Virus chez Capdec

Résolu
Capdec -  
 Capdec -
Bonjour,

Voici le rapport de scan de BitDefender. Quelqu'un peut-il m'aider ?

BitDefender Online Scanner - Real Time Virus Report
Generated at: Fri, Jan 30, 2009 - 17:51:14

Scan Info
Scanned Files : 1089533
Infected Files : 3
Virus Detected :
- Trojan.Spy.Goldun.NDK : 2
- Application.VTesttool.A : 1

Merci.
A voir également:

305 réponses

Précédent
Réponse 121 / 305
Utilisateur anonyme
 
Voici le rapport de ComboFix. Par contre, pour supprimer les fichiers temporaires et réparer le registre, je dois utiliser CCleaner ?

ComboFix 09-02-27.02 - Jean-Louis 2009-02-28 11:22:23.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1278.673 [GMT 1:00]
Lancé depuis: c:\documents and settings\Jean-Louis\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
FW: PC Tools Firewall Plus *disabled*
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\patch.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-28 au 2009-02-28 ))))))))))))))))))))))))))))))))))))
.

2070-01-01 01:00 . 2007-04-07 10:25 <REP> d-------- c:\program files\Grand Robert & Collins
2009-02-28 09:29 . 2009-02-28 11:28 54,156 --ah----- c:\windows\QTFont.qfn
2009-02-28 09:29 . 2009-02-28 09:29 1,409 --a------ c:\windows\QTFont.for
2009-02-27 21:41 . 2008-08-14 14:23 2,025,984 --a------ c:\windows\system32\ntkrnlpa.exe
2009-02-27 21:40 . 2008-04-14 03:33 219,648 --a------ c:\windows\system32\uxtheme.dll.backup
2009-02-27 21:37 . 2009-02-27 21:37 <REP> d-------- c:\program files\i-TimTel
2009-02-27 21:37 . 2009-02-27 21:37 <REP> d-------- c:\program files\i-Media
2009-02-27 21:37 . 2009-02-27 21:37 36,864 --a------ c:\windows\gotouninstall.exe
2009-02-27 21:37 . 2009-02-27 21:38 115 --a------ c:\windows\GOTO.INI
2009-02-26 22:01 . 2003-01-26 12:41 40,960 --a------ c:\windows\system32\ssubtmr6.dll
2009-02-26 22:01 . 2007-08-31 17:36 36,864 --a------ c:\windows\system32\trayicon_handler.ocx
2009-02-26 22:01 . 2008-08-31 12:27 28,672 --a------ c:\windows\system32\mousewheel.ocx
2009-02-26 21:47 . 2007-09-02 20:56 1,686,016 --a------ c:\windows\system32\clinetsuitex6.ocx
2009-02-26 08:56 . 2009-02-26 09:34 <REP> d-------- C:\SDFix
2009-02-25 19:40 . 2009-02-25 19:40 <REP> d-------- c:\program files\AskBardis
2009-02-25 10:08 . 2009-02-25 10:08 1,374 --a------ c:\windows\imsins.BAK
2009-02-25 09:36 . 2009-01-09 20:19 1,089,883 -----c--- c:\windows\system32\dllcache\ntprint.cat
2009-02-24 20:26 . 2009-02-24 21:26 <REP> d-------- c:\documents and settings\Jean-Louis\DoctorWeb
2009-02-24 17:30 . 2009-02-24 17:30 <REP> d-------- C:\ATI
2009-02-21 20:05 . 2009-02-21 22:59 <REP> d-------- c:\program files\Free Offers from Freeze.com
2009-02-21 20:05 . 2009-02-21 20:05 <REP> d-------- c:\program files\Common Files
2009-02-21 20:04 . 2009-02-21 20:05 <REP> d-------- c:\program files\Winferno
2009-02-21 20:04 . 2006-10-09 12:28 835,584 --a------ c:\windows\system32\WINCTL4.OCX
2009-02-21 20:04 . 2006-10-09 13:06 495,616 --a------ c:\windows\system32\WINUTIL5.DLL
2009-02-21 20:04 . 2006-05-17 08:40 393,216 --a------ c:\windows\system32\WINLCTL5.DLL
2009-02-21 20:03 . 2009-02-21 20:03 <REP> d-------- c:\program files\Wyyo
2009-02-21 20:03 . 2009-02-21 20:03 <REP> d-------- c:\documents and settings\All Users\Application Data\Wyyo
2009-02-21 19:54 . 2006-04-25 08:15 5,427,441 --a------ c:\windows\Twinkling Stars.scr
2009-02-13 15:17 . 2009-02-13 15:17 <REP> d-------- c:\documents and settings\All Users\Application Data\IM
2009-02-13 15:16 . 2009-02-13 15:16 <REP> d-------- c:\documents and settings\All Users\Application Data\IncrediMail
2009-02-12 10:04 . 2009-02-12 10:04 <REP> d-------- c:\program files\Softi Software
2009-02-12 10:04 . 2009-02-12 10:04 <REP> d-------- c:\documents and settings\Jean-Louis\Application Data\Softi Software
2009-02-06 19:25 . 2009-02-06 19:25 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-02-06 01:48 . 2009-02-06 02:08 <REP> d-------- c:\program files\SkanerOnline
2009-02-05 19:21 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-02-05 19:08 . 2009-02-05 19:21 <REP> d-------- c:\windows\system32\XPSViewer
2009-02-05 19:08 . 2009-02-05 19:08 <REP> d-------- c:\program files\Reference Assemblies
2009-02-05 19:08 . 2009-02-05 19:08 <REP> d-------- c:\program files\MSBuild
2009-02-05 19:07 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-02-05 19:07 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-02-05 19:07 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-02-05 19:07 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-02-05 19:07 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-02-05 19:07 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-02-05 19:07 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-02-05 18:02 . 2009-02-05 18:02 766 --a------ c:\windows\system32\outils.ico
2009-02-05 17:56 . 2009-02-05 17:56 766 --a------ c:\windows\system32\jeux_gadgets.ico
2009-02-05 17:36 . 2009-02-05 17:36 766 --a------ c:\windows\system32\fichiers_courants.ico
2009-02-05 15:33 . 2009-02-05 15:33 766 --a------ c:\windows\winhlp32.ico
2009-02-05 14:47 . 2009-02-05 14:47 <REP> d-------- c:\documents and settings\Jean-Louis\Application Data\CursorArts
2009-02-03 23:11 . 2009-02-03 23:11 <REP> d-------- c:\documents and settings\Jean-Louis\Application Data\PCToolsFirewallPlus
2009-02-03 23:05 . 2009-02-03 23:05 <REP> d-------- c:\program files\Fichiers communs\PC Tools
2009-02-03 23:05 . 2008-12-11 08:38 159,600 --a------ c:\windows\system32\drivers\pctgntdi.sys
2009-02-03 23:05 . 2009-01-20 14:12 130,928 --a------ c:\windows\system32\drivers\PCTCore.sys
2009-02-03 23:05 . 2008-09-22 12:29 97,408 --a------ c:\windows\system32\drivers\pctfw.sys
2009-02-03 23:05 . 2008-12-18 12:16 73,840 --a------ c:\windows\system32\drivers\PCTAppEvent.sys
2009-02-03 23:04 . 2009-01-21 10:38 95,640 --a------ c:\windows\system32\drivers\pctplfw.sys
2009-02-03 20:10 . 2009-02-03 20:10 <REP> d-------- c:\program files\Avira
