Win32Rootkit-gen

Résolu

Higgins -
Higgins971 - 7 mars 2009 à 13:29

Bonjour,
mon antivirus avast me signal un virus du nom de win32Rootkit-gen et quand je clic sur mettre en quarantaine il ne trouve pas l'emplacement, comment faire pour le retirer merci d'avance j'ai un rapport hijackthis qui est

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:51:17, on 17/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\windows\higeorge08.exe
C:\windows\tag06.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\documents and settings\hp_propriétaire\local settings\application data\acwsu.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 Mon Edition Spéciale\CalCheck.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\All Users\Documents\test.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
R3 - URLSearchHook: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: 485594 helper - {B935A11E-49AA-43C7-BF1C-3BDEB7120142} - C:\WINDOWS\system32\485594\485594.dll
O2 - BHO: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P0.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O3 - Toolbar: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SpamBlocker] C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbOEAddOn.exe
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Canal Widget] "c:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BboxUpdate] C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O4 - HKLM\..\Run: [Captcha5] rundll "C:\Program Files\captcha5.dll",captcha
O4 - HKLM\..\Run: [sysftray2] C:\windows\higeorge08.exe
O4 - HKLM\..\Run: [systgray2] C:\windows\tag06.exe
O4 - HKLM\..\Run: [sysnltray2] C:\windows\nl07.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [acwsu] "c:\documents and settings\hp_propriétaire\local settings\application data\acwsu.exe" acwsu
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: BoontyBox Boonty.com.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = ?
O4 - Global Startup: Controleur de calendrier pour Mon Edition personnalisee de Ulead Photo Express 4.0.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Watch.lnk = C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - c:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Afficher la suite

A voir également:

Win32Rootkit-gen
Oxy-gen - Télécharger - Généalogie
Mi box s 1st gen vs 2nd gen - Accueil - TV & Vidéo
Win64 pup gen ✓ - Forum Virus
Trojan gen 2 ✓ - Forum Virus
Malwarex-gen - Forum Virus

266 réponses

Réponse 41 / 266

loloetseb Messages postés 5508 Date d'inscription Statut Membre Dernière intervention 174

Ah ben oui annulle l'analyse malwarebytes pour l'instant.Y'a deja pas mal de bebetes a virer avec les programmes en cours

Réponse 42 / 266

higgins971

LE RAPPORT AD REMOVE

------- LOGFILE OF AD-REMOVER 1.1.1.3 | ONLY XP/VISTA -------

Updated by C_XX on 15/02/2009 at 10:20

*** LIMITED TO ***

Boonty/BoontyGames
Eorezo
Infected Poker Softwares
FunWebProduct/MyWay/MyWebSearch
It's TV
Sweetim

******************

Start at: 21:04:14 | Jeu 19/02/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: NINOBLACK
Current User: HP_Propri‚taire - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: FAT32)
- G:\ (File System: NTFS)
- H:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 78

(!) ---- IE start pages/Tabs reset

+--------------------| Boonty/Boonty Games Elements Deleted :

Service: "Boonty Games"
.
HKCR\boontybox
HKCR\CLSID\{aa760512-9bd8-4b1b-9e7a-dd9bbe3cf119}
HKCR\PandoraBoxCtrl.PandoraBoxCtrl
HKCR\PandoraBoxCtrl.PandoraBoxCtrl.1
HKCR\Typelib\{BB8AC401-701B-4ED1-96BB-B84A0FCF5874}
HKCU\Software\Boonty
HKLM\Software\Boonty
HKLM\System\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES
HKLM\System\ControlSet002\Services\Boonty Games
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C23587D9-1415-4042-9B3D-43118A4334C7}_is1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7EFFE75E-D216-47D4-B962-9E39A991BDAF}_is1
.
C:\WINDOWS\System32\PandoraCtrl.dll
C:\Program Files\Boonty
C:\Program Files\Services en ligne\Boonty
C:\Program Files\BoontyGames
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Documents and Settings\All Users\Application Data\BOONTY
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\BoontyGames.0001
C:\WINDOWS\unins000.dat
C:\Documents and Settings\HP_Propri‚taire\Bureau\Raccourcis Bureau non utilis‚s\ Jeux … t‚l‚charger.lnk
C:\WINDOWS\Prefetch\BOONTY.EXE-31979621.pf
C:\WINDOWS\Prefetch\BOONTYBOX.EXE-01F4AF9F.pf
C:\WINDOWS\Prefetch\BOONTYBOXENGINE.EXE-025B9439.pf
C:\WINDOWS\Prefetch\BOONTYGAMES.0001-212381FD.pf

+-----------------| Eorezo Elements Deleted :

.

+-----------------| Infected Poker Softwares Elements Deleted :

HKCU\Software\Europa Casino
HKLM\Software\Europa Casino
.

+-----------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

.
.

+-----------------| It's TV Elements Deleted :

.

+-----------------| Sweetim Elements Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetim
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\4f8dd48.msi
C:\WINDOWS\Installer\4f8dd4e.msi
/!\ NOT DELETED - C:\Program Files\Macrogaming
/!\ NOT DELETED - C:\Program Files\Macrogaming\SweetIM
/!\ NOT DELETED - C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\WINDOWS\Prefetch\SWEETIM.EXE-2E64256A.pf

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.

************* /!\ FILE(S)/FOLDER(S) NOT DELETED /!\ *************

"C:\Program Files\Macrogaming\SweetIM"
"C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll"

Second run ...

/!\ RESIST ! - "C:\Program Files\Macrogaming\SweetIM"
/!\ RESIST ! - "C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll"

+-----------------| Added Scan :

---- Mozilla FireFox Version 1.5 ----

ProfilePath: prqp355s.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.SelectedEngine: "Live Search"
Prefs.js: Browser.Search.SelectedEngine: "Live Search"
Prefs.js: Browser.Search.SelectedEngine: "Live Search"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
.
.
.
.

