Pub, antivirus, chargement de pages inconnu

Résolu
Jejebond Messages postés 21 Statut Membre -  
Jejebond Messages postés 21 Statut Membre -
Bonjour,

Depuis quelque jour mon PC commence à déconner de tout les cotés. Voici une liste de tout mes problèmes:
-Certaine pages sont longues à charger
-Ouverture de Pub dans une nouvelle fenêtre nommés: "Advertissement"
-Lors de certain click je me retrouve soit sur une page non demandé soit sur la page d'acceuille Google.
-Tout mes antivirus/spy ne veulent se mettre à jour.

J'ai fait un scan Ad aware+ Antivir en mod sans echec et cela n'a pas changé.

Voici le rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:17:34 PM, on 2/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Thomson multimedia\USB Audio System\cs580.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ThomsonUSBAudioSystemRemote] "C:\Program Files\Thomson multimedia\USB Audio System\cs580.exe"
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [RealtekAC] C:\WINDOWS\system32\RealtekAC.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.22\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15031/CTSUEng.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D34AE66-F94C-4E65-A160-72944BB146AC}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FFDF581-2960-4547-9B01-F4E63A66A892}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{68DE324A-5AFD-4074-84AC-D2ACDF80CD4D}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{80842673-D1B4-45C1-BE39-312B15CCD48F}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{88DED9FC-D174-4FEE-BFB4-EBFD337DA283}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{A30A3130-A03D-4CB1-B31C-E8708D55A4FF}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{BBB9B419-0B5F-4BB0-A40E-076EFE9F0403}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{C55349B4-EDEE-45E3-B14B-CE5B3B2FD93A}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCEE7C38-914F-44CF-945D-1F63C1A77506}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9FAA2C8-D95F-4B34-96D5-DC36FF266917}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF66980A-813E-41A5-BA83-E7FCD6690289}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF9AF06A-A9BD-4CDF-A1A7-E6F19E13B918}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D34AE66-F94C-4E65-A160-72944BB146AC}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{0D34AE66-F94C-4E65-A160-72944BB146AC}: NameServer = 85.255.114.51,85.255.112.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FanSpeedNT Service - Unknown owner - J:\Fichiers\Overclock\Fanspeed\fanspeedNT.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 14200 bytes
Configuration: Windows XP SP3
Anti virus: Antivir
Anti Spy: Ad aware
Firefox 3.0.6

28 réponses

  • 1
  • 2
  1. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Salut,

    ---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
    ---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
    ---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
    ---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
    ---> Sélectionne Exécuter un examen rapide.
    ---> Clique sur Rechercher. L'analyse démarre.

    A la fin de l'analyse, un message s'affiche :

    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

    ---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
    ---> Ferme tes navigateurs.
    Si des malwares ont été détectés, clique sur Afficher les résultats.
    ---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
    ---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    0
  2. Jejebond Messages postés 21 Statut Membre
     
    Voila le log, par contre impossible de faire une MAJ de MBAM^^

    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1654
    Windows 5.1.2600 Service Pack 3

    2/10/2009 4:49:17 PM
    mbam-log-2009-02-10 (16-49-17).txt

    Type de recherche: Examen rapide
    Eléments examinés: 69541
    Temps écoulé: 7 minute(s), 9 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 37
    Dossier(s) infecté(s): 3
    Fichier(s) infecté(s): 9

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\RealtekAC (Backdoor.Bot) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0d34ae66-f94c-4e65-a160-72944bb146ac}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2ffdf581-2960-4547-9b01-f4e63a66a892}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{68de324a-5afd-4074-84ac-d2acdf80cd4d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{80842673-d1b4-45c1-be39-312b15ccd48f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{88ded9fc-d174-4fee-bfb4-ebfd337da283}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a30a3130-a03d-4cb1-b31c-e8708d55a4ff}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bbb9b419-0b5f-4bb0-a40e-076efe9f0403}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c55349b4-edee-45e3-b14b-ce5b3b2fd93a}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ccee7c38-914f-44cf-945d-1f63c1a77506}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d9faa2c8-d95f-4b34-96d5-dc36ff266917}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ef66980a-813e-41a5-ba83-e7fcd6690289}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ff9af06a-a9bd-4cdf-a1a7-e6f19e13b918}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0d34ae66-f94c-4e65-a160-72944bb146ac}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2ffdf581-2960-4547-9b01-f4e63a66a892}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{68de324a-5afd-4074-84ac-d2acdf80cd4d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{80842673-d1b4-45c1-be39-312b15ccd48f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{88ded9fc-d174-4fee-bfb4-ebfd337da283}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{a30a3130-a03d-4cb1-b31c-e8708d55a4ff}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{bbb9b419-0b5f-4bb0-a40e-076efe9f0403}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{c55349b4-edee-45e3-b14b-ce5b3b2fd93a}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ccee7c38-914f-44cf-945d-1f63c1a77506}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{d9faa2c8-d95f-4b34-96d5-dc36ff266917}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ef66980a-813e-41a5-ba83-e7fcd6690289}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ff9af06a-a9bd-4cdf-a1a7-e6f19e13b918}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{0d34ae66-f94c-4e65-a160-72944bb146ac}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{2ffdf581-2960-4547-9b01-f4e63a66a892}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{68de324a-5afd-4074-84ac-d2acdf80cd4d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{80842673-d1b4-45c1-be39-312b15ccd48f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{88ded9fc-d174-4fee-bfb4-ebfd337da283}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{a30a3130-a03d-4cb1-b31c-e8708d55a4ff}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{bbb9b419-0b5f-4bb0-a40e-076efe9f0403}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{c55349b4-edee-45e3-b14b-ce5b3b2fd93a}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{ccee7c38-914f-44cf-945d-1f63c1a77506}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{d9faa2c8-d95f-4b34-96d5-dc36ff266917}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{ef66980a-813e-41a5-ba83-e7fcd6690289}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{ff9af06a-a9bd-4cdf-a1a7-e6f19e13b918}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.51,85.255.112.8 -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\data (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\XP_AntiSpyware\comp.dat (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\XP_AntiSpyware\data\daily.cvd (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\tempo-69.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\tempo-567.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\tempo-8B3.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\tempo-E85.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\tempo-FD3.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\WINDOWS\explorer.vbk (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
    0
  3. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Et maintenant que tu as supprimé des infections, tu peux faire la mise à jour de MBAM ?
    0
  4. Jejebond Messages postés 21 Statut Membre
     
    Toujours pas... et à mon avis ce n'est pas un problème de routeur.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    - Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

    - Double-clique sur RSIT.exe afin de lancer le programme.

    - Clique sur Continue à l'écran Disclaimer.

    - Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    - Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
    0
  7. Jejebond Messages postés 21 Statut Membre
     