2009-02-03 20:10 . 2009-02-03 20:10 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-02-03 17:28 . 2009-02-03 17:28 <REP> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-02-03 00:07 . 2009-02-03 00:07 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-02-03 00:02 . 2009-02-25 20:16 <REP> d-------- c:\windows\ERUNT
2009-02-02 23:37 . 2008-12-20 23:46 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-02-02 23:37 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-02-02 23:37 . 2007-03-08 06:10 1,048,576 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-02-02 23:37 . 2008-12-20 23:46 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-02-02 23:37 . 2008-12-20 23:46 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-02-02 23:37 . 2008-12-20 23:46 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-02-02 23:37 . 2008-12-20 23:46 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-02-02 23:37 . 2008-12-20 23:46 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-02-02 23:37 . 2008-12-19 10:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-02-02 17:21 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-02 17:21 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-31 23:46 . 2008-06-14 18:33 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-01-31 23:45 . 2009-01-16 21:15 3,594,752 --a--c--- c:\windows\system32\dllcache\mshtml.dll
2009-01-31 23:45 . 2008-08-14 14:23 2,147,328 --a--c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-01-31 23:45 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-31 23:45 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-01-31 23:45 . 2008-08-14 14:23 2,025,984 --a--c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-31 23:45 . 2008-09-15 16:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-01-31 23:45 . 2008-10-16 02:01 1,499,648 --a--c--- c:\windows\system32\dllcache\shdocvw.dll
2009-01-31 23:45 . 2008-12-20 23:47 1,160,192 --a--c--- c:\windows\system32\dllcache\urlmon.dll
2009-01-31 23:45 . 2008-12-20 23:47 826,368 --a--c--- c:\windows\system32\dllcache\wininet.dll
2009-01-31 23:31 . 2008-04-14 03:33 1,306,624 -----c--- c:\windows\system32\dllcache\msxml6.dll
2009-01-31 23:31 . 2008-04-13 18:04 93,184 -----c--- c:\windows\system32\dllcache\msxml6r.dll
2009-01-31 23:25 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-01-31 23:25 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-01-31 23:24 . 2008-04-11 20:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-01-31 23:24 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-01-31 23:23 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-01-31 23:23 . 2008-10-23 13:36 286,720 -----c--- c:\windows\system32\dllcache\gdi32.dll
2009-01-30 23:37 . 2009-02-25 09:27 1,340,702,720 --a------ c:\windows\MEMORY.DMP
2009-01-30 23:12 . 2004-08-05 13:00 131,584 --a--c--- c:\windows\system32\dllcache\pmxviceo.dll
2009-01-30 23:12 . 2004-08-05 13:00 92,416 --a--c--- c:\windows\system32\dllcache\mga.sys
2009-01-30 23:12 . 2004-08-05 13:00 92,032 --a--c--- c:\windows\system32\dllcache\mga.dll
2009-01-30 23:12 . 2001-08-23 17:47 65,536 --a--c--- c:\windows\system32\dllcache\EXCH_mailmsg.dll
2009-01-30 23:12 . 2001-08-23 17:47 38,912 --a--c--- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2009-01-30 23:12 . 2001-08-23 17:47 23,040 --a--c--- c:\windows\system32\dllcache\EXCH_regtrace.exe
2009-01-30 23:12 . 2004-08-05 13:00 18,432 --a--c--- c:\windows\system32\dllcache\jupiw.dll
2009-01-30 23:12 . 2004-08-05 13:00 16,896 --a--c--- c:\windows\system32\dllcache\quser.exe
2009-01-30 23:12 . 2004-08-05 13:00 15,360 --a--c--- c:\windows\system32\dllcache\register.exe
2009-01-30 23:12 . 2004-08-05 13:00 11,264 --a--c--- c:\windows\system32\dllcache\pmxmcro.dll
2009-01-30 23:12 . 2004-08-05 13:00 10,240 --a--c--- c:\windows\system32\dllcache\query.exe
2009-01-30 23:12 . 2004-08-05 13:00 6,144 --a--c--- c:\windows\system32\dllcache\pmxgl.dll
2009-01-30 23:10 . 2003-04-14 20:29 217,088 --a--c--- c:\windows\system32\dllcache\fpmmcsat.dll
2009-01-30 23:10 . 2001-08-23 17:46 45,056 --a--c--- c:\windows\system32\dllcache\EXCH_aqadmin.dll
2009-01-30 23:10 . 2003-04-14 20:29 16,384 --a--c--- c:\windows\system32\dllcache\tcptsat.dll
2009-01-30 23:10 . 2001-08-23 17:46 5,632 --a--c--- c:\windows\system32\dllcache\EXCH_adsiisex.dll
2009-01-30 23:08 . 2009-01-30 23:08 749 -rah----- c:\windows\WindowsShell.Manifest
2009-01-30 23:08 . 2009-01-30 23:08 749 -rah----- c:\windows\system32\wuaucpl.cpl.manifest
2009-01-30 23:08 . 2009-01-30 23:08 749 -rah----- c:\windows\system32\sapi.cpl.manifest
2009-01-30 23:08 . 2009-01-30 23:08 749 -rah----- c:\windows\system32\ncpa.cpl.manifest
2009-01-30 23:08 . 2009-01-30 23:08 488 -rah----- c:\windows\system32\logonui.exe.manifest
2009-01-30 23:07 . 2004-08-05 13:00 16,384 --a--c--- c:\windows\system32\dllcache\isignup.exe
2009-01-30 22:52 . 2004-08-05 13:00 10,096,640 --a--c--- c:\windows\system32\dllcache\hwxcht.dll
2009-01-30 22:52 . 2004-08-05 13:00 809,394 --a--c--- c:\windows\system32\dllcache\NT5IIS.CAT
2009-01-30 22:52 . 2004-08-05 13:00 399,670 --a--c--- c:\windows\system32\dllcache\MAPIMIG.CAT
2009-01-30 22:52 . 2004-08-05 13:00 37,509 --a--c--- c:\windows\system32\dllcache\MW770.CAT
2009-01-30 22:52 . 2004-08-05 13:00 24,661 --a------ c:\windows\system32\spxcoins.dll
2009-01-30 22:52 . 2004-08-05 13:00 24,661 --a--c--- c:\windows\system32\dllcache\spxcoins.dll
2009-01-30 22:52 . 2004-08-05 13:00 16,254 --a------ c:\windows\system32\PINTLPAE.HLP
2009-01-30 22:52 . 2004-08-05 13:00 14,821 --a------ c:\windows\system32\PINTLPAD.HLP
2009-01-30 22:52 . 2004-08-05 13:00 13,497 --a--c--- c:\windows\system32\dllcache\HPCRDP.CAT
2009-01-30 22:52 . 2004-08-05 13:00 13,312 --a------ c:\windows\system32\irclass.dll
2009-01-30 22:52 . 2004-08-05 13:00 13,312 --a--c--- c:\windows\system32\dllcache\irclass.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-28 10:29 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-28 10:29 --------- d-----w c:\documents and settings\All Users\Application Data\Babylon
2009-02-28 10:10 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\FileZilla
2009-02-27 08:35 --------- d-----w c:\program files\Mozilla Thunderbird