---- Internet Explorer Version 7.0.5730.11 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://home.microsoft.com/access/allinone.asp
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+-[HKEY_USERS\S-1-5-21-1156698369-2945033989-523806646-1008\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://home.microsoft.com/access/allinone.asp
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~9250 Bytes] - "C:\Ad-Report-Clean-19.02.2009.log"
[~12002 Bytes] - "C:\Ad-Report-Scan-19.02.2009.log"
-
C:\Program Files\Ad-remover\TOOLS\BACKUP\19.02.2009 - Prefs.js

End at: 21:10:40 | 19/02/2009
.
+-----------------| E.O.F - 157 Lines
.

Réponse 43 / 266

higgins971

le rapport navilog

Clean Navipromo version 3.7.4 commencé le 19/02/2009 à 21:14:01,34

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 16.02.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1335 [VPS 090218-0] 4.8.1335 (Activated)

C:\ (Local Disk) - NTFS - Total:143 Go (Free:98 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:24 Go (Free:15 Go)
H:\ (Local Disk) - NTFS - Total:51 Go (Free:10 Go)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

Nettoyage exécuté au redémarrage de l'ordinateur

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *

* Suppression dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\pegaely\locals~1\applic~1" *

*** Suppression dossiers dans "C:\WINDOWS" ***

*** Suppression dossiers dans "C:\Program Files" ***

...\Live-Player ...suppression...
...\Live-Player supprimé !

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\HP_Propriétaire\applic~1" ***

...\Live-Player ...suppression...
...\Live-Player supprimé !

*** Suppression dossiers dans "C:\DOCUME~1\pegaely\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\pegaely\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\HP_Propriétaire\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\pegaely\menudm~1\progra~1" ***

*** Suppression fichiers ***

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HP_Propri‚taire\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\WINDOWS\system32" *

* Dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" *

smqyqwu_navfx.dat trouvé !
Copie smqyqwu_navfx.dat réalisée avec succès !
smqyqwu_navfx.dat supprimé !

* Dans "C:\DOCUME~1\pegaely\locals~1\applic~1" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***

*** Nettoyage terminé le 19/02/2009 à 21:20:43,90 ***

Réponse 44 / 266

loloetseb Messages postés 5508 Date d'inscription Statut Membre Dernière intervention 174

Ok tu peux faire lop sd option 1 et postes moi le rapport

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 45 / 266

higgins971

LE 1er RAPPORT lop s&d

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090218-0] 4.8.1335 (Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:98 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:24 Go (Free:15 Go)
H:\ (Local Disk) - NTFS - Total:51 Go (Free:10 Go)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 19/02/2009|21:30 )

--------------------\\ Listing des dossiers dans APPLIC~1

[25/11/2008|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[10/09/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[13/12/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[13/12/2007|22:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[09/08/2007|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[21/05/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[05/12/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[25/07/2007|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[19/02/2009|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/01/2005|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[18/11/2008|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[01/01/2005|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/12/2008|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar2
[05/07/2006|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[18/02/2009|00:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[25/07/2006|22:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[19/02/2009|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/02/2008|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[30/01/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[31/01/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[17/01/2009|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[05/07/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[07/08/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[01/01/2005|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[01/01/2005|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[29/10/2007|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/08/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04/07/2006|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[05/07/2006|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[30/01/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[25/07/2006|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/11/2006|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[06/01/2009|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[12/05/2008|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/01/2009|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/12/2007|12:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2005|19:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[10/09/2008|14:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[08/08/2008|16:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[17/12/2007|22:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[04/07/2006|23:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ArcSoft
[21/11/2006|21:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ConvertTemp
[23/11/2006|00:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\COWON
[27/05/2007|18:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink
[03/07/2006|23:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\FotoWire
[09/08/2007|16:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\F-Secure
[27/04/2008|14:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Gaijin Ent
[16/09/2006|21:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[11/02/2008|00:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\gtk-2.0
[29/09/2006|20:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[04/07/2006|10:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[03/07/2006|23:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[26/10/2005|23:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[05/07/2006|19:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterTrust
[01/08/2006|17:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Kazaa Lite
[07/07/2006|21:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[04/07/2006|16:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[18/02/2009|00:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[24/09/2006|18:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[31/01/2009|11:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Memonix
[10/02/2009|15:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[28/10/2007|11:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[25/02/2007|00:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[20/02/2008|11:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nokia
[20/02/2008|11:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nokia Multimedia Player
[20/02/2008|11:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NSeries
[19/02/2009|21:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\OpenOffice.org2
[05/07/2006|18:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Panasonic
[20/02/2008|11:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Suite
[17/01/2009|18:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
[06/08/2008|12:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[21/11/2006|19:18] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Samsung
[30/04/2008|12:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sandlot Games
[27/08/2006|20:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[08/07/2006|00:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[28/10/2007|11:35] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback
[12/02/2008|21:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[21/11/2006|20:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Temporary
[21/11/2006|20:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TransRender
[26/10/2007|11:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Windows Desktop Search
[03/11/2007|12:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Windows Live Writer
[16/12/2008|13:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WinRAR

[26/10/2007|11:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[26/10/2007|11:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[07/10/2008|09:21] C:\DOCUME~1\pegaely\APPLIC~1\Adobe
[07/10/2008|09:40] C:\DOCUME~1\pegaely\APPLIC~1\Google
[26/10/2005|23:34] C:\DOCUME~1\pegaely\APPLIC~1\Identities
[20/07/2007|15:24] C:\DOCUME~1\pegaely\APPLIC~1\Macromedia
[19/11/2008|16:56] C:\DOCUME~1\pegaely\APPLIC~1\Microsoft
[09/09/2008|19:20] C:\DOCUME~1\pegaely\APPLIC~1\Nokia
[09/09/2008|19:21] C:\DOCUME~1\pegaely\APPLIC~1\PC Suite
[01/01/2005|19:50] C:\DOCUME~1\pegaely\APPLIC~1\Real
[09/09/2008|19:20] C:\DOCUME~1\pegaely\APPLIC~1\Windows Desktop Search

