninstall.exe"
    Roller Rush Deluxe-->"C:\Program Files\Zylom Games\Roller Rush Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    RomuStrike 138c-->E:\Uninstal.exe
    RomuStrike Xml4-->C:\WINDOWS\system32\Uninstal.exe
    romustrike-->MsiExec.exe /I{F70315E0-D82D-4D09-9EE0-28BB6EAC76FE}
    Sandlot Games Client Services-->"C:\Program Files\Fichiers communs\Sandlot Shared\unins000.exe"
    scrabbleproB 1.0.7-->"E:\Program Files\scrabbleproB1.0.7\unins000.exe"
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Shock Desktop v1.53-->"C:\WINDOWS\IFinst27.exe" -UE:\Program Files\Shock Utility\ShockDesktop\IFU69C.inf
    Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
    Sim AQUARIUM 2-->"E:\program files\unins000.exe"
    SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
    Snapshot Adventures - Secret of Bird Island (remove only)-->"C:\Program Files\Snapshot Adventures - Secret of Bird Island\Uninstall.exe"
    SoftCAD.3D-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E2222E2-6D95-11D6-9D7C-004033384775}\Setup.exe" -l0x40c -uninst
    SopCast 3.0.3-->F:\SopCast\uninst.exe
    SphereXP 1.1.626-->E:\Program Files\SphereXP\uninst.exe
    Star Wars Republic Commando Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A4F9E9FE-A9C7-43FC-8AB7-06A87C3CE368}\Setup.exe" -l0x9
    Steam-->E:\PROGRA~1\COUTER~1\UNWISE.EXE E:\PROGRA~1\COUTER~1\INSTALL.LOG
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
    Tactile-->"C:\Program Files\Tactile\Uninstall.exe"
    TeamViewer 3-->C:\Program Files\TeamViewer3\uninstall.exe
    Teddy Factory Deluxe-->"C:\Program Files\Zylom Games\Teddy Factory Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Téléchargeur de Ma Clinique Veterinaire fr-->"C:\Program Files\Téléchargeur de Ma Clinique Veterinaire\unins000.exe"
    Téléchargeur de Worms 4 Mayhem fr-->"C:\Program Files\Téléchargeur de Worms 4 Mayhem\unins000.exe"
    TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U
    The Apprentice - Los Angeles (remove only)-->"C:\Program Files\The Apprentice - Los Angeles\Uninstall.exe"
    The Game of Life - Path to Success Deluxe-->"C:\Program Files\Zylom Games\The Game of Life - Path to Success Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Titan Quest Demo-->"E:\program files\couter strik\steam.exe" steam://uninstall/4590
    TomTom HOME-->E:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    TVAnts 1.0-->E:\PROGRA~1\TV\TVAnts\UNWISE.EXE E:\PROGRA~1\TV\TVAnts\INSTALL.LOG
    VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
    Veoh Web Player Beta-->"C:\Program Files\Veoh Networks\VeohWebPlayer\uninst.exe"
    VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
    VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
    VIA/S3G Display Driver 6.14.10.0054-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
    Video Conversion Tool 1.1-->"E:\Video Conversion Tool\unins000.exe"
    Virtools 3D Life Player-->C:\Program Files\Virtools\3D Life Player\WebplayerConfig.exe -u
    Virtual Villagers fr-->"C:\Program Files\BoontyGames\Virtual Villagers\unins000.exe"
    Virtual Villagers: A New Home (remove only)-->"C:\Program Files\Virtual Villagers\Uninstall.exe"
    VirtualDubMOD 1.5.10.2 b2540 Fr-->E:\program files\virtualdubmod\UnInstall_VDMOD.exe
    VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vogue Tales (remove only)-->"C:\Program Files\Vogue Tales\Uninstall.exe"
    Wakfu-->C:\Program Files\Wakfu\uninstall.exe
    WiFi Station-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows PowerShell(TM) 1.0-->C:\WINDOWS\$NtUninstallKB926139$\spuninst\spuninst.exe
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Wings 3D 0.98.32a-->G:\wings3d_0.98.32a\Uninstall.exe
    Wonderland Adventures (remove only)-->"C:\Program Files\Wonderland Adventures\Uninstall.exe"
    world_warcraft Screensaver-->C:\WINDOWS\system32\world_warcraft.scr /u
    Worms 3D Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{481463D7-E5D9-4331-B154-B75D6D3C15F8}\Setup.exe" -l0x9
    Worms 4 Mayhem Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED340366-F336-420D-8867-88643836D900}\setup.exe" -l0x9 -removeonly
    Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL

    ======Hosts File======

    127.0.0.1 localhost

    ======Security center information======

    AV: avast! antivirus 4.8.1296 [VPS 090122-0]

    System event log

    Computer Name: DIEGO
    Event Code: 10005
    Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service MSIServer avec les arguments ""
    pour démarrer le serveur :
    {000C101C-0000-0000-C000-000000000046}

    Record Number: 6651
    Source Name: DCOM
    Time Written: 20090116120948.000000+060
    Event Type: erreur
    User: DIEGO\Adrien

    Computer Name: DIEGO
    Event Code: 64016
    Message: L'analyse des fichiers de la protection des fichiers Windows a été démarrée.

    Record Number: 6650
    Source Name: Windows File Protection
    Time Written: 20090116120943.000000+060
    Event Type: Informations
    User:

    Computer Name: DIEGO
    Event Code: 6005
    Message: Le service d'Enregistrement d'événement a démarré.

    Record Number: 6649
    Source Name: EventLog
    Time Written: 20090116120933.000000+060
    Event Type: Informations
    User:

    Computer Name: DIEGO
    Event Code: 6009
    Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

    Record Number: 6648
    Source Name: EventLog
    Time Written: 20090116120933.000000+060
    Event Type: Informations
    User:

    Computer Name: DIEGO
    Event Code: 26
    Message: Application popup : iexplore.exe - Erreur d'application : L'instruction à "0x001582d6" emploie l'adresse mémoire "0x7fa8d95e". La mémoire ne peut pas être "read".

    Cliquez sur OK pour terminer le programme.
    Cliquez sur Annuler pour déboguer le programme

    Record Number: 6647
    Source Name: Application Popup
    Time Written: 20090115220000.000000+060
    Event Type: Informations
    User:

    Application event log

    Computer Name: DIEGO
    Event Code: 1015
    Message: La connexion au serveur est impossible. Erreur : 0x80070422

    Record Number: 5
    Source Name: MsiInstaller
    Time Written: 20090121181105.000000+060
    Event Type: Avertissement
    User: DIEGO\Adrien

    Computer Name: DIEGO
    Event Code: 1001
    Message: Échec de détection du produit '{20471B27-D702-4FE8-8DEC-0702CC8C0A85}', fonctionnalité 'Application' lors de la demande du composant '{D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9}'

    Record Number: 4
    Source Name: MsiInstaller
    Time Written: 20090121181104.000000+060
    Event Type: Avertissement
    User: DIEGO\Adrien

    Computer Name: DIEGO
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 3
    Source Name: SecurityCenter
    Time Written: 20090121181039.000000+060
    Event Type: Informations
    User:

    Computer Name: DIEGO
    Event Code: 4
    Message: The LightScribe Service started successfully.