    INFO.TXT

    info.txt logfile of random's system information tool 1.05 2009-02-10 17:21:08

    ======Uninstall list======

    -->"C:\Program Files\Creative Installation Information\CD_RIPPER_UNICODE_2\Setup.exe" /remove /l0x040c
    -->"C:\Program Files\Creative Installation Information\CREATIVE_SYNC_MANAGER_U\Setup.exe" /remove /l0x040c
    -->"C:\Program Files\Creative Installation Information\CREATIVE_VIDEO_CONVERTER\Setup.exe" /remove /l0x040c
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    3DMark05-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}\setup.exe" -l0x9 -removeonly
    3DMark06-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
    Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
    Adobe Reader 7.0.9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
    Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
    adsl TV-->C:\Program Files\adslTV\Uninstal.exe
    AGEIA PhysX Unreal Tournament 3 Mods-->MsiExec.exe /X{F3D27930-B9DE-44A5-AA0B-006471E0EA23}
    AirMAPS-->J:\Jeux PC\EA GAMES\Battlefield 2\Uninstal_airmapsv6.exe
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    arniWORX awxDTools - Daemon-Tools ShellExtension - 1.0.6.0-->"C:\Program Files\DAEMON Tools\unins000.exe"
    ASUS DH Remote-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34A0AF85-C323-4867-8AA3-00A3E5A7A12B}\Setup.exe" -l0x40c
    ASUS GameFace Library-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{92B07938-0550-4937-9447-E0ECC04AB99D}
    ASUS GameLiveShow-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{04726714-8286-43B8-AFD6-2DF92EC49995}
    ASUS SmartDoctor-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{12E11FBB-7CA6-4A86-834D-5E6390D51009} /l1036
    ASUS Utilities-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{43C67D92-F56E-4729-8673-9A2D5A6036F8} /l1036
    ASUS VideoSecurity Online-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7A529246-912F-4C40-A82A-E608DB702FD7}
    ASUS WiFi-AP Solo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B3F4499-32E6-470D-8586-E6C03420F889}\Setup.exe" -l0x9 REMOVE
    AsusUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x40c
    AudibleManager-->C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
    Audiosurf Demo-->"J:\Jeux PC\Steam\steam.exe" steam://uninstall/12910
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
    Badaboom 1.1.0.132-->C:\Program Files\Badaboom\uninst.exe
    Batch Compiler 3.1.2-->"C:\Program Files\Batch Compiler\unins000.exe"
    Battlefield 2 : Forces Spéciales-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{50D4CB89-AF34-4978-96DC-C3034062E901}\setup.exe" -l0x40c -removeonly
    Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x40c -removeonly
    Beyond the Red Line-->C:/Program Files/BtRL/Demo/uninstall.exe
    BitTorrent 5.0.9-->"C:\Program Files\BitTorrent\uninstall.exe"
    BlazeDVD 4.0 Professional-->"C:\Program Files\BlazeVideo\BlazeDVD 4 Professional\unins000.exe"
    BSG-Galactica Client mod-->C:\Program Files\Microsoft Games\Freelancer\Freelancer Mod Manager\mods\BSGMOD1.68\Uninstal.exe
    BT Softphone 2-->MsiExec.exe /X{1a716211-cdb0-4c53-a602-51f18bacafb8}
    Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
    CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
    CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
    Client Windows Rights Management avec Service Pack 2-->MsiExec.exe /X{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
    Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
    Creative ZEN-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B2DBF55-05D4-4072-87D8-689141E262BD}\SETUP.EXE" -l0x40c /remove
    CryEngine(R)2 Sandbox(TM)2-->MsiExec.exe /I{7E4B7FD9-4ECE-4298-A910-3160B7918059}
    Crysis WARHEAD(R)-->"C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
    Crysis WARHEAD(R)-->C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
    Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
    Dark Messiah -->C:\Program Files\InstallShield Installation Information\{A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}\setup.exe -runfromtemp -l0x040c -removeonly
    Day of Defeat: Source-->MsiExec.exe /I{7E18C9F0-1262-4AF6-AC3D-9CB1EBF54772}
    Démo de Battlefield 2142-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD347316-609E-4149-983C-84B40338D38A}\setup.exe" -l0x40c -removeonly
    DH Driver Cleaner Professional Edition-->C:\Program Files\Driver Cleaner Pro\Uninstall.exe
    DiscAPI (Studio 10)-->MsiExec.exe /X{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Dream Experimental v0.5-->"C:\Program Files\Electronic Arts\Crytek\Crysis\Game\Levels\DreamExperimental\unins000.exe"
    EA Download Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1033
    EasyPHP 1.8-->"C:\Program Files\EasyPHP1-8\unins000.exe"
    EasyRecovery Professional Essai-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A45F4518-0DC7-474A-BBE1-F04CC2D6FD93} /l1036
    Eternal Silence Beta 2.0-->j:\jeux pc\steam\SteamApps\SourceMods\esmod\uninst.exe
    EVEREST Ultimate Edition v3.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
    EZ-Backup Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DA0047C-2F99-4FE6-ADCB-B08208101E22}\setup.exe" -l0x9 -removeonly
    Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0009 -removeonly
    Far Cry-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} /l1036
    FarCry AMD64 ECU for x32 Edition-->J:\Jeux PC\Ubisoft\Crytek\Far Cry\Uninstall x64ECU.exe
    FFaCry 3-->J:\Jeux PC\Ubisoft\Crytek\Far Cry\Mods\FFaCry-Mod\Uninstal.exe
    ffdshow [rev 2322] [2008-11-14]-->"C:\Program Files\ffdshow\unins000.exe"
    FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"
    FLSMClient-->MsiExec.exe /I{A9B287B0-F939-4538-9C14-CC5F3EA93D83}
    FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe"
    Folding@Home-->C:\WINDOWS\system32\GKSUI18.EXE C:\Program Files\Folding@Home\Uninstall33D1.DAT
    Fraps (remove only)-->"C:\Fraps\uninstall.exe"
    Free Download Manager 2.5-->"C:\Program Files\Free Download Manager\unins000.exe"
    Freelancer-->"C:\Program Files\Microsoft Games\Freelancer\UNINSTAL.EXE" /runtemp /addremove
    Frets on Fire MFH Mod v3.017-->"C:\Program Files\Frets on Fire\unins000.exe"
    Frets On Fire-->"C:\Program Files\Frets on Fire\Uninstall.exe"
    Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
    GameFace Messenger-->C:\WINDOWS\iun6002.exe "C:\Program Files\GameFace Messenger\irunin.ini"
    GCFScape 1.6.4-->"C:\Program Files\GCFScape\unins000.exe"
    GConvert-->MsiExec.exe /I{C26F02EE-CDD1-47A6-A0EF-ECE8D162EDF2}
    GetDataBack for FAT-->"C:\Program Files\Runtime Software\GetDataBack\Uninstall.exe" "C:\Program Files\Runtime Software\GetDataBack\install.log" -u
    GetDataBack for NTFS-->"C:\Program Files\Runtime Software\GetDataBack for NTFS\Uninstall.exe" "C:\Program Files\Runtime Software\GetDataBack for NTFS\install.log" -u
    Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
    GRID-->"C:\Program Files\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x040c -removeonly
    GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
    GTR 2 1.0.0.0-->"J:\Jeux PC\GTR2\Support\unins000.exe"
    GUILD WARS-->"J:\Jeux PC\GUILD WARS\Gw.exe" -uninstall
    Half-Life(R) 2-->MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
    Hamachi 1.0.3.0-->C:\Program Files\Hamachi\uninstall.exe
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Homeworld 2 Battlestar Galactica Fleet Commander-->C:\Program Files\Sierra\Homeworld2\hw2bsg-v.0.4.3-win-uninstall.exe
    Homeworld2-->C:\Program Files\Sierra\Homeworld2\uninstall.exe
    Hotfix 2050 for SQL Server 2000 ENU (KB948110)-->"C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$\spuninst\spuninst.exe"
    Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
    IONCROSS Freelancer Character Editor-->"C:\Program Files\IONCROSS Freelancer Character Editor\uninstall.exe"
    IONCROSS Freelancer Server Operator-->"C:\Program Files\IONCROSS Freelancer Server Operator mk.V.1\uninstall.exe"
    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
    iWizz-->C:\Program Files\iWizz\uninstall.exe
    J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
    J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LibUSB-Win32-0.1.10.1-->"C:\Program Files\LibUSB-Win32-0.1.10.1\unins000.exe"
    Logitech Communications Manager-->MsiExec.exe /I{BD202930-5F70-4B35-B875-1E28604F328D}
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL
    Logitech Gaming Software 5.02-->MsiExec.exe /X{64B20B36-AEE7-4DD4-897C-C5DA5C218F60}
    Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly
    LOST PLANET TRIAL DX9-->MsiExec.exe /X{729F9233-40C5-41C6-A271-E09A9337D0C9}
    LucasArts' X-Wing Alliance-->C:\WINDOWS\uninst.exe -f"C:\Program Files\LucasArts\XWingAlliance\DeIsL1.isu"
    m0d_s0beit_3.4-->"C:\Documents and Settings\JEREMY\Bureau\Nouveau dossier\GTA San Andreas\Uninstall s0beit 3.4 mod"
    Ma-Config.com plugin-->MsiExec.exe /I{6F06A42D-525C-49ED-8622-E16790956CD8}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
    Mental Motions Pencil Box Deluxe-->"C:\WINDOWS\psuninst2.exe" "C:\Program Files\Microsoft ActiveSync\Pencil Box Deluxe\uninst.dat"
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Metro-->C:\Program Files\Microsoft ActiveSync\Metro\Uninstall.exe Metro
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
    Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
    Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
    Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
    Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
    Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Flight Simulator X-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F535B2CF-C9BB-4162-B03A-02D6971F32CC}
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
    Microsoft WinUsb 1.0-->"C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 - fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
    Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (2.0.0.0)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Multimedia Combo Set-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6206FD57-3E60-4A52-AD1B-7D9F7BA2777E}
    Navilog1 3.7.1-->"C:\Program Files\Navilog1\unins000.exe"
    Need for Speed™ Carbon-->J:\Jeux PC\Electronic Arts\Need for Speed Carbon\EAUninstall.exe
    Nero 7 Ultra Edition-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
    Nokia PC Connectivity SDK 3.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{D2BAD7A0-610B-4691-A054-D8A9F15FF708} /l1036
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA nTune-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1033
    NVIDIA PhysX Particle Fluid Demo-->MsiExec.exe /I{8CA53298-AB86-49C7-8040-D5E7BA2F703A}
    NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
    O&O Defrag Agent-->MsiExec.exe /I{0749CB55-8676-4071-A3D6-6DDE7E94764F}
    O&O Defrag Professional Edition-->MsiExec.exe /I{E6CB18CD-04EF-4C6A-A5F3-5F49E7332895}
    ObjectDock Plus-->C:\PROGRA~1\Stardock\OBJECT~1\objectdock.exe /uninstall
    ObjectDock-->C:\PROGRA~1\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\INSTALL.LOG
    Oblivion - TweakOblivion 2.85-->"C:\Program Files\TweakOblivion\unins000.exe"
    Oblivion mod manager 0.9.8-->"C:\Program Files\Bethesda Softworks\Oblivion\obmm\uninstall\unins000.exe"
    Oblivion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly
    OpenAL-->"C:\Program Files\OpenAL\OalinstGridRelease.exe" /U
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
    OrphansRemover version 1.8.9.36-->"C:\Program Files\OrphansRemover\unins000.exe"
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    Package de pilotes Windows - Sony PSP Type B (11/20/2005 20051120)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\psp_87D46C3F73EF6B7F5CD27D922EEE14783E1AD3BF\psp.inf
    PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
    PC Probe II-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x40c
    PC Suite pour Nokia 6600-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{624499AB-179E-4659-9760-C1EB38BC212E}\Setup.exe" -l0x40c anything
    Perfect Dark: Source Beta 1.1730-->"j:\jeux pc\steam\SteamApps\SourceMods\pdark\unins000.exe"
    PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    PhysX Screen Saver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{300A470B-681B-449F-82AE-6D19114702CE}\Setup.exe" -l0x9
    Pirates, Vikings and Knights II Beta 1.0-->j:\jeux pc\steam\SteamApps\SourceMods\pvkii\uninst.exe
    Power Video Downloader-->"C:\WINDOWS\Power Video Downloader\uninstall.exe" "/U:C:\Program Files\Power Video Downloader\Uninstall\uninstall.xml"
    PS3 Video 9 2.15-->C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
    PS3.ProxyServer-->MsiExec.exe /I{FE4086E1-FA7F-4A7A-8FC5-061337B5787E}
    PSP Brew 0.90-->"C:\Program Files\PSP Brew\unins000.exe"
    PSP Video 9 1.74-->C:\Program Files\pspvideo9\uninst.exe
    PSPGen Personal Media Manager 2.93-->C:\Program Files\Personal Media Manager\Uninstal.exe
    PSPGen Personal Media Manager 2.94-->C:\Program Files\Personal Media Manager\Uninstal.exe
    PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    RAPID (Studio 10)-->MsiExec.exe /X{EEECE229-49F6-4851-A73A-99B058221F8C}
    RapidDowner-->MsiExec.exe /I{0E6FA04E-F796-459B-A3B2-686953A8F934}
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
    Retrospect 7.5-->MsiExec.exe /I{92596597-71B3-4608-8628-AD48F2664EB9}
    Revenge Of The Sith: Battle Over Coruscant-->C:\Program Files\LucasArts\XWingAlliance\Uninstall ROTSBOC.exe
    Rise of Kobol Alpha .6-->C:\Program Files\EA GAMES\Battlefield 2\mods\RoK\RoK Uninstal.exe
    SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
    San Andreas Mod Installer-->"C:\WINDOWS\San Andreas Mod Installer\uninstall.exe" "/U:J:\Jeux PC\San Andreas Mod Installer\Uninstall\uninstall.xml"
    save2pc Pro 3.31-->"C:\Program Files\FDRLab\save2pc\unins000.exe"
    Sgc 3D Simulator 1.5-->"C:\Program Files\sgc_3d_sim\unins000.exe"
    SGCSim v5.1.0-->MsiExec.exe /I{BF926BD5-83E9-417F-BC56-1AC181A13168}
    Simple DNS Plus-->MsiExec.exe /X{6BA25419-75B0-4091-93DB-E6ECEE517CB1}
    SixaxisDriver 0.91-->"C:\Program Files\SixaxisDriver\unins000.exe"
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Skype™ for Windows Mobile 2.5-->"C:\Program Files\Microsoft ActiveSync\Skype for Windows Mobile\unins000.exe"
    SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
    Smoke demo by NVIDIA (remove only)-->"C:\Program Files\NVIDIA Corporation\NVidia Demos\Smoke\uninstall.exe"
    SOFTIMAGE®|XSI® 4.2 ModTool-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Softimage\XSI_4.2_ModTool\Setup\setup.exe"
    Source SDK Base - Orange Box-->"J:\Jeux PC\Steam\steam.exe" steam://uninstall/218
    SP2 de compatibilité descendante du client Windows Rights Management-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
    SpeechRedist-->MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
    Star Wars Battlefront II-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x40c -removeonly
    StargateTC-->j:\jeux pc\steam\steamapps\jejebond_60@hotmail.com\half-life\stargatetc\Uninstall.exe
    StargateTC2-->"j:\jeux pc\steam\SteamApps\SourceMods\stargatetc2\desinstall-sgtc2b1.exe"
    StartMenuLSTRemover-->C:\Program Files\StartMenuLSTRemover\Uninstall.exe
    Steam-->J:\JEUXPC~1\Steam\UNWISE.EXE J:\JEUXPC~1\Steam\INSTALL.LOG
    Studio 10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\Setup2.exe" -l0x40c UNINSTALL
    SUPER © Version 2008.bld.33 (Sep 2, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
    SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
    Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    TeamSpeak 2 RC2-->"J:\Jeux PC\Teamspeak2_RC2\unins000.exe"
    Texture Maker 3.03-->"C:\Program Files\Texture Maker\unins000.exe"
    Thomson USB Audio System Software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Thomson multimedia\USB Audio System\DeIsL1.isu"
    TI Connect 1.6-->MsiExec.exe /I{A8B94669-8654-4126-BD28-D0D2412CDED6}
    TIPocketEmulator-->C:\Program Files\Microsoft ActiveSync\TIPocketEmulator\Uninstall.exe TIPocketEmulator
    Todae - Live Media-->C:\Program Files\Windows Media Player\Plugins\Todae\RMP\uninstall_fr.exe
    TomTom HOME-->C:\Program Files\InstallShield Installation Information\{CE325D55-FCAF-4273-BB79-069BB8747270}\setup.exe -runfromtemp -l0x040c -removeonly -removeonly
    TortoiseSVN 1.4.8.12137 (32 bit)-->MsiExec.exe /X{1E010E57-0453-4A84-A899-47EEA104661C}
    Transfert Windows-->"C:\WINDOWS\$NtUninstallWETCable$\spuninst\spuninst.exe"
    TubeHunter Ultra-->MsiExec.exe /I{4572F220-0A56-402E-90F1-4D36DD22F108}
    uberOptions 3.30.5.4-->C:\Program Files\Logitech\SetPoint\uberOptions\uninst.exe
    Unreal Tournament 2004-->J:\Jeux PC\UT2004\System\Setup.exe uninstall "UT2004"
    Unreal Tournament 3-->"J:\Jeux PC\Steam\steam.exe" steam://uninstall/13210
    Unreal Tournament 3-->MsiExec.exe /X{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}
    Virtual Cable Tester-->MsiExec.exe /X{3D654496-9C3D-4565-858C-3E551ECDA4E2}
    Virtual Pool Mobile-->C:\Program Files\Microsoft ActiveSync\Virtual Pool Mobile\Uninstall.exe Virtual Pool Mobile
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    VLC media player 0.9.6-->C:\Program Files\VLC\uninstall.exe
    VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
    Vodafone 804SS USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
    VTFEdit 1.2.3-->"C:\Program Files\VTFEdit\unins000.exe"
    WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
    WD Drive Manager (x86)-->MsiExec.exe /X{E934E2A2-BE3B-4C1A-A3D9-753FFB2B38B4}
    WDCSAM Driver-->MsiExec.exe /X{E064390A-2F64-4195-9A55-30D4B20B865A}
    Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
    Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (12/05/2006 1.0.0007.0)-->rundll32.exe C:\PROGRA~1\DIFX\7AA84A78695B31A503D9537A76801D74E0FD14BD\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\wdcsam_8A1D0449E9CBCC93DCB0CF47934D695423632CA7\wdcsam.inf
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live Sign-in Assistant-->MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
    Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Vista Upgrade Advisor-->MsiExec.exe /I{B79FBFDD-8B0C-4B8E-B70E-499E39978281}
    Windows XP Creativity Fun Packs - Windows Media Player 9 Series-->MsiExec.exe /X{AE98861E-5D55-4787-9E18-6A054783D124}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    www.dizzler.com-->"C:\Program Files\dizzler\unins000.exe"
    Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    XviD MPEG-4 Video Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\WINDOWS\INF\xvid.inf
    X-Wing Install System 2.71-->C:\Program Files\X-Wing Install System\Uninstall.exe
    ZEN Media Explorer-->"C:\Program Files\Creative Installation Information\ZEN_MTP_MEDIA_EXPLORER\Setup.exe" /remove /l0x040c
    ZENcast Organizer-->"C:\Program Files\Creative Installation Information\ZENCAST_ORGANIZER\Setup.exe" /remove /l0x040c
    Zombie Panic! Source-->"J:\Jeux PC\Steam\steam.exe" steam://uninstall/17500