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[19/02/2009 16:02][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{0B1FD591-24F5-4D66-A50D-781D936426EF}.job
[17/02/2009 13:31][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[19/02/2009 21:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/07/2006|20:01] C:\Program Files\4.0M MPEG4 DV
[26/12/2008|17:11] C:\Program Files\7-Zip
[28/10/2007|11:58] C:\Program Files\8hands
[11/07/2007|11:59] C:\Program Files\Adobe
[19/02/2009|21:10] C:\Program Files\Ad-remover
[17/11/2008|19:17] C:\Program Files\AGI
[05/12/2008|17:12] C:\Program Files\Alwil Software
[06/08/2008|17:00] C:\Program Files\Apple Software Update
[04/07/2006|16:18] C:\Program Files\ArcSoft
[01/01/2005|19:32] C:\Program Files\ATI Technologies
[09/08/2007|23:59] C:\Program Files\AVS4YOU
[07/02/2009|14:51] C:\Program Files\Bbox
[07/02/2009|13:20] C:\Program Files\BboxUpdate
[16/12/2008|13:32] C:\Program Files\Bonjour
[01/08/2006|12:23] C:\Program Files\BSPlayer
[10/09/2008|14:57] C:\Program Files\Canal
[19/02/2009|20:08] C:\Program Files\CCleaner
[20/10/2005|20:06] C:\Program Files\ComPlus Applications
[18/12/2008|17:38] C:\Program Files\Conduit
[08/02/2009|14:37] C:\Program Files\CrypText
[21/05/2007|11:30] C:\Program Files\CyberLink
[20/02/2008|11:18] C:\Program Files\DIFX
[21/05/2007|11:24] C:\Program Files\Digital Photo Navigator 1.5
[05/07/2006|19:31] C:\Program Files\directx
[08/02/2009|13:32] C:\Program Files\eMule
[21/12/2008|20:11] C:\Program Files\eMule plus 1.2d
[04/07/2006|15:52] C:\Program Files\epson
[19/02/2009|21:06] C:\Program Files\Fichiers communs
[19/02/2009|13:20] C:\Program Files\Google
[26/08/2008|11:39] C:\Program Files\Hewlett-Packard
[26/08/2008|11:39] C:\Program Files\HP
[22/11/2006|21:33] C:\Program Files\Illustrate
[17/07/2007|19:34] C:\Program Files\InstallShield Installation Information
[11/02/2009|21:56] C:\Program Files\Internet Explorer
[25/11/2008|14:02] C:\Program Files\iPod
[26/12/2008|16:16] C:\Program Files\ISOpen
[25/11/2008|14:03] C:\Program Files\iTunes
[08/01/2009|10:07] C:\Program Files\Java
[12/05/2008|18:44] C:\Program Files\Kiwee Toolbar2
[24/09/2006|18:30] C:\Program Files\K-Lite Codec Pack
[03/07/2006|23:05] C:\Program Files\Logitech
[19/02/2009|21:08] C:\Program Files\Macrogaming
[30/07/2006|18:09] C:\Program Files\Macromedia
[29/07/2007|12:05] C:\Program Files\Magneto Software
[18/02/2009|00:57] C:\Program Files\Malwarebytes' Anti-Malware
[31/01/2009|11:26] C:\Program Files\Memonix
[05/07/2006|20:44] C:\Program Files\Mes Jeux T‚l‚charg‚s
[05/09/2008|10:13] C:\Program Files\Messenger
[03/09/2008|10:55] C:\Program Files\Messenger Plus! Live
[23/07/2006|21:07] C:\Program Files\MessengerPlus! 3
[06/01/2009|16:13] C:\Program Files\Microsoft
[05/11/2007|11:34] C:\Program Files\Microsoft ActiveSync
[09/05/2007|23:06] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/10/2005|23:36] C:\Program Files\microsoft frontpage
[01/01/2005|19:57] C:\Program Files\Microsoft Office
[06/01/2009|16:19] C:\Program Files\Microsoft Silverlight
[26/10/2007|11:27] C:\Program Files\Microsoft SQL Server Compact Edition
[06/01/2009|16:17] C:\Program Files\Microsoft Sync Framework
[01/01/2005|19:57] C:\Program Files\Microsoft Works
[05/09/2008|09:55] C:\Program Files\Movie Maker
[22/12/2008|22:23] C:\Program Files\Mozilla Firefox
[20/02/2007|14:07] C:\Program Files\MSN
[26/10/2005|23:36] C:\Program Files\MSN Gaming Zone
[19/11/2006|03:01] C:\Program Files\MSXML 4.0
[01/01/2005|19:59] C:\Program Files\muvee Technologies
[19/02/2009|21:20] C:\Program Files\Navilog1
[05/09/2008|09:47] C:\Program Files\NetMeeting
[25/02/2008|16:28] C:\Program Files\NRJ
[26/10/2005|23:36] C:\Program Files\Online Services
[19/11/2007|11:00] C:\Program Files\Online_TV
[10/11/2006|20:34] C:\Program Files\OpenOffice.org 2.0
[27/10/2007|11:31] C:\Program Files\orange
[24/10/2006|21:48] C:\Program Files\Orange HSS
[05/09/2008|10:13] C:\Program Files\Outlook Express
[11/07/2007|13:09] C:\Program Files\Packard Bell
[04/07/2006|16:17] C:\Program Files\Panasonic
[20/02/2008|11:18] C:\Program Files\PC Connectivity Solution
[01/08/2006|12:23] C:\Program Files\PC-Doctor 5 for Windows
[01/04/2008|10:07] C:\Program Files\Pinnacle
[03/02/2009|09:45] C:\Program Files\QuickTime
[13/05/2008|16:15] C:\Program Files\Real
[16/12/2007|21:10] C:\Program Files\Red Kawa
[06/12/2007|21:20] C:\Program Files\ReflexiveArcade
[27/08/2006|19:57] C:\Program Files\Roxio
[17/02/2009|13:40] C:\Program Files\Safari
[04/07/2006|16:00] C:\Program Files\Samsung
[19/02/2009|21:06] C:\Program Files\Services en ligne
[01/01/2005|19:52] C:\Program Files\Sonic
[07/02/2009|14:48] C:\Program Files\Techcity
[05/08/2006|12:44] C:\Program Files\TomCat Soft
[17/02/2009|20:47] C:\Program Files\Trend Micro
[05/07/2006|19:26] C:\Program Files\Ulead Systems
[20/10/2005|20:06] C:\Program Files\Uninstall Information
[27/12/2008|19:35] C:\Program Files\VirtualDJ
[17/07/2007|19:39] C:\Program Files\Wanadoo
[03/07/2006|23:31] C:\Program Files\Wanadoo Messager
[04/07/2006|22:00] C:\Program Files\Webteh
[26/10/2007|11:26] C:\Program Files\Windows Desktop Search
[19/02/2009|14:07] C:\Program Files\Windows Live
[30/11/2007|23:09] C:\Program Files\Windows Live Favorites
[18/12/2008|19:08] C:\Program Files\Windows Live Safety Center
[06/01/2009|16:12] C:\Program Files\Windows Live SkyDrive
[06/01/2009|16:17] C:\Program Files\Windows Live Toolbar
[05/07/2006|19:31] C:\Program Files\Windows Media Components
[19/12/2006|23:09] C:\Program Files\Windows Media Connect 2
[05/09/2008|09:47] C:\Program Files\Windows Media Player
[05/09/2008|09:47] C:\Program Files\Windows NT
[20/10/2005|20:05] C:\Program Files\WindowsUpdate
[16/12/2008|13:12] C:\Program Files\WinRAR
[26/10/2005|23:37] C:\Program Files\xerox
[14/01/2009|17:13] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/07/2007|12:00] C:\Program Files\Fichiers communs\Adobe
[23/12/2008|22:47] C:\Program Files\Fichiers communs\Adobe AIR
[25/11/2008|14:02] C:\Program Files\Fichiers communs\Apple
[09/08/2007|17:18] C:\Program Files\Fichiers communs\AVSMedia
[03/07/2006|23:05] C:\Program Files\Fichiers communs\FotoWire
[01/01/2005|19:37] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2005|19:43] C:\Program Files\Fichiers communs\HP
[01/01/2005|20:06] C:\Program Files\Fichiers communs\InstallShield
[01/01/2005|19:21] C:\Program Files\Fichiers communs\Java
[03/07/2006|23:04] C:\Program Files\Fichiers communs\Logitech
[29/07/2007|12:05] C:\Program Files\Fichiers communs\Magneto Software
[19/02/2009|14:02] C:\Program Files\Fichiers communs\Microsoft Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\MSSoap
[01/01/2005|19:59] C:\Program Files\Fichiers communs\muvee Technologies
[26/10/2005|23:35] C:\Program Files\Fichiers communs\ODBC
[06/08/2008|12:37] C:\Program Files\Fichiers communs\Real
[07/08/2008|18:47] C:\Program Files\Fichiers communs\Sandlot Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\Services
[01/01/2005|19:51] C:\Program Files\Fichiers communs\Sonic Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\SpeechEngines
[01/01/2005|19:51] C:\Program Files\Fichiers communs\SureThing Shared
[17/02/2009|22:22] C:\Program Files\Fichiers communs\Symantec Shared
[05/09/2008|10:13] C:\Program Files\Fichiers communs\System
[01/01/2005|19:52] C:\Program Files\Fichiers communs\TiVo Shared
[05/07/2006|19:26] C:\Program Files\Fichiers communs\Ulead Systems
[06/01/2009|16:05] C:\Program Files\Fichiers communs\Windows Live
[12/05/2008|18:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/08/2008|12:37] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 78 Processes )