    Record Number: 2
    Source Name: LightScribeService
    Time Written: 20090121181034.000000+060
    Event Type: Informations
    User:

    Computer Name: DIEGO
    Event Code: 0
    Message:
    Record Number: 1
    Source Name: trioService
    Time Written: 20090121181033.000000+060
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\QuickTime\QTSystem
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=5f02
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "DEVMGR_SHOW_DETAILS"=1
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    "AQSISHOME"=G:\Aqsis
    "tvdumpflags"=8

    -----------------EOF-----------------
    0
  12. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    * Double-clique dessus pour lancer l'installation
    * Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré (C:\lopR.txt)
    0
  13. drie Messages postés 123 Statut Membre 12
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Adrien ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1296 [VPS 090122-0] 4.8.1296 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:29 Go (Free:15 Go)
    D:\ (CD or DVD)
    E:\ (Local Disk) - NTFS - Total:119 Go (Free:54 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 23/01/2009|12:39 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [04/07/2007|07:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Adobe
    [11/01/2009|15:18] C:\DOCUME~1\Adrien\APPLIC~1\Apple Computer
    [22/01/2009|21:55] C:\DOCUME~1\Adrien\APPLIC~1\AUDIO OBJ SCR
    [10/11/2008|21:52] C:\DOCUME~1\Adrien\APPLIC~1\Axialis
    [13/08/2008|15:16] C:\DOCUME~1\Adrien\APPLIC~1\Blender Foundation
    [19/11/2008|19:36] C:\DOCUME~1\Adrien\APPLIC~1\Canneverbe_Limited
    [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\DMV Technologies
    [19/11/2008|13:31] C:\DOCUME~1\Adrien\APPLIC~1\Droppix
    [11/01/2009|11:51] C:\DOCUME~1\Adrien\APPLIC~1\fltk.org
    [25/12/2008|20:09] C:\DOCUME~1\Adrien\APPLIC~1\Gearbox Software
    [30/07/2008|17:59] C:\DOCUME~1\Adrien\APPLIC~1\Identities
    [19/11/2008|13:17] C:\DOCUME~1\Adrien\APPLIC~1\ImgBurn
    [22/11/2008|14:23] C:\DOCUME~1\Adrien\APPLIC~1\InstallShield
    [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Macromedia
    [24/11/2008|21:10] C:\DOCUME~1\Adrien\APPLIC~1\Malwarebytes
    [25/12/2008|21:42] C:\DOCUME~1\Adrien\APPLIC~1\Microsoft
    [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\Mozilla
    [08/11/2008|12:42] C:\DOCUME~1\Adrien\APPLIC~1\RayV
    [06/11/2008|18:08] C:\DOCUME~1\Adrien\APPLIC~1\Real
    [19/11/2008|20:51] C:\DOCUME~1\Adrien\APPLIC~1\Sun
    [30/07/2008|18:03] C:\DOCUME~1\Adrien\APPLIC~1\Talkback
    [20/01/2009|15:11] C:\DOCUME~1\Adrien\APPLIC~1\TeamViewer
    [05/11/2008|14:59] C:\DOCUME~1\Adrien\APPLIC~1\TuneUp Software
    [15/01/2009|17:33] C:\DOCUME~1\Adrien\APPLIC~1\uTorrent
    [27/11/2008|21:53] C:\DOCUME~1\Adrien\APPLIC~1\vlc
    [05/11/2008|13:04] C:\DOCUME~1\Adrien\APPLIC~1\WinRAR

    [25/05/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/07/2007|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds
    [08/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [08/04/2008|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [19/01/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFish
    [19/03/2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
    [09/08/2008|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blender Foundation
    [21/01/2009|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
    [01/04/2007|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [20/07/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cadsoft
    [22/01/2009|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    [19/11/2008|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
    [20/08/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Escape From Paradise
    [09/10/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
    [29/03/2008|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
    [20/04/2007|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
    [17/07/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
    [06/04/2008|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
    [07/02/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
    [12/12/2007|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
    [02/07/2008|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [09/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [08/10/2008|07:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    [10/11/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Icon Constructor 3
    [23/01/2007|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [31/03/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
    [01/10/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Legacy Interactive
    [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lifetime
    [25/06/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ludia
    [24/11/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [16/01/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [23/10/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
    [14/10/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9
    [25/06/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
    [25/06/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
    [23/12/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
    [15/08/2007|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
    [11/11/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [06/10/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [12/10/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [20/12/2007|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
    [26/12/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [12/03/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [09/10/2008|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [14/09/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\thedownloadpollkind
    [10/06/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [23/03/2007|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [30/10/2008|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [15/01/2008|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
    [26/07/2008|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm
    [11/01/2007|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [13/01/2007|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [13/10/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [05/10/2007|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
    [14/10/2008|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [22/09/2007|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [06/06/2007|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [15/01/2008|17:39] C:\DOCUME~1\DAMIEN\APPLIC~1\Adobe
    [22/01/2009|22:00] C:\DOCUME~1\DAMIEN\APPLIC~1\AUDIO OBJ SCR
    [22/03/2008|13:03] C:\DOCUME~1\DAMIEN\APPLIC~1\Droppix
    [02/11/2007|17:45] C:\DOCUME~1\DAMIEN\APPLIC~1\Google
    [02/11/2007|18:59] C:\DOCUME~1\DAMIEN\APPLIC~1\Help
    [22/03/2008|10:06] C:\DOCUME~1\DAMIEN\APPLIC~1\Hewlett-Packard
    [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Identities
    [02/11/2007|17:42] C:\DOCUME~1\DAMIEN\APPLIC~1\Macromedia
    [16/01/2008|16:51] C:\DOCUME~1\DAMIEN\APPLIC~1\Microsoft
    [26/12/2008|10:24] C:\DOCUME~1\DAMIEN\APPLIC~1\Mozilla
    [23/03/2008|10:08] C:\DOCUME~1\DAMIEN\APPLIC~1\OtakuSoftware
    [28/07/2008|12:13] C:\DOCUME~1\DAMIEN\APPLIC~1\Real
    [22/03/2008|09:54] C:\DOCUME~1\DAMIEN\APPLIC~1\Talkback
    [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Windows Desktop Search