    =====HijackThis Backups=====

    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.mini20.com/?tm=1&kw=Secure+Web+Search+Engine&KW1=Secure%20Web%20Search%20Engine&KW2=Best%20Malware%20Detection%20And%20Removal%20Software&searchbox=0&domainname=0&backfill=0
    O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: Avira AntiVir PersonalEdition Classic (outdated)

    System event log

    Computer Name: JEREMY
    Event Code: 51
    Message: Une erreur a été détectée sur le périphérique \Device\CdRom1 au cours d'une opération de pagination.

    Record Number: 8769
    Source Name: Cdrom
    Time Written: 20090109173715.000000+060
    Event Type: warning
    User:

    Computer Name: JEREMY
    Event Code: 10021
    Message: Le descripteur de sécurité d'exécution et d'activation défini pour l'application serveur COM avec le CLSID
    {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
    n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée. Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration Services de composants.

    Record Number: 8768
    Source Name: DCOM
    Time Written: 20090109173707.000000+060
    Event Type: error
    User:

    Computer Name: JEREMY
    Event Code: 10021
    Message: Le descripteur de sécurité d'exécution et d'activation défini pour l'application serveur COM avec le CLSID
    {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
    n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée. Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration Services de composants.

    Record Number: 8767
    Source Name: DCOM
    Time Written: 20090109173707.000000+060
    Event Type: error
    User:

    Computer Name: JEREMY
    Event Code: 10021
    Message: Le descripteur de sécurité d'exécution et d'activation défini pour l'application serveur COM avec le CLSID
    {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
    n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée. Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration Services de composants.

    Record Number: 8766
    Source Name: DCOM
    Time Written: 20090109173707.000000+060
    Event Type: error
    User:

    Computer Name: JEREMY
    Event Code: 10021
    Message: Le descripteur de sécurité d'exécution et d'activation défini pour l'application serveur COM avec le CLSID
    {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
    n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée. Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration Services de composants.

    Record Number: 8765
    Source Name: DCOM
    Time Written: 20090109173707.000000+060
    Event Type: error
    User:

    Application event log

    Computer Name: JEREMY
    Event Code: 103
    Message: msnmsgr (6832) \\.\C:\Documents and Settings\JEREMY\Local Settings\Application Data\Microsoft\Messenger\jejebond_60@hotmail.com\SharingMetadata\Working\database_BC44_7AFA_447A_B72C\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 21541
    Source Name: ESENT
    Time Written: 20081206220207.000000+060
    Event Type: information
    User:

    Computer Name: JEREMY
    Event Code: 102
    Message: msnmsgr (6832) \\.\C:\Documents and Settings\JEREMY\Local Settings\Application Data\Microsoft\Messenger\jejebond_60@hotmail.com\SharingMetadata\Working\database_BC44_7AFA_447A_B72C\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

    Record Number: 21540
    Source Name: ESENT
    Time Written: 20081206213308.000000+060
    Event Type: information
    User:

    Computer Name: JEREMY
    Event Code: 100
    Message: msnmsgr (6832) Le moteur de base de données 5.01.2600.5512 est démarré.

    Record Number: 21539
    Source Name: ESENT
    Time Written: 20081206213308.000000+060
    Event Type: information
    User:

    Computer Name: JEREMY
    Event Code: 101
    Message: msnmsgr (6832) Le moteur de base de données est arrêté.

    Record Number: 21538
    Source Name: ESENT
    Time Written: 20081206212121.000000+060
    Event Type: information
    User:

    Computer Name: JEREMY
    Event Code: 103
    Message: msnmsgr (6832) \\.\C:\Documents and Settings\JEREMY\Local Settings\Application Data\Microsoft\Messenger\jejebond_60@hotmail.com\SharingMetadata\Working\database_BC44_7AFA_447A_B72C\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 21537
    Source Name: ESENT
    Time Written: 20081206212121.000000+060
    Event Type: information
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=0f06
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "sourcesdk"=j:\jeux pc\steam\steamapps\jejebond_60@hotmail.com\sourcesdk
    "VProject"=j:\jeux pc\steam\steamapps\jejebond_60@hotmail.com\half-life 2 deathmatch\hl2mp
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------

    LOG.TXT

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by JEREMY at 2009-02-10 17:21:03
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 10 GB (10%) free of 100 GB
    Total RAM: 2047 MB (60% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:21:06 PM, on 2/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Thomson multimedia\USB Audio System\cs580.exe
    C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\JEREMY\Bureau\RSIT.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Trend Micro\HijackThis\JEREMY.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ThomsonUSBAudioSystemRemote] "C:\Program Files\Thomson multimedia\USB Audio System\cs580.exe"
    O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.22\RivaTuner.exe" /S
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15031/CTSUEng.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FanSpeedNT Service - Unknown owner - J:\Fichiers\Overclock\Fanspeed\fanspeedNT.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\sy
    0
  8. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Le rapport log n'est pas complet.
    0
  9. Jejebond Messages postés 21 Statut Membre
     
    SUITE LOG.TXT

    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
    O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
    0
  10. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Que dit exactement MBAM pour les mises à jour ?
    0
  11. Jejebond Messages postés 21 Statut Membre
     
    Il me dit de vérifier mon pare feu ou de vérifier ma connexion internet... J'ai un Netgear comme routeur, quels ports dois-je ouvrir ? Comment le faire ?
    0
  12. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Télécharge GMER :
    http://www2.gmer.net/gmer.zip

    ---> Extrais le contenu du ZIP puis renomme gmer.exe en CCM.exe (Le .exe n'est pas forcément visible).

    ---> Double-clique sur CCM.exe.

    ---> Onglet "Rootkit/Malware", clique sur "Scan" puis patiente.

    ---> En fin de traitement, clique sur "Save..." et enregistre sur ton Bureau "301108.txt".

    ---> Double-clique sur "301108.txt", le rapport apparaît, poste-le.
    0
  13. Jejebond Messages postés 21 Statut Membre
     
    GMER me détecte plusieurs rootkit apparemment.

    GMER 1.0.14.14536 - http://www.gmer.net
    Rootkit scan 2009-02-10 17:53:14
    Windows 5.1.2600 Service Pack 3

    ---- System - GMER 1.0.14 ----

    SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF769787E] <-- ROOTKIT !!!
    SSDT BA2773E4 ZwCreateThread
    SSDT sptd.sys ZwEnumerateKey [0xF7473D1C] <-- ROOTKIT !!!
    SSDT sptd.sys ZwEnumerateValueKey [0xF74740BC] <-- ROOTKIT !!!
    SSDT sptd.sys ZwOpenKey [0xF746F090] <-- ROOTKIT !!!
    SSDT BA2773D0 ZwOpenProcess
    SSDT BA2773D5 ZwOpenThread
    SSDT sptd.sys ZwQueryKey [0xF7474194] <-- ROOTKIT !!!
    SSDT sptd.sys ZwQueryValueKey [0xF7474014] <-- ROOTKIT !!!
    SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7697C10] <-- ROOTKIT !!!
    SSDT BA2773DF ZwTerminateProcess
    SSDT BA2773DA ZwWriteVirtualMemory

    Code 8A728458 ZwFlushInstructionCache
    Code B66F2C80 pIofCallDriver

    ---- Kernel code sections - GMER 1.0.14 ----

    PAGE ntoskrnl.exe!ZwFlushInstructionCache 80587BFB 5 Bytes JMP 8A72845C
    ? rcrmt.sys Le fichier spécifié est introuvable. !
    ? C:\WINDOWS\system32\drivers\sptd.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
    ? C:\WINDOWS\System32\Drivers\SPTDDRV1.SYS Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
    .text USBPORT.SYS!DllUnload B8EF98AC 5 Bytes JMP 8AA9D1B8
    ? System32\Drivers\amisirte.SYS Le chemin d'accès spécifié est introuvable. !
    ? C:\DOCUME~1\JEREMY\LOCALS~1\Temp\mc21.tmp Le fichier spécifié est introuvable. !