2009-02-26 23:25 --------- d-----w c:\program files\Emoticon
2009-02-25 10:06 --------- d-----w c:\program files\DICCIONARIO CLAVE
2009-02-20 13:53 --------- d-----w c:\program files\TuneUp Utilities 2007
2009-02-13 17:11 --------- d-----w c:\program files\Norton Security Scan
2009-02-06 08:13 --------- d-----w c:\program files\Folding@Home
2009-02-05 21:40 --------- d-----w c:\program files\ActivIcons
2009-02-05 10:39 --------- d-----w c:\program files\Java
2009-02-04 11:24 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-03 22:19 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\SUPERAntiSpyware.com
2009-02-03 22:18 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-02-03 18:49 --------- d-----w c:\program files\Alwil Software
2009-02-02 20:35 --------- d-----w c:\program files\eMule
2009-02-02 18:45 --------- d-----w c:\program files\Lavasoft
2009-02-02 18:45 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-02 16:17 --------- d-----w c:\program files\RogueRemover FREE
2009-01-26 13:31 --------- d-----w c:\documents and settings\All Users\Application Data\Le Robert
2009-01-25 10:07 --------- d-----w c:\program files\Windows Media Connect 2
2009-01-24 14:46 --------- d-----w c:\documents and settings\All Users\Application Data\DriverCure
2009-01-24 14:17 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\DAEMON Tools Pro
2009-01-24 14:17 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\DAEMON Tools Lite
2009-01-24 14:17 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\DAEMON Tools
2009-01-24 14:17 --------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-01-23 09:07 64,160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-01-17 22:57 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\Vso
2009-01-14 21:57 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\DriverCure
2009-01-14 21:54 --------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-01-14 21:41 93,531 ----a-w c:\windows\FreeOCR.net Uninstaller.exe
2009-01-14 21:41 --------- d-----w c:\program files\FreeOCR25
2009-01-14 13:36 --------- d-----w c:\program files\Google
2009-01-11 09:46 --------- d-----w c:\program files\OLYMPUS
2009-01-08 19:14 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\Azureus
2009-01-08 19:13 --------- d-----w c:\documents and settings\Jean-Louis\Application Data\uTorrent
2009-01-08 18:54 --------- d-----w c:\program files\CCleaner
2009-01-08 18:21 47,360 ----a-w c:\documents and settings\Jean-Louis\Application Data\pcouffin.sys
2009-01-06 17:05 --------- d-----w c:\program files\Free Audio Pack
2008-11-13 18:43 98,960 ----a-w c:\documents and settings\Jean-Louis\Application Data\GDIPFONTCACHEV1.DAT
2007-12-30 16:48 15,397 ----a-w c:\program files\settings.dat
2007-12-12 09:57 32 -c--a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2007-01-25 01:52 65,536 ----a-w c:\program files\Fichiers communs\NMSAccessU.exe
2007-04-23 10:48 7,168 ----a-w c:\program files\mozilla firefox\plugins\libcomm.dll
2007-06-04 08:09 35,008 ----a-w c:\program files\mozilla firefox\plugins\NanoInst.dll
2007-05-23 09:57 35,840 ----a-w c:\program files\mozilla firefox\plugins\PSComm.dll
2007-06-04 08:09 111,208 ----a-w c:\program files\mozilla firefox\plugins\PSNAdBrk.dll
2008-09-20 07:35 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2006-05-03 10:06 163,328 --sha-r c:\windows\system32\flvDX.dll
2007-02-21 11:47 31,232 --sha-r c:\windows\system32\msfDX.dll
2007-12-17 13:43 27,648 --sha-w c:\windows\system32\Smab0.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AnnotatedJpgOverlay]
@="{846F1C20-3769-4659-BFDC-088B51FBFBD8}"
[HKEY_CLASSES_ROOT\CLSID\{846F1C20-3769-4659-BFDC-088B51FBFBD8}]
2007-03-20 22:46 356352 --a------ d:\program files\FotoTagger\FotoTaggerToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2007-03-05 16384]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2007\MemOptimizer.exe" [2007-04-27 312840]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-02 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Range-Notes"="c:\program files\Range-Notes\Range-Notes.exe" [2006-09-29 266240]
"Google Update"="c:\documents and settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-02 133104]
"SUPERAntiSpyware"="d:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-25 1830128]
"Clavier+"="d:\documents and settings\Jean-Louis\Local Settings\Application Data\Clavier+\Clavier.exe" [2007-10-21 88576]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-05-15 95536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-07-25 344064]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"UpdateManager"="c:\program files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2003-12-01 892928]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-20 29744]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
"Babylon Client"="d:\program files\Babylon\Babylon-Pro\Babylon.exe" [2006-12-13 2785256]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-12 136600]
"StxTrayMenu"="d:\program files\Seagate\SystemTray\StxMenuMgr.exe" [2007-01-18 190008]
"Acronis Scheduler2 Service"="c:\program files\Fichiers communs\Seagate\Schedule2\schedhlp.exe" [2007-08-20 148760]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"RoxWatchTray"="c:\program files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" [2005-10-11 163840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-05 44032]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-05-15 54576]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"00PCTFW"="d:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-25 2652056]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 c:\windows\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\Jean-Louis\Menu D‚marrer\Programmes\D‚marrage\
Babylon.exe.lnk - d:\program files\Babylon\Babylon-Pro\Babylon.exe [2007-08-25 2785256]
SpywareGuard.lnk - d:\program files\SpywareGuard\sgmain.exe [2003-08-29 360448]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-03-05 169472]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 d:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0/usprestrt