    [04/07/2007|07:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [29/04/2008|20:03] C:\DOCUME~1\Garcia\APPLIC~1\.k3d
    [17/10/2008|10:57] C:\DOCUME~1\Garcia\APPLIC~1\Adobe
    [08/05/2008|14:46] C:\DOCUME~1\Garcia\APPLIC~1\aignes
    [08/10/2008|10:36] C:\DOCUME~1\Garcia\APPLIC~1\AlterLab
    [13/01/2008|21:09] C:\DOCUME~1\Garcia\APPLIC~1\Apple Computer
    [22/03/2008|08:37] C:\DOCUME~1\Garcia\APPLIC~1\Aquatica 3D
    [22/01/2009|22:02] C:\DOCUME~1\Garcia\APPLIC~1\AUDIO OBJ SCR
    [13/12/2007|16:56] C:\DOCUME~1\Garcia\APPLIC~1\Aveyond II
    [19/01/2008|11:48] C:\DOCUME~1\Garcia\APPLIC~1\BigFish
    [09/08/2008|09:22] C:\DOCUME~1\Garcia\APPLIC~1\Blender Foundation
    [05/06/2008|15:17] C:\DOCUME~1\Garcia\APPLIC~1\Bricsys
    [18/03/2008|19:24] C:\DOCUME~1\Garcia\APPLIC~1\CVitae
    [09/12/2007|14:21] C:\DOCUME~1\Garcia\APPLIC~1\Droppix
    [29/10/2008|15:20] C:\DOCUME~1\Garcia\APPLIC~1\dvdcss
    [09/12/2007|09:03] C:\DOCUME~1\Garcia\APPLIC~1\fltk.org
    [29/05/2008|13:25] C:\DOCUME~1\Garcia\APPLIC~1\fr.specialk.widjets.650E238E6C8F1B8509D0BF1E479F06D523A86A64.1
    [23/07/2008|11:47] C:\DOCUME~1\Garcia\APPLIC~1\GameHouse
    [09/10/2008|11:00] C:\DOCUME~1\Garcia\APPLIC~1\Gamelab
    [31/01/2008|16:15] C:\DOCUME~1\Garcia\APPLIC~1\Garcia
    [02/07/2008|14:39] C:\DOCUME~1\Garcia\APPLIC~1\Google
    [10/03/2008|18:21] C:\DOCUME~1\Garcia\APPLIC~1\Help
    [06/11/2007|08:56] C:\DOCUME~1\Garcia\APPLIC~1\Hewlett-Packard
    [19/12/2007|13:31] C:\DOCUME~1\Garcia\APPLIC~1\Home Sweet Home
    [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Identities
    [05/06/2008|15:14] C:\DOCUME~1\Garcia\APPLIC~1\InstallShield
    [08/04/2008|15:11] C:\DOCUME~1\Garcia\APPLIC~1\Jane s Hotel Family Hero
    [02/05/2008|16:16] C:\DOCUME~1\Garcia\APPLIC~1\LEGO Company
    [23/02/2008|09:17] C:\DOCUME~1\Garcia\APPLIC~1\LimeWire
    [25/06/2008|09:42] C:\DOCUME~1\Garcia\APPLIC~1\Ludia
    [26/11/2007|17:49] C:\DOCUME~1\Garcia\APPLIC~1\Macromedia
    [15/02/2008|10:54] C:\DOCUME~1\Garcia\APPLIC~1\Magic Seeds
    [21/03/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Meridian93
    [07/10/2008|14:25] C:\DOCUME~1\Garcia\APPLIC~1\Microsoft
    [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\Mozilla
    [15/07/2008|15:37] C:\DOCUME~1\Garcia\APPLIC~1\My Games
    [20/03/2008|19:08] C:\DOCUME~1\Garcia\APPLIC~1\OtakuSoftware
    [06/10/2008|13:14] C:\DOCUME~1\Garcia\APPLIC~1\PlayFirst
    [30/05/2008|13:03] C:\DOCUME~1\Garcia\APPLIC~1\Real
    [20/03/2008|15:25] C:\DOCUME~1\Garcia\APPLIC~1\Real Desktop
    [16/11/2007|19:39] C:\DOCUME~1\Garcia\APPLIC~1\Sun
    [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\TomTom
    [15/04/2008|12:25] C:\DOCUME~1\Garcia\APPLIC~1\Total Eclipse
    [30/10/2008|10:25] C:\DOCUME~1\Garcia\APPLIC~1\TuneUp Software
    [21/07/2008|15:55] C:\DOCUME~1\Garcia\APPLIC~1\uTorrent
    [15/01/2008|19:21] C:\DOCUME~1\Garcia\APPLIC~1\Valusoft
    [03/11/2007|09:58] C:\DOCUME~1\Garcia\APPLIC~1\Windows Desktop Search
    [09/05/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Wings3D
    [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Zylom

    [26/01/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [29/05/2008|07:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

    [31/01/2008|12:18] C:\DOCUME~1\MISSMA~1\APPLIC~1\Adobe
    [24/04/2008|07:56] C:\DOCUME~1\MISSMA~1\APPLIC~1\AUDIO OBJ SCR
    [12/12/2007|14:26] C:\DOCUME~1\MISSMA~1\APPLIC~1\Google
    [10/12/2007|19:15] C:\DOCUME~1\MISSMA~1\APPLIC~1\Identities
    [12/12/2007|13:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Macromedia
    [22/03/2008|11:31] C:\DOCUME~1\MISSMA~1\APPLIC~1\Meridian93
    [12/12/2007|14:28] C:\DOCUME~1\MISSMA~1\APPLIC~1\Microsoft
    [22/03/2008|11:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Mozilla
    [15/07/2008|09:06] C:\DOCUME~1\MISSMA~1\APPLIC~1\Real
    [22/03/2008|11:03] C:\DOCUME~1\MISSMA~1\APPLIC~1\Talkback
    [10/12/2007|19:16] C:\DOCUME~1\MISSMA~1\APPLIC~1\Windows Desktop Search