    ---- User code sections - GMER 1.0.14 ----

    .text C:\WINDOWS\system32\ctfmon.exe[260] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\WINDOWS\system32\ctfmon.exe[260] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\WINDOWS\system32\ctfmon.exe[260] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Windows Media Player\WMPNSCFG.exe[316] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Windows Media Player\WMPNSCFG.exe[316] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\Program Files\Windows Media Player\WMPNSCFG.exe[316] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Windows Media Player\WMPNSCFG.exe[316] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[1080] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[1080] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\Program Files\Mozilla Firefox\firefox.exe[1080] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Mozilla Firefox\firefox.exe[1080] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[1200] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[1200] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[1200] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[1200] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE[1388] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE[1388] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE[1388] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE[1388] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F070F5A
    .text C:\Documents and Settings\JEREMY\Bureau\CCM.exe[1664] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F040F5A
    .text C:\Documents and Settings\JEREMY\Bureau\CCM.exe[1664] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\Documents and Settings\JEREMY\Bureau\CCM.exe[1664] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Documents and Settings\JEREMY\Bureau\CCM.exe[1664] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!LoadResource 7C80A045 7 Bytes JMP 28001CC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!FindResourceExW 7C80AD18 7 Bytes JMP 28001B00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!FindResourceW 7C80BC5E 7 Bytes JMP 28001A80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!SizeofResource 7C80BCF9 7 Bytes JMP 28001D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!FindResourceA 7C80BF19 7 Bytes JMP 28001B90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!LockResource 7C80CD27 5 Bytes JMP 28001DF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!CreateEventA 7C83089D 5 Bytes JMP 28001840 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!FindResourceExA 7C835F90 7 Bytes JMP 28001C20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] kernel32.dll!OutputDebugStringW 7C85B335 5 Bytes JMP 28001E50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] ADVAPI32.dll!CryptDeriveKey 77DB9FDD 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] ADVAPI32.dll!CryptDecrypt 77DBA109 7 Bytes JMP 28001060 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 28004090 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!SetWindowPlacement 7E39DE46 5 Bytes JMP 28005840 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!CreateDialogParamW 7E39EA3B 5 Bytes JMP 28005AC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!LoadImageW 7E3A7B97 5 Bytes JMP 280060C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 28003820 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!SetWindowRgn 7E3AE528 7 Bytes JMP 28005980 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!LoadIconW 7E3AE8BC 5 Bytes JMP 280062B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 28005CB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] USER32.dll!TrackPopupMenuEx 7E3ECF62 5 Bytes JMP 28004970 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WS2_32.dll!closesocket 719F3E2B 5 Bytes JMP 2800A5A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WS2_32.dll!send 719F4C27 2 Bytes JMP 2800A180 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WS2_32.dll!send + 3 719F4C2A 2 Bytes [ 61, B6 ]
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 28009F60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WS2_32.dll!recv 719F676F 5 Bytes JMP 28009DC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 2800A360 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] SHELL32.dll!Shell_NotifyIconW 7CA3A52F 5 Bytes JMP 28002FE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] ole32.dll!CoInitializeEx 774BEF7B 5 Bytes JMP 28002100 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] ole32.dll!CoRegisterClassObject 774D7E90 5 Bytes JMP 28002200 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WININET.dll!InternetCloseHandle 4408DA59 5 Bytes JMP 28008F20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WININET.dll!HttpOpenRequestA 44094341 5 Bytes JMP 28008BE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WININET.dll!InternetReadFile 4409ABB4 5 Bytes JMP 28008D70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[1732] WININET.dll!HttpSendRequestA 4409CD40 5 Bytes JMP 28008E50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
    .text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1804] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1804] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1804] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1804] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Windows Media Player\WMPNetwk.exe[2228] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\WINDOWS\Explorer.EXE[2304] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\WINDOWS\Explorer.EXE[2304] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\WINDOWS\Explorer.EXE[2304] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Logitech\SetPoint\SetPoint.exe[2592] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Logitech\SetPoint\SetPoint.exe[2592] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\Program Files\Logitech\SetPoint\SetPoint.exe[2592] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Logitech\SetPoint\SetPoint.exe[2592] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\WINDOWS\system32\wscntfy.exe[2708] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\WINDOWS\system32\wscntfy.exe[2708] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\WINDOWS\system32\wscntfy.exe[2708] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2784] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\Program Files\Stardock\ObjectDock\ObjectDock.exe[2796] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Stardock\ObjectDock\ObjectDock.exe[2796] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ]
    .text C:\Program Files\Stardock\ObjectDock\ObjectDock.exe[2796] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Stardock\ObjectDock\ObjectDock.exe[2796] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\TortoiseSVN\bin\TSVNCache.exe[2900] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\TortoiseSVN\bin\TSVNCache.exe[2900] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\TortoiseSVN\bin\TSVNCache.exe[2900] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\WINDOWS\system32\rundll32.exe[3004] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\WINDOWS\system32\rundll32.exe[3004] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\WINDOWS\system32\rundll32.exe[3004] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3132] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3132] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3132] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\WINDOWS\RTHDCPL.EXE[3184] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\WINDOWS\RTHDCPL.EXE[3184] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\WINDOWS\RTHDCPL.EXE[3184] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Thomson multimedia\USB Audio System\cs580.exe[3228] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Thomson multimedia\USB Audio System\cs580.exe[3228] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Thomson multimedia\USB Audio System\cs580.exe[3228] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe[3244] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe[3244] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe[3244] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Java\jre6\bin\jusched.exe[3488] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Java\jre6\bin\jusched.exe[3488] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Java\jre6\bin\jusched.exe[3488] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[3512] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[3512] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[3512] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\WINDOWS\system32\RUNDLL32.EXE[3520] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\WINDOWS\system32\RUNDLL32.EXE[3520] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\WINDOWS\system32\RUNDLL32.EXE[3520] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\WINDOWS\system32\rundll32.exe[3552] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\WINDOWS\system32\rundll32.exe[3552] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\WINDOWS\system32\rundll32.exe[3552] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe[3620] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe[3620] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe[3620] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\SuperCopier2\SuperCopier2.exe[3628] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\SuperCopier2\SuperCopier2.exe[3628] shell32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\SuperCopier2\SuperCopier2.exe[3628] shell32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3972] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A
    .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3972] SHELL32.dll!SHFileOperationW 7CA8083C 6 Bytes JMP 5F0A0F5A
    .text C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3972] SHELL32.dll!SHFileOperation 7CA80B24 6 Bytes JMP 5F040F5A
    0
  14. Jejebond Messages postés 21 Statut Membre
     
    SUITE


    ---- Kernel IAT/EAT - GMER 1.0.14 ----

    IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F747F6C4] sptd.sys
    IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7495394] sptd.sys
    IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F747F718] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F746FAB6] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F746FBEE] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F746FB76] sptd.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F747071C] sptd.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74705F2] sptd.sys
    IAT disk.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F74954E8] sptd.sys
    IAT \SystemRoot\system32\DRIVERS\cdrom.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F74954E8] sptd.sys

    ---- Devices - GMER 1.0.14 ----

    Device \FileSystem\Ntfs \Ntfs 8AB091D8
    Device \FileSystem\Fastfat \FatCdrom 8A59C990
    Device \FileSystem\Udfs \UdfsCdRom 8A5E91D8
    Device \FileSystem\Udfs \UdfsDisk 8A5E91D8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{68DE324A-5AFD-4074-84AC-D2ACDF80CD4D} 8A7841D8
    Device \Driver\usbuhci \Device\USBPDO-0 8A86B7D0
    Device \Driver\dmio \Device\DmControl\DmIoDaemon 8AB0B1D8
    Device \Driver\dmio \Device\DmControl\DmConfig 8AB0B1D8
    Device \Driver\dmio \Device\DmControl\DmPnP 8AB0B1D8
    Device \Driver\dmio \Device\DmControl\DmInfo 8AB0B1D8
    Device \Driver\usbuhci \Device\USBPDO-1 8A86B7D0
    Device \Driver\usbuhci \Device\USBPDO-2 8A86B7D0
    Device \Driver\usbuhci \Device\USBPDO-3 8A86B7D0
    Device \Driver\usbehci \Device\USBPDO-4 8A869610

    AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)

    Device \Driver\Ftdisk \Device\HarddiskVolume1 8AAA01D8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 8AAA01D8
    Device \Driver\Cdrom \Device\CdRom0 8A81B1D8
    Device \Driver\Ftdisk \Device\HarddiskVolume3 8AAA01D8
    Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdePort3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\Cdrom \Device\CdRom1 8A81B1D8
    Device \Driver\Cdrom \Device\CdRom2 8A81B1D8
    Device \Driver\NetBT \Device\NetBt_Wins_Export 8A7841D8
    Device \Driver\NetBT \Device\NetbiosSmb 8A7841D8
    Device \Driver\00000038 \Device\0000005d sptd.sys
    Device \Driver\usbuhci \Device\USBFDO-0 8A86B7D0
    Device \Driver\usbuhci \Device\USBFDO-1 8A86B7D0
    Device \Driver\usbuhci \Device\USBFDO-2 8A86B7D0
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A7A0990
    Device \Driver\usbuhci \Device\USBFDO-3 8A86B7D0
    Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A7A0990
    Device \Driver\Ftdisk \Device\FtControl 8AAA01D8
    Device \Driver\usbehci \Device\USBFDO-4 8A869610
    Device \Driver\amisirte \Device\Scsi\amisirte1 8A7FD450
    Device \Driver\amisirte \Device\Scsi\amisirte1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\amisirte \Device\Scsi\amisirte1Port5Path0Target1Lun0 8A7FD450
    Device \Driver\amisirte \Device\Scsi\amisirte1Port5Path0Target1Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\JRAID \Device\Scsi\JRAID1Port4Path0Target0Lun0 8AB0A1D8
    Device \Driver\JRAID \Device\Scsi\JRAID1Port4Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\amisirte \Device\Scsi\amisirte1Port5Path0Target0Lun0 8A7FD450
    Device \Driver\amisirte \Device\Scsi\amisirte1Port5Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \Driver\JRAID \Device\Scsi\JRAID1 8AB0A1D8
    Device \Driver\JRAID \Device\Scsi\JRAID1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
    Device \FileSystem\Fastfat \Fat 8A59C990