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ cli scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"c:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"c:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-01-23 64160]
R1 DCDisk;DCDisk;c:\windows\system32\drivers\DCDisk.sys [2007-03-30 42240]
R1 dtd;dtd;c:\program files\Arovax Shield\dtd.sys [2007-03-05 41600]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-02-03 159600]
R1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R1 SSHDRV84;SSHDRV84;c:\windows\system32\drivers\SSHDRV84.sys [2007-04-14 76800]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-02-03 73840]
R2 Seagate Sync Service;Seagate Sync Service;d:\program files\Seagate\Sync\SeaSyncServices.exe [2007-01-18 24120]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCCFLTR.SYS [2007-03-05 14092]
R3 SASENUM;SASENUM;d:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S0 FsUdf;FsUdf; [x]
S0 fvdscsi;fvdscsi;c:\windows\system32\DRIVERS\fvdscsi.sys --> c:\windows\system32\DRIVERS\fvdscsi.sys [?]
S3 exdisk;Express Disk Service;c:\windows\system32\DRIVERS\exdisk.sys --> c:\windows\system32\DRIVERS\exdisk.sys [?]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-03-09 29744]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-02-03 95640]
.
Contenu du dossier 'Tâches planifiées'

2009-02-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-01-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]

2009-02-28 c:\windows\Tasks\GlaryInitialize.job
- d:\program files\Glary Utilities\initialize.exe [2009-02-12 17:10]

2009-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1532298954-682003330-1004.job
- c:\documents and settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 20:34]

2009-02-27 c:\windows\Tasks\Mantenimiento con 1 clic.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-27 07:39]

2009-02-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-02-27 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Fichiers communs\ParetoLogic\UUS2\UUS.dll []

2009-02-28 c:\windows\Tasks\RegCure Program Check.job
- d:\program files\RegCure\RegCure.exe []
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
mWindow Title =
uInternet Settings,ProxyServer = hideupv.univ-montp3.fr:3128
uInternet Settings,ProxyOverride = ;localhost;<local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Translate with &Babylon - d:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
IE: {{5CC384BB-1326-11D5-F4AE-00C04923F885} - c:\program files\Foreignword\Xanadu\XanaduLaunch.exe
Trusted Zone: localhost
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Jean-Louis\Application Data\Mozilla\Firefox\Profiles\onxyldj7.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\documents and settings\Jean-Louis\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