    [11/01/2007|19:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [22/01/2009 22:00][--ah-----] C:\WINDOWS\tasks\A6F060CF91881617.job
    [23/01/2009 12:16][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [22/01/2009 22:08][--a------] C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    [23/01/2009 12:33][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
    [15/06/2008 21:34][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1205612787.job
    [16/01/2009 15:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
    [30/10/2008 09:00][--a------] C:\WINDOWS\tasks\rpc.job
    [23/01/2009 12:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [06/09/2002 21:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( A6F060CF91881617.job )=( c:\docume~1\adrien\applic~1\audioo~1\SaveBlehFour.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [12/10/2007|07:51] C:\Program Files\Adverts
    [26/11/2007|13:16] C:\Program Files\AGEIA Technologies
    [16/10/2008|09:39] C:\Program Files\Alwil Software
    [26/12/2008|10:35] C:\Program Files\AUDIO OBJ SCR
    [19/11/2008|19:35] C:\Program Files\CDBurner
    [24/04/2008|08:07] C:\Program Files\Circle Developement
    [30/06/2008|10:40] C:\Program Files\Common Files
    [28/07/2008|14:30] C:\Program Files\CVitae
    [11/01/2008|20:45] C:\Program Files\Desktop XP
    [03/06/2007|09:25] C:\Program Files\directx
    [15/07/2008|08:56] C:\Program Files\D-Link
    [26/12/2008|11:02] C:\Program Files\Eidos
    [29/09/2008|16:42] C:\Program Files\Eset
    [22/01/2009|20:52] C:\Program Files\Fichiers communs
    [20/03/2008|20:24] C:\Program Files\Google
    [14/01/2007|13:22] C:\Program Files\Hewlett-Packard
    [07/12/2008|11:29] C:\Program Files\InstallShield Installation Information
    [10/12/2008|18:06] C:\Program Files\Internet Explorer
    [26/07/2008|07:29] C:\Program Files\Java
    [24/11/2008|17:39] C:\Program Files\L2trinity
    [12/03/2008|20:16] C:\Program Files\LogMeIn
    [20/11/2008|12:58] C:\Program Files\Maïdo Production
    [22/01/2009|21:51] C:\Program Files\Malwarebytes' Anti-Malware
    [29/09/2008|21:01] C:\Program Files\Messenger
    [18/10/2008|18:32] C:\Program Files\Messenger Plus! Live
    [23/10/2008|18:35] C:\Program Files\Micro Application
    [13/10/2008|12:28] C:\Program Files\Microsoft
    [05/10/2007|20:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [29/09/2008|17:32] C:\Program Files\microsoft frontpage
    [26/12/2008|10:23] C:\Program Files\Microsoft FrontPage Express
    [11/01/2007|21:24] C:\Program Files\Microsoft Office
    [13/10/2008|12:39] C:\Program Files\Microsoft Office Outlook Connector
    [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Dancer LE
    [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Digital Media Edition
    [11/01/2008|18:39] C:\Program Files\Microsoft SQL Server Compact Edition
    [11/01/2007|21:23] C:\Program Files\Microsoft Visual Studio
    [11/01/2007|21:28] C:\Program Files\Microsoft Works
    [11/01/2007|21:22] C:\Program Files\Microsoft.NET
    [09/07/2008|15:28] C:\Program Files\MOVAVI
    [29/09/2008|18:40] C:\Program Files\movie maker
    [17/12/2008|21:10] C:\Program Files\Mozilla Firefox
    [06/11/2008|18:07] C:\Program Files\MSI
    [29/09/2008|18:40] C:\Program Files\msn
    [11/01/2007|19:22] C:\Program Files\MSN Gaming Zone
    [13/10/2008|12:11] C:\Program Files\MSN Messenger
    [11/01/2007|19:38] C:\Program Files\MSXML 4.0
    [15/08/2007|14:48] C:\Program Files\MSXML 6.0
    [25/06/2008|17:49] C:\Program Files\NCH Software
    [23/12/2008|14:43] C:\Program Files\NCH Swift Sound
    [29/09/2008|18:38] C:\Program Files\NetMeeting
    [08/12/2007|12:07] C:\Program Files\nullDC
    [09/10/2008|10:56] C:\Program Files\Oberon Media
    [29/09/2008|18:38] C:\Program Files\Outlook Express
    [07/08/2008|18:45] C:\Program Files\Paraworld
    [10/12/2007|19:06] C:\Program Files\PhotoFiltre Studio
    [10/12/2007|18:45] C:\Program Files\Picasa2
    [08/04/2008|19:52] C:\Program Files\QuickTime
    [30/05/2008|12:29] C:\Program Files\Real
    [06/11/2008|18:20] C:\Program Files\Realtek
    [11/01/2007|20:48] C:\Program Files\S3
    [20/12/2007|20:46] C:\Program Files\Skyline
    [26/03/2008|17:09] C:\Program Files\SLD Codec Pack
    [29/09/2008|16:38] C:\Program Files\SpecialK
    [12/03/2008|20:01] C:\Program Files\Symantec
    [22/03/2008|12:25] C:\Program Files\Tactile
    [20/01/2009|15:11] C:\Program Files\TeamViewer
    [10/06/2008|18:09] C:\Program Files\TomTom DesktopSuite
    [22/01/2009|21:55] C:\Program Files\trend micro
    [30/04/2007|20:37] C:\Program Files\Trymedia
    [30/10/2008|10:25] C:\Program Files\TuneUp Utilities 2008
    [27/04/2008|11:04] C:\Program Files\UltraStar
    [11/01/2007|19:37] C:\Program Files\UTILS
    [11/01/2009|22:18] C:\Program Files\Veoh Networks
    [11/01/2007|20:45] C:\Program Files\VIA
    [29/09/2008|16:42] C:\Program Files\Windows Desktop Search
    [30/10/2008|08:34] C:\Program Files\Windows Live
    [14/10/2008|11:14] C:\Program Files\Windows Live Favorites
    [14/10/2008|11:15] C:\Program Files\Windows Live Toolbar
    [26/03/2008|17:09] C:\Program Files\Windows Media Connect 2
    [29/10/2008|15:49] C:\Program Files\Windows Media Player
    [29/09/2008|18:38] C:\Program Files\Windows NT
    [21/11/2008|17:27] C:\Program Files\WindowsUpdate
    [26/03/2008|17:09] C:\Program Files\WMV9_VCM
    [11/01/2007|19:37] C:\Program Files\WSTARTUP
    [29/09/2008|17:32] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [13/08/2007|11:02] C:\Program Files\Fichiers communs\Adobe
    [25/05/2008|19:13] C:\Program Files\Fichiers communs\Adobe AIR
    [08/04/2008|19:50] C:\Program Files\Fichiers communs\Apple
    [20/08/2007|09:08] C:\Program Files\Fichiers communs\ArcSoft
    [21/01/2009|14:46] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [01/04/2007|09:10] C:\Program Files\Fichiers communs\BOONTY Shared
    [05/06/2008|15:14] C:\Program Files\Fichiers communs\Bricsys
    [20/07/2008|12:24] C:\Program Files\Fichiers communs\Cadsoft
    [11/01/2007|21:24] C:\Program Files\Fichiers communs\DESIGNER
    [07/05/2007|07:49] C:\Program Files\Fichiers communs\DirectX
    [19/11/2008|13:31] C:\Program Files\Fichiers communs\Droppix
    [03/01/2009|09:44] C:\Program Files\Fichiers communs\DVDVIDEOSOFT
    [10/04/2007|19:49] C:\Program Files\Fichiers communs\GST
    [14/01/2007|13:20] C:\Program Files\Fichiers communs\Hewlett-Packard
    [23/01/2007|20:05] C:\Program Files\Fichiers communs\InstallShield
    [23/01/2007|20:06] C:\Program Files\Fichiers communs\InterVideo
    [11/01/2007|19:50] C:\Program Files\Fichiers communs\Java
    [08/05/2008|07:48] C:\Program Files\Fichiers communs\L&H
    [12/01/2007|13:19] C:\Program Files\Fichiers communs\LightScribe
    [03/08/2008|20:26] C:\Program Files\Fichiers communs\Microsoft Shared
    [11/01/2007|19:24] C:\Program Files\Fichiers communs\MSSoap
    [17/07/2008|10:57] C:\Program Files\Fichiers communs\Oberon Media
    [12/01/2007|03:14] C:\Program Files\Fichiers communs\ODBC
    [30/05/2008|12:30] C:\Program Files\Fichiers communs\Real
    [25/04/2007|08:54] C:\Program Files\Fichiers communs\Sandlot Shared
    [11/01/2007|19:24] C:\Program Files\Fichiers communs\Services
    [15/11/2008|20:01] C:\Program Files\Fichiers communs\snpstd3
    [12/01/2007|03:14] C:\Program Files\Fichiers communs\SpeechEngines
    [06/11/2007|12:45] C:\Program Files\Fichiers communs\SWF Studio
    [27/01/2008|08:32] C:\Program Files\Fichiers communs\Symantec Shared
    [13/10/2008|12:39] C:\Program Files\Fichiers communs\System
    [23/01/2007|20:07] C:\Program Files\Fichiers communs\Ulead
    [13/10/2008|12:23] C:\Program Files\Fichiers communs\Windows Live
    [11/01/2008|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [30/10/2008|10:22] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [30/05/2008|12:30] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 30 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\SECOND ELSE.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    C:\DOCUME~1\Adrien\APPLIC~1\audioo~1
    C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Bows support frag exit.exe
    C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\bvskheth.exe
    C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\gbzqekhw.exe
    C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Option play.exe
    C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Save Bleh Four.exe
    C:\DOCUME~1\DAMIEN\APPLIC~1\audioo~1
    C:\DOCUME~1\Garcia\APPLIC~1\audioo~1
    C:\DOCUME~1\MISSMA~1\APPLIC~1\audioo~1
    C:\Program Files\audioo~1
    C:\Program Files\Adverts
    C:\Program Files\Circle Developement
    C:\DOCUME~1\Adrien\Cookies\adrien@www.adserver5[1].txt
    C:\DOCUME~1\Adrien\Cookies\adrien@bigpoint[1].txt
    C:\DOCUME~1\Adrien\Cookies\adrien@fr.xblaster.bigpoint[1].txt
    C:\DOCUME~1\Adrien\Cookies\adrien@adopt.euroclick[1].txt
    C:\DOCUME~1\Adrien\Cookies\adrien@pacificpoker[2].txt
    C:\DOCUME~1\Adrien\Cookies\adrien@partypoker[2].txt
    C:\WINDOWS\Tasks\A6F060CF91881617.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Settings two"="C:\\DOCUME~1\\Adrien\\APPLIC~1\\AUDIOO~1\\Option play.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-23 12:41:08
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 2