IEXPLORE.EXE ~ [PID:3528]
iexplore.exe ~ [PID:1360]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertising[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-19 21:31:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 637

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\Live-Player.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\Website.url
[b]==> EGDACCESS <==/b

--------------------\\ KoobFace !

C:\WINDOWS\nlmark2.dat
C:\WINDOWS\tgmark2.dat

[F:9][D:5]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:21][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:263][D:16]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 19/02/2009|21:34 - Option : [1]

--------------------\\ Fin du rapport a 21:34:57

Réponse 46 / 266

higgins971

le 2 rapport log s&d

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090218-0] 4.8.1335 (Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:98 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:24 Go (Free:15 Go)
H:\ (Local Disk) - NTFS - Total:51 Go (Free:10 Go)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 19/02/2009|21:41 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertising[2].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[25/11/2008|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[10/09/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[13/12/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[13/12/2007|22:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[09/08/2007|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[21/05/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[05/12/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[25/07/2007|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[19/02/2009|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/01/2005|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[18/11/2008|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[01/01/2005|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/12/2008|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar2
[05/07/2006|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[18/02/2009|00:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[25/07/2006|22:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[19/02/2009|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/02/2008|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[30/01/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[31/01/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[17/01/2009|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[05/07/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[07/08/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[01/01/2005|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[01/01/2005|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[29/10/2007|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/08/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04/07/2006|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[05/07/2006|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[30/01/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[25/07/2006|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22/11/2006|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[06/01/2009|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[12/05/2008|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/01/2009|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/12/2007|12:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2005|19:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[10/09/2008|14:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[08/08/2008|16:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[17/12/2007|22:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[04/07/2006|23:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ArcSoft
[21/11/2006|21:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ConvertTemp
[23/11/2006|00:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\COWON
[27/05/2007|18:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink
[03/07/2006|23:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\FotoWire
[09/08/2007|16:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\F-Secure
[27/04/2008|14:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Gaijin Ent
[16/09/2006|21:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[11/02/2008|00:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\gtk-2.0
[29/09/2006|20:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[04/07/2006|10:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[03/07/2006|23:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[26/10/2005|23:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[05/07/2006|19:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterTrust
[01/08/2006|17:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Kazaa Lite
[07/07/2006|21:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[04/07/2006|16:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[18/02/2009|00:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[24/09/2006|18:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[31/01/2009|11:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Memonix
[10/02/2009|15:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[28/10/2007|11:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[25/02/2007|00:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[20/02/2008|11:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nokia
[20/02/2008|11:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nokia Multimedia Player
[20/02/2008|11:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NSeries
[19/02/2009|21:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\OpenOffice.org2
[05/07/2006|18:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Panasonic
[20/02/2008|11:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Suite
[17/01/2009|18:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
[06/08/2008|12:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[21/11/2006|19:18] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Samsung
[30/04/2008|12:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sandlot Games
[27/08/2006|20:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[08/07/2006|00:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[28/10/2007|11:35] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback
[12/02/2008|21:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[21/11/2006|20:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Temporary
[21/11/2006|20:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TransRender
[26/10/2007|11:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Windows Desktop Search
[03/11/2007|12:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Windows Live Writer
[16/12/2008|13:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WinRAR