---- PARAMETRES FIREFOX ----
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-28 11:30:02
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????2?9?8?9??@???? ???B?????????????H<C? ??????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1200)
d:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\BRSS01A.EXE
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Fichiers communs\Seagate\Schedule2\schedul2.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Fichiers communs\NMSAccessU.exe
c:\program files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
c:\program files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
d:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Logitech\MouseWare\system\EM_EXEC.EXE
c:\program files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
d:\program files\SpywareGuard\sgbhp.exe
.
**************************************************************************
.
Heure de fin: 2009-02-28 11:34:57 - La machine a redémarré [Jean-Louis]
ComboFix-quarantined-files.txt 2009-02-28 10:34:54

Avant-CF: 12,347,535,360 octets libres
Après-CF: 12,317,417,472 octets libres

380 --- E O F --- 2009-02-27 07:58:34
0
Réponse 122 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
Oui utilises ccleaner

Ensuite repostes moi un Rsit
0
Réponse 123 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
Je sais pas ou est ta reponse?
0
Réponse 124 / 305
Capdec
 
La voici :)

Logfile of random's system information tool 1.05 (written by random/random)
Run by Jean-Louis at 2009-02-28 12:17:17
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 13 GB (33%) free of 40 GB
Total RAM: 1278 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:17, on 28/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
D:\Program Files\Seagate\Sync\SeaSyncServices.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
D:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Clavier+\Clavier.exe
D:\Program Files\SpywareGuard\sgmain.exe
D:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jean-Louis\Bureau\Outils Maintenance\RSIT.exe
D:\Program Files\Trend Micro\HijackThis\Jean-Louis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = hideupv.univ-montp3.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Babylon Client] D:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StxTrayMenu] "D:\Program Files\Seagate\SystemTray\StxMenuMgr.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [00PCTFW] "D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Range-Notes] C:\Program Files\Range-Notes\Range-Notes.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Clavier+] D:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Babylon.exe.lnk = D:\Program Files\Babylon\Babylon-Pro\Babylon.exe
O4 - Startup: SpywareGuard.lnk = D:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Translate with &Babylon - res://D:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - D:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - (no file)
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - D:\Program Files\Seagate\Sync\SeaSyncServices.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 125 / 305
Capdec
 
Et le reste :