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROOTKIT !!

    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Adrien\Application Data\uTorrent\GTA San Andreas DVD +Crack.torrent

    [F:3][D:2]-> C:\DOCUME~1\Adrien\LOCALS~1\Temp
    [F:134][D:0]-> C:\DOCUME~1\Adrien\Cookies
    [F:22][D:4]-> C:\DOCUME~1\Adrien\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 23/01/2009|12:42 - Option : [1]

    --------------------\\ Fin du rapport a 12:42:20
    0
  14. drie Messages postés 123 Statut Membre 12
     
    au fait le problème de redirection vers des sites bizarres est réglé je n'ai plus aucun problème avec ça mais par contre le problème de l'ordi que se fige je sais pas en tou cas depuis hier soir ça ne me la plus fait. :)
    0
  15. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    télécharge OTMoveIt
    http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

    double-clique sur OTMoveIt.exe pour le lancer.
    copie la liste qui se trouve en citation ci-dessous,
    et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.

    :processes
    explorer.exe
    :services
    TDSSserv
    :files
    C:\WINDOWS\tasks\rpc.job
    :reg
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
    :commands
    [purity]
    [emptytemp]
    [start explorer]

    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre "Results".
    clique sur Exit pour fermer.
    poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

    _________________

    relance lop sd choisi l'option 2 et colle le rapport

    _______________
    0
  16. drie Messages postés 123 Statut Membre 12
     
    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== SERVICES/DRIVERS ==========
    Unable to stop service TDSSserv .
    ========== FILES ==========
    C:\WINDOWS\tasks\rpc.job moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_T­DSSSERV.SYS\\ not found.
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.­sys\\ not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Adrien\LOCALS~1\Temp\etilqs_rAYggIXqVw2B1e018ocn scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_618.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01232009_130206

    Files moved on Reboot...
    File C:\DOCUME~1\Adrien\LOCALS~1\Temp\etilqs_rAYggIXqVw2B1e018ocn not found!
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    C:\WINDOWS\temp\Perflib_Perfdata_618.dat moved successfully.
    C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\urlclassifier3.sqlite moved successfully.
    C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\XUL.mfl moved successfully.
    0
  17. drie Messages postés 123 Statut Membre 12
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Adrien ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1296 [VPS 090122-0] 4.8.1296 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:29 Go (Free:15 Go)
    D:\ (CD or DVD)
    E:\ (Local Disk) - NTFS - Total:119 Go (Free:54 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 23/01/2009|13:09 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\SECOND ELSE.dat
    Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Bows support frag exit.exe
    Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\bvskheth.exe
    Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\gbzqekhw.exe
    Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Option play.exe
    Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Save Bleh Four.exe
    Supprime! - C:\WINDOWS\Tasks\A6F060CF91881617.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1
    Supprime! - C:\DOCUME~1\DAMIEN\APPLIC~1\audioo~1
    Supprime! - C:\DOCUME~1\Garcia\APPLIC~1\audioo~1
    Supprime! - C:\DOCUME~1\MISSMA~1\APPLIC~1\audioo~1
    Supprime! - C:\Program Files\audioo~1
    Supprime! - C:\Program Files\Adverts
    Supprime! - C:\Program Files\Circle Developement
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [04/07/2007|07:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Adobe
    [11/01/2009|15:18] C:\DOCUME~1\Adrien\APPLIC~1\Apple Computer
    [10/11/2008|21:52] C:\DOCUME~1\Adrien\APPLIC~1\Axialis
    [13/08/2008|15:16] C:\DOCUME~1\Adrien\APPLIC~1\Blender Foundation
    [19/11/2008|19:36] C:\DOCUME~1\Adrien\APPLIC~1\Canneverbe_Limited
    [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\DMV Technologies
    [19/11/2008|13:31] C:\DOCUME~1\Adrien\APPLIC~1\Droppix
    [11/01/2009|11:51] C:\DOCUME~1\Adrien\APPLIC~1\fltk.org
    [25/12/2008|20:09] C:\DOCUME~1\Adrien\APPLIC~1\Gearbox Software
    [30/07/2008|17:59] C:\DOCUME~1\Adrien\APPLIC~1\Identities
    [19/11/2008|13:17] C:\DOCUME~1\Adrien\APPLIC~1\ImgBurn
    [22/11/2008|14:23] C:\DOCUME~1\Adrien\APPLIC~1\InstallShield
    [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Macromedia
    [24/11/2008|21:10] C:\DOCUME~1\Adrien\APPLIC~1\Malwarebytes
    [25/12/2008|21:42] C:\DOCUME~1\Adrien\APPLIC~1\Microsoft
    [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\Mozilla
    [08/11/2008|12:42] C:\DOCUME~1\Adrien\APPLIC~1\RayV
    [06/11/2008|18:08] C:\DOCUME~1\Adrien\APPLIC~1\Real
    [19/11/2008|20:51] C:\DOCUME~1\Adrien\APPLIC~1\Sun
    [30/07/2008|18:03] C:\DOCUME~1\Adrien\APPLIC~1\Talkback
    [20/01/2009|15:11] C:\DOCUME~1\Adrien\APPLIC~1\TeamViewer
    [05/11/2008|14:59] C:\DOCUME~1\Adrien\APPLIC~1\TuneUp Software
    [15/01/2009|17:33] C:\DOCUME~1\Adrien\APPLIC~1\uTorrent
    [27/11/2008|21:53] C:\DOCUME~1\Adrien\APPLIC~1\vlc
    [05/11/2008|13:04] C:\DOCUME~1\Adrien\APPLIC~1\WinRAR