[26/10/2007|11:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[26/10/2007|11:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[07/10/2008|09:21] C:\DOCUME~1\pegaely\APPLIC~1\Adobe
[07/10/2008|09:40] C:\DOCUME~1\pegaely\APPLIC~1\Google
[26/10/2005|23:34] C:\DOCUME~1\pegaely\APPLIC~1\Identities
[20/07/2007|15:24] C:\DOCUME~1\pegaely\APPLIC~1\Macromedia
[19/11/2008|16:56] C:\DOCUME~1\pegaely\APPLIC~1\Microsoft
[09/09/2008|19:20] C:\DOCUME~1\pegaely\APPLIC~1\Nokia
[09/09/2008|19:21] C:\DOCUME~1\pegaely\APPLIC~1\PC Suite
[01/01/2005|19:50] C:\DOCUME~1\pegaely\APPLIC~1\Real
[09/09/2008|19:20] C:\DOCUME~1\pegaely\APPLIC~1\Windows Desktop Search

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[19/02/2009 16:02][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{0B1FD591-24F5-4D66-A50D-781D936426EF}.job
[17/02/2009 13:31][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[19/02/2009 21:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/07/2006|20:01] C:\Program Files\4.0M MPEG4 DV
[26/12/2008|17:11] C:\Program Files\7-Zip
[28/10/2007|11:58] C:\Program Files\8hands
[11/07/2007|11:59] C:\Program Files\Adobe
[19/02/2009|21:10] C:\Program Files\Ad-remover
[17/11/2008|19:17] C:\Program Files\AGI
[05/12/2008|17:12] C:\Program Files\Alwil Software
[06/08/2008|17:00] C:\Program Files\Apple Software Update
[04/07/2006|16:18] C:\Program Files\ArcSoft
[01/01/2005|19:32] C:\Program Files\ATI Technologies
[09/08/2007|23:59] C:\Program Files\AVS4YOU
[07/02/2009|14:51] C:\Program Files\Bbox
[07/02/2009|13:20] C:\Program Files\BboxUpdate
[16/12/2008|13:32] C:\Program Files\Bonjour
[01/08/2006|12:23] C:\Program Files\BSPlayer
[10/09/2008|14:57] C:\Program Files\Canal
[19/02/2009|20:08] C:\Program Files\CCleaner
[20/10/2005|20:06] C:\Program Files\ComPlus Applications
[18/12/2008|17:38] C:\Program Files\Conduit
[08/02/2009|14:37] C:\Program Files\CrypText
[21/05/2007|11:30] C:\Program Files\CyberLink
[20/02/2008|11:18] C:\Program Files\DIFX
[21/05/2007|11:24] C:\Program Files\Digital Photo Navigator 1.5
[05/07/2006|19:31] C:\Program Files\directx
[08/02/2009|13:32] C:\Program Files\eMule
[21/12/2008|20:11] C:\Program Files\eMule plus 1.2d
[04/07/2006|15:52] C:\Program Files\epson
[19/02/2009|21:06] C:\Program Files\Fichiers communs
[19/02/2009|13:20] C:\Program Files\Google
[26/08/2008|11:39] C:\Program Files\Hewlett-Packard
[26/08/2008|11:39] C:\Program Files\HP
[22/11/2006|21:33] C:\Program Files\Illustrate
[17/07/2007|19:34] C:\Program Files\InstallShield Installation Information
[11/02/2009|21:56] C:\Program Files\Internet Explorer
[25/11/2008|14:02] C:\Program Files\iPod
[26/12/2008|16:16] C:\Program Files\ISOpen
[25/11/2008|14:03] C:\Program Files\iTunes
[08/01/2009|10:07] C:\Program Files\Java
[12/05/2008|18:44] C:\Program Files\Kiwee Toolbar2
[24/09/2006|18:30] C:\Program Files\K-Lite Codec Pack
[03/07/2006|23:05] C:\Program Files\Logitech
[19/02/2009|21:08] C:\Program Files\Macrogaming
[30/07/2006|18:09] C:\Program Files\Macromedia
[29/07/2007|12:05] C:\Program Files\Magneto Software
[18/02/2009|00:57] C:\Program Files\Malwarebytes' Anti-Malware
[31/01/2009|11:26] C:\Program Files\Memonix
[05/07/2006|20:44] C:\Program Files\Mes Jeux T‚l‚charg‚s
[05/09/2008|10:13] C:\Program Files\Messenger
[03/09/2008|10:55] C:\Program Files\Messenger Plus! Live
[23/07/2006|21:07] C:\Program Files\MessengerPlus! 3
[06/01/2009|16:13] C:\Program Files\Microsoft
[05/11/2007|11:34] C:\Program Files\Microsoft ActiveSync
[09/05/2007|23:06] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/10/2005|23:36] C:\Program Files\microsoft frontpage
[01/01/2005|19:57] C:\Program Files\Microsoft Office
[06/01/2009|16:19] C:\Program Files\Microsoft Silverlight
[26/10/2007|11:27] C:\Program Files\Microsoft SQL Server Compact Edition
[06/01/2009|16:17] C:\Program Files\Microsoft Sync Framework
[01/01/2005|19:57] C:\Program Files\Microsoft Works
[05/09/2008|09:55] C:\Program Files\Movie Maker
[22/12/2008|22:23] C:\Program Files\Mozilla Firefox
[20/02/2007|14:07] C:\Program Files\MSN
[26/10/2005|23:36] C:\Program Files\MSN Gaming Zone
[19/11/2006|03:01] C:\Program Files\MSXML 4.0
[01/01/2005|19:59] C:\Program Files\muvee Technologies
[19/02/2009|21:20] C:\Program Files\Navilog1
[05/09/2008|09:47] C:\Program Files\NetMeeting
[25/02/2008|16:28] C:\Program Files\NRJ
[26/10/2005|23:36] C:\Program Files\Online Services
[19/11/2007|11:00] C:\Program Files\Online_TV
[10/11/2006|20:34] C:\Program Files\OpenOffice.org 2.0
[27/10/2007|11:31] C:\Program Files\orange
[24/10/2006|21:48] C:\Program Files\Orange HSS
[05/09/2008|10:13] C:\Program Files\Outlook Express
[11/07/2007|13:09] C:\Program Files\Packard Bell
[04/07/2006|16:17] C:\Program Files\Panasonic
[20/02/2008|11:18] C:\Program Files\PC Connectivity Solution
[01/08/2006|12:23] C:\Program Files\PC-Doctor 5 for Windows
[01/04/2008|10:07] C:\Program Files\Pinnacle
[03/02/2009|09:45] C:\Program Files\QuickTime
[13/05/2008|16:15] C:\Program Files\Real
[16/12/2007|21:10] C:\Program Files\Red Kawa
[06/12/2007|21:20] C:\Program Files\ReflexiveArcade
[27/08/2006|19:57] C:\Program Files\Roxio
[17/02/2009|13:40] C:\Program Files\Safari
[04/07/2006|16:00] C:\Program Files\Samsung
[19/02/2009|21:06] C:\Program Files\Services en ligne
[01/01/2005|19:52] C:\Program Files\Sonic
[07/02/2009|14:48] C:\Program Files\Techcity
[05/08/2006|12:44] C:\Program Files\TomCat Soft
[17/02/2009|20:47] C:\Program Files\Trend Micro
[05/07/2006|19:26] C:\Program Files\Ulead Systems
[20/10/2005|20:06] C:\Program Files\Uninstall Information
[27/12/2008|19:35] C:\Program Files\VirtualDJ
[17/07/2007|19:39] C:\Program Files\Wanadoo
[03/07/2006|23:31] C:\Program Files\Wanadoo Messager
[04/07/2006|22:00] C:\Program Files\Webteh
[26/10/2007|11:26] C:\Program Files\Windows Desktop Search
[19/02/2009|14:07] C:\Program Files\Windows Live
[30/11/2007|23:09] C:\Program Files\Windows Live Favorites
[18/12/2008|19:08] C:\Program Files\Windows Live Safety Center
[06/01/2009|16:12] C:\Program Files\Windows Live SkyDrive
[06/01/2009|16:17] C:\Program Files\Windows Live Toolbar
[05/07/2006|19:31] C:\Program Files\Windows Media Components
[19/12/2006|23:09] C:\Program Files\Windows Media Connect 2
[05/09/2008|09:47] C:\Program Files\Windows Media Player
[05/09/2008|09:47] C:\Program Files\Windows NT
[20/10/2005|20:05] C:\Program Files\WindowsUpdate
[16/12/2008|13:12] C:\Program Files\WinRAR
[26/10/2005|23:37] C:\Program Files\xerox
[14/01/2009|17:13] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/07/2007|12:00] C:\Program Files\Fichiers communs\Adobe
[23/12/2008|22:47] C:\Program Files\Fichiers communs\Adobe AIR
[25/11/2008|14:02] C:\Program Files\Fichiers communs\Apple
[09/08/2007|17:18] C:\Program Files\Fichiers communs\AVSMedia
[03/07/2006|23:05] C:\Program Files\Fichiers communs\FotoWire
[01/01/2005|19:37] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2005|19:43] C:\Program Files\Fichiers communs\HP
[01/01/2005|20:06] C:\Program Files\Fichiers communs\InstallShield
[01/01/2005|19:21] C:\Program Files\Fichiers communs\Java
[03/07/2006|23:04] C:\Program Files\Fichiers communs\Logitech
[29/07/2007|12:05] C:\Program Files\Fichiers communs\Magneto Software
[19/02/2009|14:02] C:\Program Files\Fichiers communs\Microsoft Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\MSSoap
[01/01/2005|19:59] C:\Program Files\Fichiers communs\muvee Technologies
[26/10/2005|23:35] C:\Program Files\Fichiers communs\ODBC
[06/08/2008|12:37] C:\Program Files\Fichiers communs\Real
[07/08/2008|18:47] C:\Program Files\Fichiers communs\Sandlot Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\Services
[01/01/2005|19:51] C:\Program Files\Fichiers communs\Sonic Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\SpeechEngines
[01/01/2005|19:51] C:\Program Files\Fichiers communs\SureThing Shared
[17/02/2009|22:22] C:\Program Files\Fichiers communs\Symantec Shared
[05/09/2008|10:13] C:\Program Files\Fichiers communs\System
[01/01/2005|19:52] C:\Program Files\Fichiers communs\TiVo Shared
[05/07/2006|19:26] C:\Program Files\Fichiers communs\Ulead Systems
[06/01/2009|16:05] C:\Program Files\Fichiers communs\Windows Live
[12/05/2008|18:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/08/2008|12:37] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 73 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-19 21:41:56
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 637

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\Live-Player.lnk
C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\Live-Player\Website.url
[b]==> EGDACCESS <==/b

--------------------\\ KoobFace !

C:\WINDOWS\nlmark2.dat
C:\WINDOWS\tgmark2.dat

[F:10][D:5]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:288][D:16]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 19/02/2009|21:34 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 19/02/2009|21:43 - Option : [2]

--------------------\\ Fin du rapport a 21:43:57

Réponse 47 / 266

loloetseb Messages postés 5508 Date d'inscription Statut Membre Dernière intervention 174

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau. (supprimes les anciens rapports avant de relancer le scan)

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...

-> laisse faire le scan et ne touche pas au PC ...

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )

2/Fais un scan complet et repostes un rapport malwarebytes (tu as encore une grosse infection,je te prepare du temps la procedure a suivre avec l'aide de Rsit

Réponse 48 / 266

higgins971

le rapport log.txt

Logfile of random's system information tool 1.05 (written by random/random)
Run by HP_Propriétaire at 2009-02-19 21:56:05
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 101 GB (69%) free of 147 GB
Total RAM: 958 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:17, on 19/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 Mon Edition Spéciale\CalCheck.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\8D3NC71Y\RSIT[1].exe
C:\Program Files\trend micro\HP_Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: 485594 helper - {B935A11E-49AA-43C7-BF1C-3BDEB7120142} - C:\WINDOWS\system32\485594\485594.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Canal Widget] "c:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BboxUpdate] C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O4 - HKLM\..\Run: [Captcha5] rundll "C:\Program Files\captcha5.dll",captcha
O4 - HKLM\..\Run: [systgray2] C:\windows\tag06.exe
O4 - HKLM\..\Run: [sysnltray2] C:\windows\nl07.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: BoontyBox Boonty.com.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Controleur de calendrier pour Mon Edition personnalisee de Ulead Photo Express 4.0.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Watch.lnk = C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - c:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Réponse 49 / 266

higgins971

le rapport info.txt

info.txt logfile of random's system information tool 1.05 2009-02-19 21:56:20

======Uninstall list======

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
4.0M MPEG4 DV-->C:\Program Files\4.0M MPEG4 DV\uninst.exe
7-Zip 4.62-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002}
Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Ad-remover-->C:\Program Files\Ad-remover\Uninstal.exe
Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVS Audio Converter version 4.1-->"C:\Program Files\AVS4YOU\AVSAudioConverter\unins000.exe"
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}
Bbox - Bouygues Telecom - Utilitaire de mise à jour-->C:\Program Files\BboxUpdate\uninstall.exe
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
CANAL WIDGET-->MsiExec.exe /X{09B6B322-325F-4A5F-9051-830ED194A1A7}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Cryptext (Remove Only)-->rundll32 setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\ShellExt\Cryptext.inf
CrypText 20/11/2007-->"C:\Program Files\CrypText\uninstall.exe"
dBpowerAMP AAC to Mp4 Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP AAC to Mp4 Codec.dat
dBpowerAMP FLAC Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat
dBpowerAMP Monkeys Audio Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Monkeys Audio Codec.dat
dBpowerAMP Mp4 Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Mp4 Codec.dat
dBpowerAMP Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
dBpowerAMP Ogg Vorbis Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Ogg Vorbis Codec.dat
dBpowerAMP WMA V9.1 Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
Désinstaller Bouygues Telecom - CD d'installation Bbox-->C:\Program Files\Bbox\eSKernel.exe /Uninstall.xml
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
Digital Photo Navigator 1.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}\setup.EXE" -l0x9
eMule Plus 1.2d-->"C:\Program Files\eMule plus 1.2d\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST
EPSON Image Clip Palette-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0x40c -u
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
GdiplusUpgrade-->MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
ISOpen V4.3-->"C:\Program Files\ISOpen\unins000.exe"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
J2SE Runtime Environment 5.0 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Kiwee Toolbar-->MsiExec.exe /X{12403F20-DE27-4067-B083-A42E8A6432BA}
K-Lite Codec Pack 2.77 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
LUMIX Simple Viewer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}\setup.exe" -l0x40c
Macrogaming SweetIM 2.0-->MsiExec.exe /X{D9BBFA60-4514-4F08-A78F-91957F957495}
Macromedia Flash 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C93C363-414E-11D4-9756-00C04F8EEB39}\Setup.exe" UNINSTALL
Magneto Software Port Scanner ActiveX Control-->MsiExec.exe /X{0959A2B8-A523-4D31-946F-87D194F93F57}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Memonix version 1.5-->"C:\Program Files\Memonix\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
Mozilla Firefox (1.5)-->C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5 (fr)"
MP3 Player Recovery Device Drivers-->C:\WINDOWS\pbmp3\unins000.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E073D315-3C54-44BF-A1B2-B5583AEA618C}\setup.exe" -l0x40c
Navilog1 3.7.4-->"C:\Program Files\Navilog1\unins000.exe"
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
Online TV Toolbar-->C:\PROGRA~1\ONLINE~2\UNWISE.EXE C:\PROGRA~1\ONLINE~2\INSTALL.LOG
OpenOffice.org 2.0-->MsiExec.exe /I{E2055AB2-D1C7-4147-A384-2B4B1C04282B}
Orange Desktop Search-->C:\Program Files\Orange HSS\Orange Desktop Search\uninst.exe
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Panneau de contrôle ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
PC Connectivity Solution-->MsiExec.exe /I{6094AB91-4CC8-498E-9DFF-134CC0B159DE}
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
PIF DESIGNER-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything
Portable MP3 Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20B5E4D0-6DFE-4D5F-B96F-C3B91F272B2D}\setup.exe" -l0x40c
PowerCinema NE for Everio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39CEE1F2-12B6-4C50-9131-04BFCA110578}\setup.exe" -uninstall
PowerCinema-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall
PowerDirector Express-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
PPP over Ethernet-->rundll32.exe pppoe32.dll,Uninstall
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RealArcade-->C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
Roxio RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Safari-->MsiExec.exe /I{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem ^^-->C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
Samsung PC Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
Samsung Samples Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
Sandlot Games Client Services-->"C:\Program Files\Fichiers communs\Sandlot Shared\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
TomCat Soft : Le Pendu-->"C:\Program Files\TomCat Soft\Le Pendu\unins000.exe"
Ulead COOL 360 1.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ulead Systems\Ulead COOL 360\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead COOL 360\IS32Inst.dll"
Ulead Photo Explorer 7.0 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E38E1721-7FE7-11D4-A898-0000E83DCDA6}\Pex6f.exe" -l0x40c
Ulead Photo Express 4.0 Mon Edition Spéciale-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21BCE515-D5A3-11D4-8E33-0010B53EC668}\setup.exe"
Ulead VideoStudio 6 SE Basic-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5404E185-BD7C-4A72-ABD0-91A411A05726}\setup.exe" -l0x40c
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
Videora iPod Converter 2.10-->C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Wanadoo Messager-->C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
Windows Desktop Search 3.01-->"C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUninstallKB894476$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Zylom Games Player Plugin-->"C:\Program Files\Zylom Games\UninstallPlugin.exe" --uninstall

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090218-0]

System event log

Computer Name: NINOBLACK
Event Code: 32
Message: L'assemblage dépendant Microsoft.VC80.MFCLOC ne peut pas être trouvé. La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.

Record Number: 263477
Source Name: SideBySide
Time Written: 20090215183317.000000+060
Event Type: erreur
User:

Computer Name: NINOBLACK
Event Code: 7036
Message: Le service Boonty Games est entré dans l'état : arrêté.

Record Number: 263476
Source Name: Service Control Manager
Time Written: 20090215183204.000000+060
Event Type: Informations
User:

Computer Name: NINOBLACK
Event Code: 7036
Message: Le service Boonty Games est entré dans l'état : en cours d'exécution.

Record Number: 263475
Source Name: Service Control Manager
Time Written: 20090215183104.000000+060
Event Type: Informations
User:

Computer Name: NINOBLACK
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Boonty Games.

Record Number: 263474
Source Name: Service Control Manager
Time Written: 20090215183104.000000+060
Event Type: Informations
User: NINOBLACK\HP_Propriétaire

Computer Name: NINOBLACK
Event Code: 7036
Message: Le service Boonty Games est entré dans l'état : arrêté.

Record Number: 263473
Source Name: Service Control Manager
Time Written: 20090215183000.000000+060
Event Type: Informations
User:

Application event log

Computer Name: NINOBLACK
Event Code: 101
Message:
Record Number: 48318
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090113090737.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NINOBLACK
Event Code: 101
Message:
Record Number: 48317
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090113090737.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NINOBLACK
Event Code: 0
Message:
Record Number: 48316
Source Name: LiveUpdate Notice Service
Time Written: 20090113090735.000000+060
Event Type: Informations
User:

Computer Name: NINOBLACK
Event Code: 0
Message:
Record Number: 48315
Source Name: CLCapSvc
Time Written: 20090113090729.000000+060
Event Type: Informations
User:

Computer Name: NINOBLACK
Event Code: 1
Message:
Record Number: 48314
Source Name: Bonjour Service
Time Written: 20090113090715.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Réponse 50 / 266

loloetseb Messages postés 5508 Date d'inscription Statut Membre Dernière intervention 174

Tu as ce virus denommé koobface que tu as du attrappé sur facebook ou myspace

https://www.01net.com/actualites/le-virus-koobface-attaque-les-utilisateurs-de-facebook-398328.html

Réponse 51 / 266

higgins971

g eu un truc preske similaire mais sur netlog et depuis google ne fonctionne plus

Réponse 52 / 266

higgins971

le msn venait d'1 amie puis il voulais ke j'installe une version améliorée d'adobe reader

Réponse 53 / 266

loloetseb Messages postés 5508 Date d'inscription Statut Membre Dernière intervention 174

Oui fais deja le scan complet malwarebytes,je pense pas qu'il te le detectera.Le temps du scan,j'analyse ton Rsit afin de trouver une solution pour te le virer sans utiliser combofix

Réponse 54 / 266

higgins971

ok merci beaucoup

Réponse 55 / 266

loloetseb Messages postés 5508 Date d'inscription Statut Membre Dernière intervention 174

Le scan malwarebytes est terminé?

Réponse 56 / 266

higgins971

non pas encore

Réponse 57 / 266

loloetseb Messages postés 5508 Date d'inscription Statut Membre Dernière intervention 174

Ok laisses faire le scan finir,ensuite postes le rapport et suis la procedure de genhackman.

Réponse 58 / 266

higgins971

Bonsoir, ok mais j'attends la fin du scan malware ou pas

Réponse 59 / 266

higgins971

ah oui d'accord je fais comme ça

Réponse 60 / 266

loloetseb Messages postés 5508 Date d'inscription Statut Membre Dernière intervention 174

Apres avoir fait la procedure de genhackman,je te conseille vivement de

1/ Supprimer les restes de l'antivirus norton encore present sur ton pc avec l'utilitaire ci desous

http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

2/Supprimer avast par antivir (va dans configuration et coche "detection rootkit au demarrage",puis toujours dans configuration,cliques sur recherche ,puis heuristique,coches niveau elevé).Ensuite fais un scan complet et postes le rapport

Passer de Avast à AntiVir :

Désinstalle via Ajout/Suppression de Programmes (si présents) :

* Avast!

Télécharge et exécute le Désinstalleur d'Avast!. : https://www.avast.com/uninstall-utility
Ceci effacera la majorité des traces du produit Avast! d'Alwil Software.

Télécharge Ccleaner sur ton Bureau. : https://filehippo.com/download_ccleaner/

* Clique sur "download the latest version"
* Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

* Lance le Nettoyage
* Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

Aide : Comment utiliser CCleaner.: http://www.infos-du-net.com/forum/272336-7-Ccleaner-under-construction

***************

Télécharge AntiVir sur ton Bureau.: http://dlce.antivir.com/down/windows/antivir_workstation_winu_fr_h.exe

* Double clique sur l'exécutable téléchargé pour lancer l'installation.
* À la fin de l'installation, clique sur Finish.
* Ouvre Antivir, assure-toi qu’il soit bien à jour !
* Dans l'onglet Protection Locale, choisis Contrôler.
* Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
* Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
* Poste moi le rapport généré : Pour cela, clique sur l'onglet Aperçu, puis choisis Rapports, tu trouveras son rapport..
* Sélectionne le rapport et clique sur l'icône "Afficher le fichier de rapport du rapport sélectionné.

Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

Pourquoi changer ? Avast vs Antivir.:http://forum.malekal.com/ftopic3528.php

Aide : Comment installer et utiliser AntiVir.

http://www.libellules.ch/tuto_antivir.php

Discussions similaires

Win64:Malware-gen

Win64 malware gen

Que fait le virus LPI Win32 Pup-Gen

win32:malware-gen bloqué par avast

tamagotchi version 1 et 2

Votre réponse

Discussions similaires