info.txt logfile of random's system information tool 1.05 2009-02-28 12:06:33

======Uninstall list======

-->"C:\Program Files\Gran Diccionario de la Lengua Española\pop.exe" -q C:\WINDOWS\ISUN040A.EXE -f"C:\Program Files\Gran Diccionario de la Lengua Española\Uninst.isu"
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
123 Free Solitaire-->D:\PROGRA~1\123FRE~1\UNWISE.EXE D:\PROGRA~1\123FRE~1\INSTALL.LOG
7-Zip 4.59 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
ActivIcons version 3.20-->"C:\Program Files\ActivIcons\unins000.exe"
ActivIcons version 3.37-->"D:\Program Files\ActivIcons\unins000.exe"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AFPL Ghostscript 8.54-->D:\Program Files\gs\uninstgs.exe "D:\Program Files\gs\gs8.54\uninstal.txt"
AFPL Ghostscript Fonts-->D:\Program Files\gs\uninstgs.exe "D:\Program Files\gs\fonts\uninstal.txt"
Agfa ScanWise 1.60-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Agfa\ScanWise 1_60\uninst.isu" -c"C:\Program Files\Agfa\ScanWise 1_60\UNINSTALL.DLL"
AM-DeadLink 3.2-->"D:\Program Files\AM-DeadLink\unins000.exe"
Amic Email Backup v2.0-->"D:\Program Files\Amic Tools\Amic Email Backup\unins000.exe"
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
Arovax Shield 2.1.95-->C:\Program Files\Arovax Shield\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Atelier historique-->C:\WINDOWS\unin040c.exe -fc:\atelier\DeIsL1.isu -cc:\atelier\_ISREG32.DLL
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avant Browser (remove only)-->"D:\Program Files\Avant Browser\uninst.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Babelbox-->C:\Program Files\beon Widgets\Babelbox\uninst.exe
Babylon-->D:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe
Belarc Advisor 7.2-->C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG
Broadcom 802.11 Driver-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo
Bullzip PDF Printer 4.0.0.545-->"D:\Program Files\Bullzip\PDF Printer\unins000.exe"
Calendar v.4.0-->"D:\Program Files\Serge_LAGIER\Calendar\unins000.exe"
Cardiris-->C:\WINDOWS\IsUn040c.exe -fC:\Cardiris\Uninst.isu
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"D:\Program Files\CDBurnerXP\unins000.exe"
CDex 1.40 Fr [Extraction Audio]-->"C:\Program Files\CDex\uninstall.exe"
Cimaware OfficeFIX 6-->D:\Program Files\Cimaware\OfficeFix6\uninst.exe
Clavier+ 10.6.1-->"D:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Clavier+\unins000.exe"
Coloriage-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\Coloriage\UnInst.log" "/APPNAME=Coloriage"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Conexant AC-97 Audio-->CIAunwdm.exe
Conexant Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C\HXFSETUP.EXE -U -Ihpm30825.inf
Creative WebCam NX Driver (1.02.01.0827)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl
Dam 2.2-->"C:\Program Files\Dam22\unins000.exe"
DAZ|Studio 1.5.1.0-->C:\WINDOWS\unvise32.exe D:\Program Files\DAZ\Studio\DAZ Studio Uninstall.log
DeepBurner v1.8.0.224-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log"
Désinstaller Le Petit Robert de la langue française-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Le Robert\Le Petit Robert\Uninst.isu"
Dia (supprimer uniquement)-->C:\Program Files\Dia\dia-0.96.1-8-uninstall.exe
DICCIONARIO CLAVE-->C:\WINDOWS\DICCIONARIO CLAVE Uninstaller.exe
Diccionario de uso del Español Actual-->"C:\Program Files\sgel\diccionario\unins000.exe"
DRAE-->"C:\Program Files\DRAE\UninstallerData\Uninstall DRAE.exe"
DriveClone-->C:\Program files\Farstone\DClone\Uninstal.exe
DVD Flick 1.3.0.6-->"D:\Program Files\DVD Flick\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe"
Encyclopédie Hachette Multimédia (désinstallation)-->"C:\Program Files\Hachette\EHM\uninstall.exe"
Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
EVEREST Ultimate Edition v5.00-->"D:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
filehippo.com Update Checker-->"D:\Program Files\filehippo.com\uninstall.exe"
FileZilla Client 3.2.2.1-->D:\Program Files\FileZilla FTP Client\uninstall.exe
Folder Marker Pro v 2.0-->"C:\Program Files\Folder Marker\unins000.exe"
FotoSketcher - Version 1.81-->"D:\Program Files\FotoSketcher\unins000.exe"
FotoTagger 2.7.0.1-->D:\Program Files\FotoTagger\uninst.exe
FreeAgent Go Tools-->C:\Program Files\InstallShield Installation Information\{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}\setup.exe -runfromtemp -l0x040c
FreeCommander 2008.06a-->"D:\Program Files\FreeCommander\unins000.exe"
FreeOCR.net-->"C:\WINDOWS\FreeOCR.net Uninstaller.exe"
FreshUI-->"C:\Program Files\FreshDevices\FreshUI\unins000.exe"
Gabbasoft Cube Demo-->MsiExec.exe /X{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}
GCompris (supprimer uniquement)-->C:\Program Files\Gcompris\gcompris-uninst.exe
GéoKid-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\GéoKid\UnInst.log" "/APPNAME=GéoKid"
GIMP 2.4.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Glary Utilities 2.11.0.638-->"D:\Program Files\Glary Utilities\unins000.exe"
GoodFrame-->"D:\Program Files\FDSoftware\GoodFrame\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GraphCalc v4.0.1-->"D:\Program Files\GraphCalc\unins000.exe"
GTK+ 2.10.6-1 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\setup\unins000.exe"
Harrap's Shorter-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Harrap's Multimédia\Shorter\Uninstharraps.isu" -c"C:\Program Files\Harrap's Multimédia\Shorter\_UnInstall.dll"
HD Tune 2.55-->"D:\Program Files\HD Tune\unins000.exe"
HijackThis 2.0.2-->"D:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Wireless Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x40c
HTML Shrinker Light-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\SHRI_LIT.INF, DefaultUninstall.ntx86
Icon Collector Version 1.3-->"C:\WINDOWS\UNISTB32.EXE" /U "D:\Program Files\IconColl\UNINST0.000" "D:\Program Files\IconColl\UNINST1.000"
IE Favoris Export version 1.0-->"C:\Program Files\IEFavorisExport10\unins000.exe"
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
IMG-TXT 5-->"D:\Program Files\IMG-TXT 5\uninstall.exe"
iPuissance 4D-->C:\Program Files\iPuissance 4D\Uninst.exe
Irregular Verbs 2.0-->D:\Program Files\Irregular Verbs\Uninstal.exe
IsoBuster 2.0-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
i-TimTel-->"C:\WINDOWS\gotouninstall.exe" "C:\Program Files\i-TimTel\GOTOUNINSTALL.INI"
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
JAlbum 7.3-->D:\Program Files\JAlbum7.3\Uninstall.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kikoo-->D:\Program Files\Kikoo\Uninstal.exe
la version 0.95.00 du 20 Février 2008, configurée pour la maiso-->"D:\Program Files\7x8\unins000.exe"
Larousse Diccionario Francés - Español-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72E2470C-C387-4C15-91B2-012DDF71A466}\Setup.exe" -l0xa
Le Petit Robert 2007-->MsiExec.exe /I{DEDF46CC-CF38-4790-872B-FA6DC6B8C517}
Le Petit Robert 2009-->"D:\Program Files\Le Robert\Le Petit Robert 2009\Uninstall.exe"
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LedRenommer 1.4.1-->"D:\Program Files\LED\LedRenommer\unins000.exe"