    [25/05/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/07/2007|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds
    [08/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [08/04/2008|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [19/01/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFish
    [19/03/2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
    [09/08/2008|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blender Foundation
    [21/01/2009|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
    [01/04/2007|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [20/07/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cadsoft
    [19/11/2008|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
    [20/08/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Escape From Paradise
    [09/10/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
    [29/03/2008|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
    [20/04/2007|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
    [17/07/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
    [06/04/2008|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
    [07/02/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
    [12/12/2007|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
    [02/07/2008|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [09/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [10/11/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Icon Constructor 3
    [23/01/2007|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [31/03/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
    [01/10/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Legacy Interactive
    [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lifetime
    [25/06/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ludia
    [24/11/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [16/01/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [23/10/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
    [14/10/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9
    [25/06/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
    [25/06/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
    [23/12/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
    [15/08/2007|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
    [11/11/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [06/10/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [12/10/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [20/12/2007|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
    [26/12/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [12/03/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [09/10/2008|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [14/09/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\thedownloadpollkind
    [10/06/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [23/03/2007|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [30/10/2008|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [15/01/2008|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
    [26/07/2008|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm
    [11/01/2007|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [13/01/2007|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [13/10/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [05/10/2007|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
    [14/10/2008|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [22/09/2007|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [06/06/2007|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [15/01/2008|17:39] C:\DOCUME~1\DAMIEN\APPLIC~1\Adobe
    [22/03/2008|13:03] C:\DOCUME~1\DAMIEN\APPLIC~1\Droppix
    [02/11/2007|17:45] C:\DOCUME~1\DAMIEN\APPLIC~1\Google
    [02/11/2007|18:59] C:\DOCUME~1\DAMIEN\APPLIC~1\Help
    [22/03/2008|10:06] C:\DOCUME~1\DAMIEN\APPLIC~1\Hewlett-Packard
    [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Identities
    [02/11/2007|17:42] C:\DOCUME~1\DAMIEN\APPLIC~1\Macromedia
    [16/01/2008|16:51] C:\DOCUME~1\DAMIEN\APPLIC~1\Microsoft
    [26/12/2008|10:24] C:\DOCUME~1\DAMIEN\APPLIC~1\Mozilla
    [23/03/2008|10:08] C:\DOCUME~1\DAMIEN\APPLIC~1\OtakuSoftware
    [28/07/2008|12:13] C:\DOCUME~1\DAMIEN\APPLIC~1\Real
    [22/03/2008|09:54] C:\DOCUME~1\DAMIEN\APPLIC~1\Talkback
    [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Windows Desktop Search

    [04/07/2007|07:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [29/04/2008|20:03] C:\DOCUME~1\Garcia\APPLIC~1\.k3d
    [17/10/2008|10:57] C:\DOCUME~1\Garcia\APPLIC~1\Adobe
    [08/05/2008|14:46] C:\DOCUME~1\Garcia\APPLIC~1\aignes
    [08/10/2008|10:36] C:\DOCUME~1\Garcia\APPLIC~1\AlterLab
    [13/01/2008|21:09] C:\DOCUME~1\Garcia\APPLIC~1\Apple Computer
    [22/03/2008|08:37] C:\DOCUME~1\Garcia\APPLIC~1\Aquatica 3D
    [13/12/2007|16:56] C:\DOCUME~1\Garcia\APPLIC~1\Aveyond II
    [19/01/2008|11:48] C:\DOCUME~1\Garcia\APPLIC~1\BigFish
    [09/08/2008|09:22] C:\DOCUME~1\Garcia\APPLIC~1\Blender Foundation
    [05/06/2008|15:17] C:\DOCUME~1\Garcia\APPLIC~1\Bricsys
    [18/03/2008|19:24] C:\DOCUME~1\Garcia\APPLIC~1\CVitae
    [09/12/2007|14:21] C:\DOCUME~1\Garcia\APPLIC~1\Droppix
    [29/10/2008|15:20] C:\DOCUME~1\Garcia\APPLIC~1\dvdcss
    [09/12/2007|09:03] C:\DOCUME~1\Garcia\APPLIC~1\fltk.org
    [29/05/2008|13:25] C:\DOCUME~1\Garcia\APPLIC~1\fr.specialk.widjets.650E238E6C8F1B8509D0BF1E479F06D523A86A64.1
    [23/07/2008|11:47] C:\DOCUME~1\Garcia\APPLIC~1\GameHouse
    [09/10/2008|11:00] C:\DOCUME~1\Garcia\APPLIC~1\Gamelab
    [31/01/2008|16:15] C:\DOCUME~1\Garcia\APPLIC~1\Garcia
    [02/07/2008|14:39] C:\DOCUME~1\Garcia\APPLIC~1\Google
    [10/03/2008|18:21] C:\DOCUME~1\Garcia\APPLIC~1\Help
    [06/11/2007|08:56] C:\DOCUME~1\Garcia\APPLIC~1\Hewlett-Packard
    [19/12/2007|13:31] C:\DOCUME~1\Garcia\APPLIC~1\Home Sweet Home
    [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Identities
    [05/06/2008|15:14] C:\DOCUME~1\Garcia\APPLIC~1\InstallShield
    [08/04/2008|15:11] C:\DOCUME~1\Garcia\APPLIC~1\Jane s Hotel Family Hero
    [02/05/2008|16:16] C:\DOCUME~1\Garcia\APPLIC~1\LEGO Company
    [23/02/2008|09:17] C:\DOCUME~1\Garcia\APPLIC~1\LimeWire
    [25/06/2008|09:42] C:\DOCUME~1\Garcia\APPLIC~1\Ludia
    [26/11/2007|17:49] C:\DOCUME~1\Garcia\APPLIC~1\Macromedia
    [15/02/2008|10:54] C:\DOCUME~1\Garcia\APPLIC~1\Magic Seeds
    [21/03/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Meridian93
    [07/10/2008|14:25] C:\DOCUME~1\Garcia\APPLIC~1\Microsoft
    [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\Mozilla
    [15/07/2008|15:37] C:\DOCUME~1\Garcia\APPLIC~1\My Games
    [20/03/2008|19:08] C:\DOCUME~1\Garcia\APPLIC~1\OtakuSoftware
    [06/10/2008|13:14] C:\DOCUME~1\Garcia\APPLIC~1\PlayFirst
    [30/05/2008|13:03] C:\DOCUME~1\Garcia\APPLIC~1\Real
    [20/03/2008|15:25] C:\DOCUME~1\Garcia\APPLIC~1\Real Desktop
    [16/11/2007|19:39] C:\DOCUME~1\Garcia\APPLIC~1\Sun
    [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\TomTom
    [15/04/2008|12:25] C:\DOCUME~1\Garcia\APPLIC~1\Total Eclipse
    [30/10/2008|10:25] C:\DOCUME~1\Garcia\APPLIC~1\TuneUp Software
    [21/07/2008|15:55] C:\DOCUME~1\Garcia\APPLIC~1\uTorrent
    [15/01/2008|19:21] C:\DOCUME~1\Garcia\APPLIC~1\Valusoft
    [03/11/2007|09:58] C:\DOCUME~1\Garcia\APPLIC~1\Windows Desktop Search
    [09/05/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Wings3D
    [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Zylom

    [26/01/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [29/05/2008|07:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

    [31/01/2008|12:18] C:\DOCUME~1\MISSMA~1\APPLIC~1\Adobe
    [12/12/2007|14:26] C:\DOCUME~1\MISSMA~1\APPLIC~1\Google
    [10/12/2007|19:15] C:\DOCUME~1\MISSMA~1\APPLIC~1\Identities
    [12/12/2007|13:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Macromedia
    [22/03/2008|11:31] C:\DOCUME~1\MISSMA~1\APPLIC~1\Meridian93
    [12/12/2007|14:28] C:\DOCUME~1\MISSMA~1\APPLIC~1\Microsoft
    [22/03/2008|11:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Mozilla
    [15/07/2008|09:06] C:\DOCUME~1\MISSMA~1\APPLIC~1\Real
    [22/03/2008|11:03] C:\DOCUME~1\MISSMA~1\APPLIC~1\Talkback
    [10/12/2007|19:16] C:\DOCUME~1\MISSMA~1\APPLIC~1\Windows Desktop Search

    [11/01/2007|19:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [23/01/2009 13:05][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [23/01/2009 13:08][--a------] C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    [23/01/2009 12:33][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
    [15/06/2008 21:34][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1205612787.job
    [16/01/2009 15:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
    [23/01/2009 13:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [06/09/2002 21:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [26/11/2007|13:16] C:\Program Files\AGEIA Technologies
    [16/10/2008|09:39] C:\Program Files\Alwil Software
    [19/11/2008|19:35] C:\Program Files\CDBurner
    [30/06/2008|10:40] C:\Program Files\Common Files
    [28/07/2008|14:30] C:\Program Files\CVitae
    [11/01/2008|20:45] C:\Program Files\Desktop XP
    [03/06/2007|09:25] C:\Program Files\directx
    [15/07/2008|08:56] C:\Program Files\D-Link
    [26/12/2008|11:02] C:\Program Files\Eidos
    [29/09/2008|16:42] C:\Program Files\Eset
    [22/01/2009|20:52] C:\Program Files\Fichiers communs
    [20/03/2008|20:24] C:\Program Files\Google
    [14/01/2007|13:22] C:\Program Files\Hewlett-Packard
    [07/12/2008|11:29] C:\Program Files\InstallShield Installation Information
    [10/12/2008|18:06] C:\Program Files\Internet Explorer
    [26/07/2008|07:29] C:\Program Files\Java
    [24/11/2008|17:39] C:\Program Files\L2trinity
    [12/03/2008|20:16] C:\Program Files\LogMeIn
    [20/11/2008|12:58] C:\Program Files\Maïdo Production
    [22/01/2009|21:51] C:\Program Files\Malwarebytes' Anti-Malware
    [29/09/2008|21:01] C:\Program Files\Messenger
    [18/10/2008|18:32] C:\Program Files\Messenger Plus! Live
    [23/10/2008|18:35] C:\Program Files\Micro Application
    [13/10/2008|12:28] C:\Program Files\Microsoft
    [05/10/2007|20:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [29/09/2008|17:32] C:\Program Files\microsoft frontpage
    [26/12/2008|10:23] C:\Program Files\Microsoft FrontPage Express
    [11/01/2007|21:24] C:\Program Files\Microsoft Office
    [13/10/2008|12:39] C:\Program Files\Microsoft Office Outlook Connector
    [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Dancer LE
    [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Digital Media Edition
    [11/01/2008|18:39] C:\Program Files\Microsoft SQL Server Compact Edition
    [11/01/2007|21:23] C:\Program Files\Microsoft Visual Studio
    [11/01/2007|21:28] C:\Program Files\Microsoft Works
    [11/01/2007|21:22] C:\Program Files\Microsoft.NET
    [09/07/2008|15:28] C:\Program Files\MOVAVI
    [29/09/2008|18:40] C:\Program Files\movie maker
    [17/12/2008|21:10] C:\Program Files\Mozilla Firefox
    [06/11/2008|18:07] C:\Program Files\MSI
    [29/09/2008|18:40] C:\Program Files\msn
    [11/01/2007|19:22] C:\Program Files\MSN Gaming Zone
    [13/10/2008|12:11] C:\Program Files\MSN Messenger
    [11/01/2007|19:38] C:\Program Files\MSXML 4.0
    [15/08/2007|14:48] C:\Program Files\MSXML 6.0
    [25/06/2008|17:49] C:\Program Files\NCH Software
    [23/12/2008|14:43] C:\Program Files\NCH Swift Sound
    [29/09/2008|18:38] C:\Program Files\NetMeeting
    [08/12/2007|12:07] C:\Program Files\nullDC
    [09/10/2008|10:56] C:\Program Files\Oberon Media
    [29/09/2008|18:38] C:\Program Files\Outlook Express
    [07/08/2008|18:45] C:\Program Files\Paraworld
    [10/12/2007|19:06] C:\Program Files\PhotoFiltre Studio
    [10/12/2007|18:45] C:\Program Files\Picasa2
    [08/04/2008|19:52] C:\Program Files\QuickTime
    [30/05/2008|12:29] C:\Program Files\Real
    [06/11/2008|18:20] C:\Program Files\Realtek
    [11/01/2007|20:48] C:\Program Files\S3
    [20/12/2007|20:46] C:\Program Files\Skyline
    [26/03/2008|17:09] C:\Program Files\SLD Codec Pack
    [29/09/2008|16:38] C:\Program Files\SpecialK
    [12/03/2008|20:01] C:\Program Files\Symantec
    [22/03/2008|12:25] C:\Program Files\Tactile
    [20/01/2009|15:11] C:\Program Files\TeamViewer
    [10/06/2008|18:09] C:\Program Files\TomTom DesktopSuite
    [22/01/2009|21:55] C:\Program Files\trend micro
    [30/04/2007|20:37] C:\Program Files\Trymedia
    [30/10/2008|10:25] C:\Program Files\TuneUp Utilities 2008
    [27/04/2008|11:04] C:\Program Files\UltraStar
    [11/01/2007|19:37] C:\Program Files\UTILS
    [11/01/2009|22:18] C:\Program Files\Veoh Networks
    [11/01/2007|20:45] C:\Program Files\VIA
    [29/09/2008|16:42] C:\Program Files\Windows Desktop Search
    [30/10/2008|08:34] C:\Program Files\Windows Live
    [14/10/2008|11:14] C:\Program Files\Windows Live Favorites
    [14/10/2008|11:15] C:\Program Files\Windows Live Toolbar
    [26/03/2008|17:09] C:\Program Files\Windows Media Connect 2
    [29/10/2008|15:49] C:\Program Files\Windows Media Player
    [29/09/2008|18:38] C:\Program Files\Windows NT
    [21/11/2008|17:27] C:\Program Files\WindowsUpdate
    [26/03/2008|17:09] C:\Program Files\WMV9_VCM
    [11/01/2007|19:37] C:\Program Files\WSTARTUP
    [29/09/2008|17:32] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [13/08/2007|11:02] C:\Program Files\Fichiers communs\Adobe
    [25/05/2008|19:13] C:\Program Files\Fichiers communs\Adobe AIR
    [08/04/2008|19:50] C:\Program Files\Fichiers communs\Apple
    [20/08/2007|09:08] C:\Program Files\Fichiers communs\ArcSoft
    [21/01/2009|14:46] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [01/04/2007|09:10] C:\Program Files\Fichiers communs\BOONTY Shared
    [05/06/2008|15:14] C:\Program Files\Fichiers communs\Bricsys
    [20/07/2008|12:24] C:\Program Files\Fichiers communs\Cadsoft
    [11/01/2007|21:24] C:\Program Files\Fichiers communs\DESIGNER
    [07/05/2007|07:49] C:\Program Files\Fichiers communs\DirectX
    [19/11/2008|13:31] C:\Program Files\Fichiers communs\Droppix
    [03/01/2009|09:44] C:\Program Files\Fichiers communs\DVDVIDEOSOFT
    [10/04/2007|19:49] C:\Program Files\Fichiers communs\GST
    [14/01/2007|13:20] C:\Program Files\Fichiers communs\Hewlett-Packard
    [23/01/2007|20:05] C:\Program Files\Fichiers communs\InstallShield
    [23/01/2007|20:06] C:\Program Files\Fichiers communs\InterVideo
    [11/01/2007|19:50] C:\Program Files\Fichiers communs\Java
    [08/05/2008|07:48] C:\Program Files\Fichiers communs\L&H
    [12/01/2007|13:19] C:\Program Files\Fichiers communs\LightScribe
    [03/08/2008|20:26] C:\Program Files\Fichiers communs\Microsoft Shared
    [11/01/2007|19:24] C:\Program Files\Fichiers communs\MSSoap
    [17/07/2008|10:57] C:\Program Files\Fichiers communs\Oberon Media
    [12/01/2007|03:14] C:\Program Files\Fichiers communs\ODBC
    [30/05/2008|12:30] C:\Program Files\Fichiers communs\Real
    [25/04/2007|08:54] C:\Program Files\Fichiers communs\Sandlot Shared
    [11/01/2007|19:24] C:\Program Files\Fichiers communs\Services
    [15/11/2008|20:01] C:\Program Files\Fichiers communs\snpstd3
    [12/01/2007|03:14] C:\Program Files\Fichiers communs\SpeechEngines
    [06/11/2007|12:45] C:\Program Files\Fichiers communs\SWF Studio
    [27/01/2008|08:32] C:\Program Files\Fichiers communs\Symantec Shared
    [13/10/2008|12:39] C:\Program Files\Fichiers communs\System
    [23/01/2007|20:07] C:\Program Files\Fichiers communs\Ulead
    [13/10/2008|12:23] C:\Program Files\Fichiers communs\Windows Live
    [11/01/2008|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [30/10/2008|10:22] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [30/05/2008|12:30] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 32 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-23 13:10:37
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 2

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROOTKIT !!

    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Adrien\Application Data\uTorrent\GTA San Andreas DVD +Crack.torrent

    [F:12][D:3]-> C:\DOCUME~1\Adrien\LOCALS~1\Temp
    [F:13][D:0]-> C:\DOCUME~1\Adrien\Cookies
    [F:164][D:4]-> C:\DOCUME~1\Adrien\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 23/01/2009|12:42 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 23/01/2009|13:13 - Option : [2]

    --------------------\\ Fin du rapport a 13:13:12
    0
  18. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    relance lop sd choisi l'option 2 et colle le rapport
    0
  19. drie Messages postés 123 Statut Membre 12
     
    encore ??
    0
  20. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ce crack a virer:

    C:\DOCUME~1\Adrien\Application Data\uTorrent\GTA San Andreas DVD +Crack.torrent

    ______________

    utilise pour supprimer tes traces

    CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo
    (dans les options puis avancé :désactive la case: effacer les fichiers de plus de 48 heures)
    https://www.malekal.com/tutoriel-ccleaner/
    _______________

    nettoie ton registre avec reg cleaner
    https://www.malekal.com/nettoyer-sa-base-de-registre-avec-windows-registry-cleaner/
    __________________

    puis remets un rapport RSIt et lopsd option 1
    0
  21. drie Messages postés 123 Statut Membre 12
     
    ok il fallait le faire qu'une fois lopSD alors
    0
  • 1
  • 2