    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    Device \FileSystem\Cdfs \Cdfs 8A7896D8

    ---- Modules - GMER 1.0.14 ----

    Module \systemroot\system32\drivers\gaopdxobrqltim.sys (*** hidden *** ) B66F1000-B6719000 (163840 bytes)

    ---- Services - GMER 1.0.14 ----

    Service C:\WINDOWS\system32\drivers\gaopdxobrqltim.sys (*** hidden *** ) [SYSTEM] gaopdxserv.sys <-- ROOTKIT !!!

    ---- Registry - GMER 1.0.14 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a3a5559ec
    Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a3a5559ec@000e6d247161 0xA2 0x69 0x39 0xC4 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys
    Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys@start 1
    Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys@type 1
    Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys@imagepath \systemroot\system32\drivers\gaopdxobrqltim.sys
    Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys@group file system
    Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys\modules
    Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys\modules@gaopdxserv \\?\globalroot\systemroot\system32\drivers\gaopdxobrqltim.sys
    Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys\modules@gaopdxl \\?\globalroot\systemroot\system32\gaopdxoyqmoqxy.dll
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 427359995
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 412748860
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x10 0xBA 0x06 0x2A ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB5 0x54 0x60 0x5F ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFC 0xDE 0x66 0x4F ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x2C 0x1A 0x47 0x45 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x10 0xBA 0x06 0x2A ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB5 0x54 0x60 0x5F ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x69 0x93 0x86 0xA8 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x85 0xA5 0x3F 0x80 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a3a5559ec
    Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a3a5559ec@000e6d247161 0xA2 0x69 0x39 0xC4 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\gaopdxserv.sys
    Reg HKLM\SYSTEM\ControlSet003\Services\gaopdxserv.sys@start 1
    Reg HKLM\SYSTEM\ControlSet003\Services\gaopdxserv.sys@type 1
    Reg HKLM\SYSTEM\ControlSet003\Services\gaopdxserv.sys@imagepath \systemroot\system32\drivers\gaopdxobrqltim.sys
    Reg HKLM\SYSTEM\ControlSet003\Services\gaopdxserv.sys@group file system
    Reg HKLM\SYSTEM\ControlSet003\Services\gaopdxserv.sys\modules
    Reg HKLM\SYSTEM\ControlSet003\Services\gaopdxserv.sys\modules@gaopdxserv \\?\globalroot\systemroot\system32\drivers\gaopdxobrqltim.sys
    Reg HKLM\SYSTEM\ControlSet003\Services\gaopdxserv.sys\modules@gaopdxl \\?\globalroot\systemroot\system32\gaopdxoyqmoqxy.dll
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x10 0xBA 0x06 0x2A ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB5 0x54 0x60 0x5F ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFC 0xDE 0x66 0x4F ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x2C 0x1A 0x47 0x45 ...
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG10.00.00.01WORKSTATION E6F5FA0F848F71B32AF964E657AE51586A998D5C935B721048F9F909725B3B77F35CE438A94BA4BF00B19066642D7EEF7FB46FD79218F047F61A16B7F7E666A11ECE7FC91B042AF6F04624B27CBBEF608CD9DBC19DA69838E435915CD91E54BFC0584A690F428B5E0D23FB5897901DE779F42AB0928E6A786FD861B6F8F9B361CDC9781E8990C49FF879A64901EAEFE73FB7E79E22DEDE4585D6AFEB8BF8A93A48B3EF54677FC68670BCE8D9D80A46676C96D569CFA95FFAA8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667FEBC9E127BECC74CBA7FD869164D67941BE6069DC555B69B71D00BB2CFABEA358FB72C0DD308C28EE743E7C5C4598CE4EBB7407B4F763D8627934D9D819F4DC16D8A5F060063282A9E46ADDB4CC420256B7C22521CBC7B4BBF54A12CC1041199A89873981CB06F71D43C35D826A19AEAA4325939863ECF71C80D3ED9B9FAEC37ECF7C9C7C341CAF47B7925E37E1144FBE706F71DEA05BD1291E8BCF8959CBAA92C7225E814568BD844838AF7049F8C314ADD713E298F69DDB1481C2D89F278151F052C25B02BABD3289655626BD503F723D0A1AE25501C940041BF6F4AFE4B2F3C62EAFBBFE8C635619F5AC7EB2BDC518EA8C256492DC50F1B1BEB8B90B17945C4EED0BD6CB19
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG11.00.00.01WORKSTATION 37262371F698E25ED7827466978F5F8A2C3DCE27B1E10361B3962FEDF541678F77C2967CDD9B3F8608F0592AE9D2AEF48230FB4BF6483018B3A1A2E31FB409D6B8F38F2FADCC552A42BBB3EE9FBC18E1580A4916B8F36727B964853824B61F62C18254D1A50BA860E760AADA6271D054479BE0AA29EB309EB8A6A22C5FD4A0F0FDC9F0656C0B4132FD712A4B3EE890C10D4D2EE1DEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933C038D530D6EB34528EDD5E5BE2F6E667F631EE2F0093524F7871D871C49D5956F67715D785F6703F75A048CE1777930A847A96087BC0F4E9B856DFCE80D7A1506EF4D2DDB35B74926BB741CBA0BC5C9F3E6AD284648E70BC7D1AFC540667D259CB78558232CBE5F53355A7F7B22F51914D2363834402D9ADB70E5E99354FFD626325593353ECF07FA88B633CB238DCBDAFC4FE05396377062B8525567EDA67BC5E9F8E06002A772AF77251229E011BEB39794C2E73BF4573EE5AE669E8168820381295AFB1310F57A3A4425B86F9E042116CEBC6B865F188EE69AED50ED18C2544A8080CF8F282C8813F77BA0FD5B34E314C6BBD62E9E1B86C9179BF9E24D4CAA496EE987828CDA63AE62DB96E0C4F7FE7CD52A2DDA5AD5F7938BA71D9E4F5F453124BF96748A3FB4D408
    Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xE9 0x02 0x6C 0xFA ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
    Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
    Reg HKLM\SOFTWARE\Classes\gaopdxvx
    Reg HKLM\SOFTWARE\Classes\gaopdxvx@gaopdxrun 71
    Reg HKLM\SOFTWARE\Classes\gaopdxvx@gaopdxpff 8160
    Reg HKLM\SOFTWARE\Classes\gaopdxvx@gaopdxaff 3165
    Reg HKLM\SOFTWARE\Classes\gaopdxvx@gaopdxsrv -1056770279
    Reg HKLM\SOFTWARE\Classes\gaopdxvx@gaopdxpos "xsxzy}zo"deic`daly?kflniTXTC
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D459D1DF-8E7D-9734-3ECF-C454223F516F}
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D459D1DF-8E7D-9734-3ECF-C454223F516F}@ianfphgadepnadkmge 0x69 0x61 0x6B 0x69 ...
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D459D1DF-8E7D-9734-3ECF-C454223F516F}@hadghlfflbdnboop 0x69 0x61 0x6C 0x69 ...

    ---- EOF - GMER 1.0.14 ----
    0
  15. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Télécharge SDFix (créé par AndyManchesta) sur ton Bureau.
    - Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
    - Redémarre ton ordinateur en mode sans échec.

    ---> Pour redémarrer en mode sans échec :
    - Redémarre ton PC.
    - Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
    - Dans le menu d'options avancées, choisis Mode sans échec.
    - Choisis ta session.

    ---> Déroule la liste des instructions ci-dessous :
    - Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.
    - Appuie sur Y pour commencer le processus de nettoyage.
    - Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
    - Appuie sur une touche pour redémarrer le PC.
    - Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    - Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
    - Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    - Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
    - Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.
    0
  16. Jejebond Messages postés 21 Statut Membre
     
    [b]SDFix: Version 1.240 [/b]
    Run by JEREMY on Tue 02/10/2009 at 06:28 PM

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix

    [b]Checking Services [/b]:

    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting

    [b]Checking Files [/b]:

    Trojan Files Found:

    C:\114889~1 - Deleted
    C:\DOCUME~1\JEREMY\COOKIES\BEGOWU~1.BAN - Deleted
    C:\DOCUME~1\JEREMY\COOKIES\LAPASYZ.BAN - Deleted
    C:\DOCUME~1\JEREMY\COOKIES\PIDUHU.DLL - Deleted
    C:\DOCUME~1\JEREMY\COOKIES\VYVUQU.REG - Deleted
    C:\Documents and Settings\JEREMY\Local Settings\Temp\aaxAE9.tmp.exe - Deleted
    C:\Documents and Settings\JEREMY\Local Settings\Temp\utt5A1.tmp.exe - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\Binaries1.cab2 - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\Binaries1.cab3 - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\Binaries3.cab6 - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp10.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp11.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp12.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp13.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp14.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp19.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp1A.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp1C.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp21.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp23.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp24.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp28.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp2B.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp2D.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp2E.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp31.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp33.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp36.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp3A.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp3B.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp3D.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp3E.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp3F.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp41.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp49.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp4D.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp54.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp55.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp5D.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp5E.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp64.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp65.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp66.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp6A.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp6E.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp73.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp75.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp76.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp77.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp7A.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp7C.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp7D.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp7E.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp7F.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp80.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp81.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp8C.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp90.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmp97.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpA.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpA8.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpA9.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpAA.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpAB.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpAC.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpAD.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpAE.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpAF.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB0.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB1.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB2.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB3.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB4.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB5.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB6.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB7.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpB8.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpBB.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpBC.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpBD.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpBE.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpC.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpC0.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpC1.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpC2.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpC3.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpC4.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpC5.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpC6.tmp - Deleted
    C:\DOCUME~1\JEREMY\LOCALS~1\Temp\tmpF.tmp - Deleted
    C:\WINDOWS\yfir._sy - Deleted
    C:\WINDOWS\system32\winmnpld.lhp - Deleted

    Removing Temp Files

    [b]ADS Check [/b]:

    [b]Final Check [/b]:

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-10 18:58:27
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    disk error: C:\WINDOWS\system32\config\system, 0
    scanning hidden registry entries ...

    disk error: C:\WINDOWS\system32\config\software, 0
    disk error: C:\Documents and Settings\JEREMY\ntuser.dat, 0
    scanning hidden files ...

    disk error: C:\WINDOWS\

    please note that you need administrator rights to perform deep scan

    [b]Remaining Services [/b]:

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\GameFace Messenger\\GameFace.exe"="C:\\Program Files\\GameFace Messenger\\GameFace.exe:*:Enabled:IM"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\day of defeat source\\hl2.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\day of defeat source\\hl2.exe:*:Enabled:hl2"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\half-life 2 deathmatch\\hl2.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\half-life\\hl.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\half-life\\hl.exe:*:Enabled:Half-Life Launcher"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\counter-strike source\\hl2.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\counter-strike source\\hl2.exe:*:Enabled:hl2"
    "J:\\Jeux PC\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"="J:\\Jeux PC\\EA GAMES\\Need for Speed Most Wanted\\speed.exe:*:Enabled:speed"
    "J:\\Jeux PC\\Electronic Arts\\D‚mo de Battlefield 2142\\BF2142.exe"="J:\\Jeux PC\\Electronic Arts\\D‚mo de Battlefield 2142\\BF2142.exe:*:Enabled:Battlefield 2"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "J:\\Jeux PC\\Microsoft Games\\Age of Empires III\\age3.exe"="J:\\Jeux PC\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
    "J:\\Jeux PC\\id Software\\Quake 4\\Quake4Ded.exe"="J:\\Jeux PC\\id Software\\Quake 4\\Quake4Ded.exe:*:Disabled:Quake 4"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\half-life 2\\hl2.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\half-life 2\\hl2.exe:*:Enabled:hl2"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\source sdk base\\hl2.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\source sdk base\\hl2.exe:*:Enabled:hl2"
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
    "J:\\Jeux PC\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe"="J:\\Jeux PC\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe:*:Enabled:Far Cry"
    "C:\\Program Files\\EasyPHP1-8\\apache\\Apache.exe"="C:\\Program Files\\EasyPHP1-8\\apache\\Apache.exe:*:Enabled:Apache"
    "J:\\Jeux PC\\America's Army\\System\\ArmyOps.exe"="J:\\Jeux PC\\America's Army\\System\\ArmyOps.exe:*:Enabled:ArmyOps"
    "C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe:*:Enabled:Render Manager"
    "C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe:*:Enabled:Studio"
    "C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
    "C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe:*:Enabled:umi"
    "C:\\Program Files\\Intuwave\\Shared\\mRouterRunTime\\mRouterRuntime.exe"="C:\\Program Files\\Intuwave\\Shared\\mRouterRunTime\\mRouterRuntime.exe:*:Enabled:mRouterRuntime"
    "C:\\Program Files\\Pinnacle\\MediaCenter\\PMC.exe"="C:\\Program Files\\Pinnacle\\MediaCenter\\PMC.exe:LocalSubNet:Enabled:Pmc.exe"
    "C:\\Program Files\\Pinnacle\\MediaCenter\\PSST.exe"="C:\\Program Files\\Pinnacle\\MediaCenter\\PSST.exe:LocalSubNet:Enabled:PSST.exe"
    "C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"="C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe"
    "C:\\Program Files\\Pinnacle\\MediaCenter\\PMSInstallInit.exe"="C:\\Program Files\\Pinnacle\\MediaCenter\\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
    "C:\\Program Files\\Pinnacle\\MediaCenter\\PMC.Tvtv.Wizard.exe"="C:\\Program Files\\Pinnacle\\MediaCenter\\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe"
    "C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaServer\\PMSInstallInit.exe"="C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaServer\\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
    "C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
    "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
    "C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaCenterService\\PMC.Service.Main.exe"="C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaCenterService\\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService"
    "J:\\Jeux iso PC\\flatout 2\\FlatOut2.exe"="J:\\Jeux iso PC\\flatout 2\\FlatOut2.exe:*:Enabled:FlatOut2"
    "J:\\Jeux PC\\Steam\\steamapps\\common\\roboblitz\\Binaries\\RoboGame.exe"="J:\\Jeux PC\\Steam\\steamapps\\common\\roboblitz\\Binaries\\RoboGame.exe:*:Enabled:RoboBlitz"
    "J:\\Jeux PC\\KONAMI\\Pro Evolution Soccer 6\\pes6.exe"="J:\\Jeux PC\\KONAMI\\Pro Evolution Soccer 6\\pes6.exe:*:Enabled:pes6.exe"
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
    "J:\\Jeux PC\\LucasArts\\Star Wars Battlefront II\\GameData\\battlefrontII.exe"="J:\\Jeux PC\\LucasArts\\Star Wars Battlefront II\\GameData\\battlefrontII.exe:*:Enabled:battlefrontII"
    "C:\\Program Files\\Simple DNS Plus\\sdnsmain.exe"="C:\\Program Files\\Simple DNS Plus\\sdnsmain.exe:*:Enabled:Simple DNS Plus - Main server engine"
    "J:\\Jeux PC\\UT2004\\System\\UT2004.exe"="J:\\Jeux PC\\UT2004\\System\\UT2004.exe:*:Enabled:UT2004"
    "C:\\Program Files\\CF3B5\\PS3.ProxyServer\\PS3.ProxyServer.GUI.exe"="C:\\Program Files\\CF3B5\\PS3.ProxyServer\\PS3.ProxyServer.GUI.exe:*:Enabled: "
    "C:\\Program Files\\PS3PROXY\\ps3proxy.exe"="C:\\Program Files\\PS3PROXY\\ps3proxy.exe:*:Enabled:PS3 Proxy"
    "C:\\Program Files\\adslTV\\adsltv.exe"="C:\\Program Files\\adslTV\\adsltv.exe:*:Enabled:adsltv"
    "C:\\Program Files\\PS3Portal\\hfs.exe"="C:\\Program Files\\PS3Portal\\hfs.exe:*:Enabled:hfs"
    "C:\\Program Files\\Personal Media Manager\\PMMedia.exe"="C:\\Program Files\\Personal Media Manager\\PMMedia.exe:*:Enabled:PMMedia"
    "E:\\EXE\\Freelancer.exe"="E:\\EXE\\Freelancer.exe:*:Enabled:Freelancer"
    "J:\\Jeux PC\\Microsoft Games\\Freelancer\\EXE\\Freelancer.exe"="J:\\Jeux PC\\Microsoft Games\\Freelancer\\EXE\\Freelancer.exe:*:Enabled:Freelancer"
    "J:\\Jeux PC\\CAPCOM\\LOST_PLANET_TRIAL_DX9\\LostPlanetDX9.exe"="J:\\Jeux PC\\CAPCOM\\LOST_PLANET_TRIAL_DX9\\LostPlanetDX9.exe:*:Enabled:LostPlanetDX9"
    "C:\\Program Files\\Nero\\Nero 7\\Nero MediaHome\\NeroMediaHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero MediaHome\\NeroMediaHome.exe:*:Enabled:Nero MediaHome"
    "C:\\Program Files\\Java\\jre1.5.0_10\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_10\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\source dedicated server\\srcds.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\source dedicated server\\srcds.exe:*:Enabled:srcds"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application"
    "C:\\Softimage\\XSI_4.2_ModTool\\Application\\bin\\nt-x86-p3\\XSI.exe"="C:\\Softimage\\XSI_4.2_ModTool\\Application\\bin\\nt-x86-p3\\XSI.exe:*:Enabled:XSI"
    "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
    "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
    "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
    "C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
    "J:\\Jeux PC\\Electronic Arts\\La Bataille pour la Terre du Milieu II\\game.dat"="J:\\Jeux PC\\Electronic Arts\\La Bataille pour la Terre du Milieu II\\game.dat:*:Enabled:La Bataille pour la Terre du Milieu T II"
    "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
    "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
    "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
    "J:\\Jeux PC\\Unreal Tournament 3\\Binaries\\UT3.exe"="J:\\Jeux PC\\Unreal Tournament 3\\Binaries\\UT3.exe:*:Enabled:Unreal Tournament 3"
    "C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
    "C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
    "C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
    "C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\garrysmod\\hl2.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\garrysmod\\hl2.exe:*:Enabled:hl2"
    "C:\\Program Files\\BT Softphone 2\\BTSoftphone2.exe"="C:\\Program Files\\BT Softphone 2\\BTSoftphone2.exe:*:Enabled:BTSoftphone2"
    "C:\\Documents and Settings\\JEREMY\\Bureau\\PCmonitor\\PCMonitor.exe"="C:\\Documents and Settings\\JEREMY\\Bureau\\PCmonitor\\PCMonitor.exe:*:Enabled:PCMonitor Server"
    "C:\\Program Files\\Microsoft Games\\Freelancer\\EXE\\Freelancer.exe"="C:\\Program Files\\Microsoft Games\\Freelancer\\EXE\\Freelancer.exe:*:Enabled:Freelancer"
    "C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe:*:Enabled:Crysis_32"
    "C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
    "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
    "C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"="C:\\Program Files\\Electronic Arts\\EADM\\Core.exe:*:Enabled:EA Download Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
    "J:\\Jeux PC\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"="J:\\Jeux PC\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe:*:Enabled:Far Cry 2"
    "J:\\Jeux PC\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"="J:\\Jeux PC\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
    "J:\\Jeux PC\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"="J:\\Jeux PC\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe:*:Enabled:Editor"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\zombie panic! source\\hl2.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\zombie panic! source\\hl2.exe:*:Enabled:hl2"
    "C:\\Program Files\\Java\\jre6\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre6\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\\Program Files\\America's Army Deploy Client\\AADeployClient.exe"="C:\\Program Files\\America's Army Deploy Client\\AADeployClient.exe:*:Enabled:AADeployClient"
    "J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\source sdk base 2007\\hl2.exe"="J:\\Jeux PC\\Steam\\steamapps\\jejebond_60@hotmail.com\\source sdk base 2007\\hl2.exe:*:Enabled:hl2"
    "J:\\Jeux PC\\Codemasters\\GRID\\GRID.exe"="J:\\Jeux PC\\Codemasters\\GRID\\GRID.exe:*:Enabled:GRID"
    "J:\\Jeux PC\\EA GAMES\\Battlefield 2\\BF2.exe"="J:\\Jeux PC\\EA GAMES\\Battlefield 2\\BF2.exe:*:Enabled:Battlefield 2"
    "J:\\Jeux PC\\Steam\\steamapps\\common\\roboblitz\\Binaries\\RoboLaunch.exe"="J:\\Jeux PC\\Steam\\steamapps\\common\\roboblitz\\Binaries\\RoboLaunch.exe:*:Enabled:RoboBlitz Demo"
    "J:\\Jeux PC\\Steam\\steamapps\\common\\unreal tournament 3\\Binaries\\UT3.exe"="J:\\Jeux PC\\Steam\\steamapps\\common\\unreal tournament 3\\Binaries\\UT3.exe:*:Enabled:Unreal Tournament 3"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

    [b]Remaining Files [/b]:

    File Backups: - C:\SDFix\backups\backups.zip

    [b]Files with Hidden Attributes [/b]:

    Wed 3 May 2006 163,328 A.SHR --- "C:\WINDOWS\system32\flvDX.dll"
    Wed 21 Feb 2007 31,232 A.SHR --- "C:\WINDOWS\system32\msfDX.dll"
    Sun 16 Mar 2008 216,064 A.SHR --- "C:\WINDOWS\system32\nbDX.dll"
    Sat 23 Dec 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Fri 22 Aug 2008 2,451,968 A.SH. --- "C:\Documents and Settings\JEREMY\Bureau\Aon800_cfdg.exe"
    Fri 22 Aug 2008 2,451,968 A.SH. --- "C:\Documents and Settings\JEREMY\Bureau\Xit8Cw_cfdg.exe"
    Fri 22 Aug 2008 2,451,968 A.SH. --- "C:\Documents and Settings\JEREMY\Bureau\Ypb31v_cfdg.exe"
    Sun 26 Jun 2005 616,448 A.SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
    Tue 21 Jun 2005 45,568 A.SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
    Sun 14 Sep 2008 72,704 A.SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
    Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
    Mon 10 Mar 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
    Tue 4 Jun 2002 84,992 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
    Tue 4 Jun 2002 44,032 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
    Tue 10 Dec 2002 73,766 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
    Tue 10 Dec 2002 65,575 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
    Sun 9 Jun 2002 36,864 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
    Tue 4 Jun 2002 20,480 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
    Tue 10 Dec 2002 102,437 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
    Tue 10 Dec 2002 176,165 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
    Tue 10 Dec 2002 208,935 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
    Tue 10 Dec 2002 217,127 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
    Sun 9 Jun 2002 40,448 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
    Sat 3 Nov 2001 225,280 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
    Tue 10 Apr 2001 225,280 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
    Fri 20 Feb 2004 232,960 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
    Sun 9 Jun 2002 525,824 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
    Tue 10 Dec 2002 245,805 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
    Tue 10 Dec 2002 45,093 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
    Tue 10 Dec 2002 98,341 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
    Tue 10 Dec 2002 94,247 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
    Tue 10 Dec 2002 90,151 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
    Tue 10 Dec 2002 102,439 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
    Sun 9 Jun 2002 49,152 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
    Thu 20 Mar 2008 5,632 A.SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe"
    Wed 4 Feb 2009 4,188 ...HR --- "C:\Documents and Settings\JEREMY\Application Data\SecuROM\UserData\securom_v7_01.bak"
    Fri 2 May 2008 3,493,888 A..H. --- "C:\Documents and Settings\JEREMY\Application Data\U3\temp\Launchpad Removal.exe"

    [b]Finished![/b]
    0
  17. Jejebond Messages postés 21 Statut Membre
     
    Toujours ce problème où aucun Logiciel Anti virus/troj... ne veux se mettre à jour.
    0
  18. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    --> Télécharge WinsockXPFix sur ton Bureau.

    --> Double-clique sur WinsockXPFix.exe.
    --> Tout d'abord, clique sur le boutton ReG-Backup. Cela sauvegardera ton registre par précaution.
    --> Clique sur OK, et encore une fois. Tu verras une fenêtre de sauvegarde de ton registre, tu cliqueras une nouvelle fois sur OK.

    --> Retourne à la fenêtre principale.
    --> Clique sur Fix.
    --> Clique sur Yes.
    --> Il se lancera pendant une minute ou deux et un bip se fera entendre et tu verras cette fenêtre.
    --> Finalement, clique sur OK et laisse ton PC redémarrer.
    0
  19. Jejebond Messages postés 21 Statut Membre
     
    Je ne peux faire aucune sauvegarde ! Il me dit:

    "Error saving file:
    C:\ERDNT\SECURITY !

    Continue ?"

    Je répond Oui mais il me fait ca à chaque fichier.

    Je Fix sans faire de backup ou... ??? :s
    0
  20. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Si ça plante, tu ne pourras pas restaurer sans backup.
    0
  21. Jejebond Messages postés 21 Statut Membre
     
    Combien de chance je peux avoir pour que cela ne plante pas ?

    Une alternative ?
    0
  • 1
  • 2