Les départements français-->"C:\Program Files\GEOGRAPHIE\FRANCE\uninstall.exe"
Lexibase Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22AE875F-B8B3-46AF-856C-CE858538D912}\setup.exe" -l0x40c
Lines95 3.2e-->"D:\Program Files\Lines95\unins000.exe"
Lingo-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Lingo\ST6UNST.LOG"
Logiciel iTouch de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x40c UNINSTALL
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Logitech MouseWare 9.79 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
Lupas Rename 2000 v5.0 Release-->"D:\Program Files\Lupas Rename 2000\unins000.exe"
Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash Player 8-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Maxthon2 Browser (remove only)-->D:\Program Files\Maxthon2\MaxthonUINST.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Baseline Security Analyzer 2.0.1-->MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
mks_vir - online scanner-->C:\WINDOWS\system32\SkanerOnlineUninstall.exe
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mon Encyclopédie des Sciences-->D:\Program Files\DK\Become a Science Explorer\_uninst\uninstaller.exe
Mots Cachés 2.0-->"C:\Program Files\MotsCachés 2.0\unins000.exe"
MozBackup 1.4.7-->"C:\Program Files\MozBackup\unins000.exe"
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multi Virus Cleaner 2008-->"D:\Program Files\AxBx\Multi Virus Cleaner 2008\unins001.exe"
MySQL Server 5.0-->MsiExec.exe /I{56A36E76-B35F-4453-B899-9B2190A7B500}
Nero 7-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
News Interceptor 3-->"C:\Program Files\News Interceptor 3\Uninstall.exe"
nLite 1.4 RC2-->"C:\Program Files\nLite\unins000.exe"
Numedia CD-DVD writing as non-admin user-->MsiExec.exe /X{94056AE8-EF0F-45E4-A1B4-D754115F8A28}
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
o_Solitaire désinstallation-->"C:\Program Files\olibul\unins000.exe"
OLYMPUS Master 2-->MsiExec.exe /X{0815D55A-5EFF-4E1B-8C04-7035E914D90D}
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Opera 9.61-->MsiExec.exe /X{F8CCEF4F-6EEF-4B81-B70D-821E72451D93}
Paint.NET v3.20-->MsiExec.exe /X{C1CAAF9E-2A80-4AD0-8D9A-B4327966249F}
Panneau de contrôle ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
PC Confidential 2008-->"C:\Program Files\Winferno\PC Confidential\unins000.exe"
PC SECURITY TEST 2008-->"D:\Program Files\AxBx\PC Security Test 2008\unins000.exe"
PC Tools Firewall Plus 5.0-->D:\Program Files\PC Tools Firewall Plus\unins000.exe /LOG
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Petit Larousse 2007-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1444B13F-B744-4624-9695-D9E6471817B1}\Setup.exe" -l0x40c
Photo To Sketch 3.51-->"C:\Program Files\Photo To Sketch\unins000.exe"
PhotoFiltre-->"D:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Pixia 3.3b-->"D:\Program Files\Seagrand\Pixia\unins000.exe"
Pluslong-->C:\Program Files\Le mot le plus long\uninstall.exe
PSPad editor-->"D:\Program Files\PSPad editor\Uninst\unins000.exe"
QI98 - Edition 2006-->C:\WINDOWS\st6unst.exe -n "D:\QI98\ST6UNST.LOG"
Quick Launch Buttons 5.10 A2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x40c -uninst
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RaimaRadio 1.4-->"D:\Program Files\RaimaRadio\unins000.exe"
Range-Notes 5.1-->"C:\Program Files\Range-Notes\unins000.exe"
Rapide Créateur D'Icône 5.1-->"C:\Program Files\Rapide Créateur D'Icône\uninstall.exe"
RapidTyping-->"C:\Program Files\RapidTyping\Uninstall.exe"
Readiris-->C:\WINDOWS\ISUN040A.EXE -fC:\Readiris\Uninst.isu -cC:\Readiris\delcache.dll
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
Recuva (remove only)-->"D:\Program Files\Recuva\uninst.exe"
Registry Mechanic 6.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
RepareOE-->D:\Program Files\RepareOE\uninstall.exe
Rep-Listing-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{887EF08A-011E-477C-B6CB-01E540538ADB}\setup.exe" -l0x40c -removeonly
RogueRemover 1.20-->C:\Program Files\RogueRemover\uninst.exe
Roxio Creator 8 Suite Home-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
Roxio Easy Media Creator 8 Suite-->MsiExec.exe /I{868901EE-7807-4F89-A134-7C705D34F91F}
SaveOE-->D:\Program Files\SaveOE\uninstall.exe
Scribus 1.3.3.9-->D:\Program Files\Scribus 1.3.3.9\uninst.exe
SDL Trados 2006 Freelance-->MsiExec.exe /I{010E52FC-DF6A-4E1A-84F4-9AB41DC9653B}
Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP E:\
Simple Sudoku 4.2-->"C:\Program Files\Simple Sudoku\unins000.exe"
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartDraw 7-->C:\PROGRA~1\SMARTD~1\UNWISE.EXE C:\PROGRA~1\SMARTD~1\INSTALL.LOG
SnIco Edit 2.2-->"C:\Program Files\SnIco Edit\unins000.exe"
Softi FreeOCR-->MsiExec.exe /I{ABBACAD2-4DAF-490E-932B-E330B33FCF98}
Solone-->"C:\Program Files\Solone\unins000.exe"
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
SpywareBlaster 4.1-->"D:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2-->"D:\Program Files\SpywareGuard\unins000.exe"
S-Tris 2 PC-->"D:\Program Files\Elements Interactive\S-Tris2\unins000.exe"
StudioLine Photo Basic-->D:\Program Files\StudioLine Photo Basic\SLUninst.exe
SUPER © Version 2008.bld.30 (Mar 22, 2008)-->D:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Super Mastermind-->C:\Program Files\Super Mastermind\Uninstal.exe
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Suppress plus 1.8-->"C:\Program Files\splus\unins000.exe"
Switch-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
TchecMeet-->C:\Program Files\TchecMeet\Uninstal.exe
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C569D686-A444-4AF0-A437-15CBB2816E34}
TomCat Soft : Le Pendu-->"C:\Program Files\TomCat Soft\Le Pendu\unins000.exe"
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
TurboCalc Light v.2.9.60-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\TurboCalc Light v.2.9.60\ST6UNST.LOG"
Tux of Math Command (remove only)-->"D:\Program Files\TuxMath\uninstall.exe"
Tux Paint 0.9.18-->"C:\Program Files\TuxPaint\unins000.exe"
VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VirusTotal Uploader-->"D:\Program Files\VirusTotalUploader\uninstall.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VPN Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall
VSO Image Resizer 1.3.4d-->"C:\Program Files\VSO\Image Resizer\unins000.exe"
Vuze-->D:\Program Files\Azureus\uninstall.exe
Warning Banner Creator-->"C:\Program Files\Warning Banner Creator\Uninstall Warning Banner Creator.exe"
WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Winferno Registry Power Cleaner-->"C:\Program Files\Winferno\RegistryPowerCleaner\unins000.exe"
WinHTTrack Website Copier 3.42-3-->"C:\Program Files\WinHTTrack\unins000.exe"
winLAME prerelease3-->MsiExec.exe /I{D54B8695-1F1F-4856-9B1D-1678B242DF27}
Xanadu-->C:\WINDOWS\unvise32.exe C:\Program Files\Foreignword\Xanadu\uninstal.log
Xenu's Link Sleuth-->"D:\Program Files\Xenu\unins000.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XnView 1.91.6-->"D:\Program Files\XnView\unins000.exe"
xplorer² lite-->"C:\Program Files\zabkat\xplorer2_lite\Uninstall.exe"
ZikiTranslator 1.3.4a-->D:\Program Files\ZikiTranslator\uninst.exe

=====HijackThis Backups=====

R3 - Default URLSearchHook is missing
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) -
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

======Security center information======

AV: Avira AntiVir PersonalEdition Classic
FW: PC Tools Firewall Plus (disabled)

System event log

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NMIndexingService.

Record Number: 4629
Source Name: Service Control Manager
Time Written: 20090211095815.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

Record Number: 4628
Source Name: Service Control Manager
Time Written: 20090211095737.000000+060
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

Record Number: 4627
Source Name: Service Control Manager
Time Written: 20090211095717.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 4626
Source Name: Service Control Manager
Time Written: 20090211095717.000000+060
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 7036
Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution.

Record Number: 4625
Source Name: Service Control Manager
Time Written: 20090211095713.000000+060
Event Type: Informations
User:

Application event log

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 7071
Source Name: RoxLiveShare
Time Written: 20081024093422.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 7070
Source Name: RoxLiveShare
Time Written: 20081024093422.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 7069
Source Name: RoxSniffer
Time Written: 20081024093419.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur HP-BARREAU\Jean-Louis alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 7068
Source Name: Userenv
Time Written: 20081023193802.000000+120
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 1524
Message: Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé.



Record Number: 7067
Source Name: Userenv
Time Written: 20081023193756.000000+120
Event Type: Avertissement
User: HP-BARREAU\Jean-Louis

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared;C:\Program Files\ATI Technologies\ATI Control Panel
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"LANG"=fr
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\Roxio Central\

-----------------EOF-----------------
0
Réponse 126 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
--> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:files
C:\WINDOWS\fdsv.exe
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1532298954-682003330-1004.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\Program Files\AskBardis




:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 127 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
Relances Hijack this "do a scan only",puis coches les cases des lignes ci dessous et ensuite clique sur fix

R3 - Default URLSearchHook is missing
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) -
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - (no file)

Repostes moi un hijack this seul
0
Réponse 128 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
bon,on avance,fais la procedure hijack this
0
Réponse 129 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
Tu es la?
0
Réponse 130 / 305
Utilisateur anonyme
 
Excuse-moi... j'étais allé manger.

J'ai fait Hijack this "do a scan only" et bizarrement je n'ai trouvé que 3 ligner à fixer. Les voici :

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - (no file)

Que faire maintenant ?
0
Réponse 131 / 305
Utilisateur anonyme
 
Je suis prêt. Preparado... ¡Al ataque!
0
Réponse 132 / 305
Utilisateur anonyme
 
J'ai refait un hijack this seul...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:13, on 28/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
D:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Seagate\SystemTray\StxMenuMgr.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe
D:\Program Files\Seagate\Sync\SeaSyncServices.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Range-Notes\Range-Notes.exe
C:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Clavier+\Clavier.exe
D:\Program Files\Babylon\Babylon-Pro\Babylon.exe
D:\Program Files\SpywareGuard\sgmain.exe
D:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jean-Louis\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = hideupv.univ-montp3.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Babylon Client] D:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StxTrayMenu] "D:\Program Files\Seagate\SystemTray\StxMenuMgr.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [00PCTFW] "D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Range-Notes] C:\Program Files\Range-Notes\Range-Notes.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Clavier+] D:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Babylon.exe.lnk = D:\Program Files\Babylon\Babylon-Pro\Babylon.exe
O4 - Startup: SpywareGuard.lnk = D:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Translate with &Babylon - res://D:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - D:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - D:\Program Files\Seagate\Sync\SeaSyncServices.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
0
Réponse 133 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
C'est pas bizarre pour les lignes (car elle etaient verrolés,elles ont ete virés par ot move it).

J'analyse le nouveau hijack this et te donnes la suite de la procedure
0
Réponse 134 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
Tu as 3 antivirus

Supprimes Panda

http://www.pandasecurity.com/france/homeusers/support/troubleshooter/nh-PAV2008FW/06card_41209.htm

Supprimes

C:\Program Files\Norton Security Scan


C'est toi qui a installé ce programme?

C:\Program Files\Winferno
0
Réponse 135 / 305
Utilisateur anonyme
 
Je pensais n'avoir qu'Antivir... Je supprime Panda et je t'attends.
0
Réponse 136 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
Attente Reponse

C'est toi qui a installé ce programme?

C:\Program Files\Winferno
0
Réponse 137 / 305
Utilisateur anonyme
 
Je n'ai aucune idée quant à l'origine de ce C:\Program Files\Winferno.
0
Réponse 138 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
As tu comme logiciel antimalware,le logiciel adware?
0
Réponse 139 / 305
Utilisateur anonyme
 
Je pense que tu veux parler d'Adaware. Je l'avais, et je l'ai désinstallé...
0
Réponse 140 / 305
loloetseb Messages postés 5508 Date d'inscription   Statut Membre Dernière intervention   174
 
---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:files
C:\Program Files\Free Offers from Freeze.com
C:\Program Files\Winferno
C:\Program Files\Wyyo
C:\Documents and Settings\All Users\Application Data\Wyyo

C:\Documents and Settings\All Users\Application Data\NortonInstaller


:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]



:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
message de postmaster incessant !
wasap -
wasap -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses