Sujet Précédent Sujet Suivant

Infection

Résolu/Fermé
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016 - 6 mars 2009 à 14:50
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016 - 14 mars 2009 à 13:50
Bonjour à tous,


Je pense avoir attrapé,une cochonnerie dont je n'arrive pas à me débarrasser. Depuis ce matin, j'ai beaucoup de mal à naviguer, des fenêtres windowsclick s'ouvrent depuis google. Je ne peux plus exécuter spybot, mon Mcafee à l'air d'être désactivé.
J'ai passé Spyware doctor qui semble avoir fait un peu de ménage puisqu'avant je ne pouvais démarrer qu'en mode sans échec mais maintenant il ne termine jamais son scan.

Si quelqu'un pouvait me donner un coup de main ça serait cool.

Merci d'avance,
Toast3r

41 réponses

Réponse 1 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
6 mars 2009 à 14:57
Salut,

- Supprime Spyware Doctor >> cochonnerie


- Telecharges RSIT " Random's System Information Tool " sur ton bureau : http://images.malwareremoval.com/random/RSIT.exe

- Fermes toutes les applications en cours et double clic sur RSIT.exe
- Selectionnes " Continue " à l'ecran >> RSIT va analyser le pc et verifier si l'outil hijackthis ( version à jour) est present sur le pc, si ce n'est pas le cas, RSIT le telechargera >> acceptes la license
- Une fois l'analyse terminée, 2 rapports texte s'ouvrent, log.tx à l'écran et info.txt dans la barre des taches
- Postes le contenu des 2 rapports
0
Réponse 2 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
6 mars 2009 à 15:32
Voilà les rapports.

Le log.txt:
Logfile of random's system information tool 1.05 (written by random/random)
Run by d.pelletier at 2009-03-06 15:15:30
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 53 GB (52%) free of 104 GB
Total RAM: 2038 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:16, on 06/03/09
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Tanagra\Memeo\MemeoService.exe
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\WINDOWS\system32\cisvc.exe
C:\program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Option\GlobeTrotter Mobility Manager\GtDetectSc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe
C:\WINDOWS\INCOPS3\ictray.exe
C:\Program Files\Fichiers communs\MicroWorld\Agent\MWASER.EXE
C:\Program Files\Fichiers communs\MicroWorld\Agent\MWAgent.exe
C:\WINDOWS\System32\PCOUNTER.EXE
C:\Program Files\Fichiers communs\Logitech\Pen\Phal\Service\LPhal.exe
C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\FASOOD~1\fph.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Fasoo DRM\fpm.exe
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Network Associates\Common Framework\McTray.exe
C:\Program Files\SmarThru Office\BackUpSvr.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Samsung\NetworkScan\NSCSysTrayUI.exe
C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
C:\WINDOWS\Twain_32\Samsung\CLX6200\Scan2pc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\MP4 Player\mp4Player.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Anoto\penDirector\penDirector.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Tanagra\Memeo\MemeoBackup.exe
C:\Program Files\Fichiers communs\Anoto\4.1\DockingEngine.exe
C:\Documents and Settings\d.pelletier\Bureau\RSIT.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\HijackThis\d.pelletier.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.samsung.com/fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 106.10.1.2 single
O1 - Hosts: 106.102.1.250 chronotic
O1 - Hosts: 106.102.1.253 alea_nt
O1 - Hosts: 106.102.1.254 nt-dhcp
O1 - Hosts: 106.102.1.200 megateuf
O1 - Hosts: 106.102.1.220 terateuf
O1 - Hosts: 106.102.1.233 frontal
O1 - Hosts: 106.102.1.229 7ici
O1 - Hosts: 106.102.1.247 samsung_france
O1 - Hosts: 106.102.1.238 nw-backup
O1 - Hosts: 106.102.1.213 bc_prod
O1 - Hosts: 106.102.1.252 gpadl360
O1 - Hosts: 106.102.1.230 srvbdc1
O1 - Hosts: 106.102.1.235 sef-dc
O1 - Hosts: 165.213.249.10 gits
O1 - Hosts: 165.213.248.113 seckm2
O1 - Hosts: 165.213.251.170 secbk0
O1 - Hosts: 165.213.251.172 secbk1
O1 - Hosts: 168.219.175.8 secsw2
O1 - Hosts: 165.213.251.151 singlekc0
O1 - Hosts: 165.213.251.153 singlekc1
O1 - Hosts: 165.213.249.246 singlekc2
O1 - Hosts: 165.213.251.157 singlekc3
O1 - Hosts: 165.213.251.159 singlekc4
O1 - Hosts: 168.219.229.200 singlesw0
O1 - Hosts: 168.219.229.201 singlesw1
O1 - Hosts: 168.219.229.202 singlesw2
O1 - Hosts: 168.219.229.203 singlesw3
O1 - Hosts: 168.219.229.204 singlesw4
O1 - Hosts: 168.219.229.205 singlesw5
O1 - Hosts: 168.219.229.206 singlesw6
O1 - Hosts: 168.219.229.207 singlesw7
O1 - Hosts: 12.26.2.101 singlekh0
O1 - Hosts: 12.26.2.103 singlekh1
O1 - Hosts: 12.26.2.105 singlekh2
O1 - Hosts: 12.26.2.107 singlekh3
O1 - Hosts: 12.26.2.131 singlekh4
O1 - Hosts: 12.26.2.133 singlekh5
O1 - Hosts: 12.26.2.144 singlekh6
O1 - Hosts: 165.213.249.210 singlekm0
O1 - Hosts: 165.213.249.212 singlekm1
O1 - Hosts: 165.213.249.214 singlekm2
O1 - Hosts: 165.213.249.216 singlekm3
O1 - Hosts: 165.213.249.240 singlekm4
O1 - Hosts: 165.213.249.242 singlekm5
O1 - Hosts: 165.213.249.244 singlekm6
O1 - Hosts: 70.2.130.35 zircon.sds.co.kr zircon
O1 - Hosts: 70.2.130.45 euclase.sds.co.kr euclase
O1 - Hosts: 70.2.100.10 acube
O1 - Hosts: 70.2.240.20 joseon2
O1 - Hosts: 70.2.240.10 joseon
O1 - Hosts: 106.10.1.2 samuro single
O1 - Hosts: 106.10.1.195 euroixos
O1 - Hosts: 106.101.6.10 ste.bz
O1 - Hosts: 106.10.1.152 newprod
O1 - Hosts: 106.10.1.25 eurodev
O1 - Hosts: 210.118.76.142 eu.samsungvpn.com
O1 - Hosts: 168.219.71.180 mdscm.sec.samsung.net
O1 - Hosts: 210.118.57.133 www.samsunggrms.com
O1 - Hosts: 203.254.199.140 w1.samsung.net
O1 - Hosts: 106.102.1.25 Samsung_Print_Srv
O2 - BHO: WebDC - {4aaa2f98-2d2f-4938-afb1-3ec1b51c41d9} - C:\Program Files\Fasoo DRM\f_webdc.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7D763236-738B-46BE-B828-8B3D7A1E29AD} - C:\WINDOWS\system32\opnLCtuT.dll (file missing)
O2 - BHO: PMURLMObj Class - {922C022A-E97F-4FB6-890E-D167DA951D5E} - C:\WINDOWS\INCOPS3\PMURLMon.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [FPH Exe] "C:\PROGRA~1\FASOOD~1\fph.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [FPM Exe] "C:\Program Files\Fasoo DRM\fpm.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [STO Backup Service] C:\Program Files\SmarThru Office\BackUpSvr.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NSCSysTrayUI] "C:\Program Files\Samsung\NetworkScan\NSCSysTrayUI.exe" /HIDEUI
O4 - HKLM\..\Run: [Logan_S2P] C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [dc6da1b2] rundll32.exe "C:\WINDOWS\system32\leoevbjx.dll",b
O4 - HKLM\..\Run: [6200 Scan2PC] "C:\WINDOWS\Twain_32\Samsung\CLX6200\Scan2pc.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MP4 Player] "C:\Program Files\MP4 Player\mp4Player.exe" hmw
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Memeo Launcher.lnk = ?
O4 - Global Startup: Anoto penDirector.lnk = ?
O4 - Global Startup: Anoto_Router_dpelletier.jnlp
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection par capture - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra 'Tools' menuitem: Sélection par capt - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra button: Enregistrer le texte sélectionné - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra 'Tools' menuitem: Enregistrer le text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra button: Enregistrer au format HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra 'Tools' menuitem: Enregistrer a - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HttpWatch Basic - {D103E85B-5D67-42c1-8C83-F01079DBAB26} - C:\Program Files\HttpWatch\httpwatch.dll
O9 - Extra 'Tools' menuitem: HttpWatch Basic - {D103E85B-5D67-42c1-8C83-F01079DBAB26} - C:\Program Files\HttpWatch\httpwatch.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\anywall3.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\anywall3.dll
O11 - Options group: [java_sun] Java (Sun)
O15 - Trusted Zone: *.samsung-emp.com
O15 - Trusted Zone: *.sec.samsung.com
O15 - Trusted Zone: http://*.samsung.net
O15 - Trusted Zone: *.samsunggsbn.com
O15 - Trusted Zone: *.samsungportal.com
O15 - Trusted Zone: http://*.samsungvpn.com
O15 - Trusted Zone: *.samsungwireless.com
O16 - DPF: {00B4EB57-5F54-4A6A-BC1A-DE9ABA26C0E2} (EPWrapsodyVersion Class) - http://drm.samsung.net/activex/EPDRM.fasoo.cab
O16 - DPF: {036F8A56-0BC8-4607-8F98-D3231E6FF5ED} (CentraUpdaterAxCtl Class) - http://210.118.63.201:8080/SiteRoots/main/Install/win32/CentraUpdaterAx.cab
O16 - DPF: {03F49E0E-C43A-4037-BBD6-D681E998A08E} (CodeAx Class) - http://sso.sec.samsung.net/cabfiles/CM_CodeAx.cab
O16 - DPF: {08BCD971-A13B-4D6E-A2A5-E9B2324FC00D} (ClientEXE Class) - http://europe.samsungportal.com/EP/web/common/cabfiles/CM_ClientEXE.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab
O16 - DPF: {124250DD-E2CC-4B5B-AE7E-C9AC8A11DF43} (StreamNote2 Control) - http://gppm.sec.samsung.net/SIMSV3_Manual/StreamNote2.cab
O16 - DPF: {18C690F8-769B-4F07-A687-0FC0D45FFCC8} (ManCertCtrl Class) - https://partnerlogin.samsungelectronics.com/ko/secui/SecuiB2BIE-ko.cab
O16 - DPF: {223216F6-B9FE-406D-9ED6-143FCE3A07B8} (MxLogicalTRU Class) - file:///C:/WINDOWS/Temp/MxLogicalTRU.cab
O16 - DPF: {2FF8F8B7-1B3F-4E5F-93B1-FEF1D703C0F4} (LocalTree.LocalXMLTree) - http://w1.samsung.net/cabs/LocalFolder2004/Cab/mySingleLocal_U.cab
O16 - DPF: {3042C30E-50B7-44EF-B4B6-C9AB391DEF78} (Manager Class) - http://eofficeeu.sec.samsung.net:8088/eoffice1/gauce/cabfiles/Manager.cab
O16 - DPF: {3F3531B7-024F-48F5-A159-F45949473CFE} (SVPNSmartAgent Class) - http://eu.samsungvpn.com/english/data/cabFile/SVPNModule.cab
O16 - DPF: {4D054067-DE3A-48F9-B19B-BCD229B9AE8D} (PrinterHelpEtcActiveX Control) - http://www.samsungdp.com/printerhelp/ActiveX/DrPrinter.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6EA553AE-9B6D-4025-B3A9-CC3454F86E7B} (IssacSamNetCls Class) - file:///C:/DOCUME~1/D4C71~1.PEL/LOCALS~1/Temp/SamNetIssac.cab
O16 - DPF: {714E667D-360C-4BFB-8C1A-E4812B608CC1} (ACUBETrustChecker Control) - http://europe.samsungportal.com/EP/web/common/cabfiles/ACUBETrustChecker.cab
O16 - DPF: {71E7ACA0-EF63-4055-9894-229B056E9C31} (MxGridU Class) - file:///C:/WINDOWS/Temp/MxGridU.cab
O16 - DPF: {7D73D9AC-9E28-47E7-B496-867A2341DD6F} (PdssRun Class) - http://eu.ghr.sec.samsung.net:8801/activex/pdss40.cab
O16 - DPF: {88DDFD7D-14F7-4E89-8F85-737B90B1A0D0} (mySingleTrust.ClsMain) - http://w1.samsung.net/cabs/LocalFolder2004/Cab/mySingle_Trust.CAB
O16 - DPF: {934CEFDC-E880-446F-880F-6560F613D8AA} (FCliVer Class) - http://drm.samsung.net/activex/fclient.cab
O16 - DPF: {9683681E-FAD6-45F1-86B3-FD60C7101BC9} (MxReportU Class) - file:///C:/WINDOWS/Temp/MxReportU.cab
O16 - DPF: {9D67EBF0-AF1A-4BCE-BAC9-C84A9383E0B3} (SSOCheck Class) - http://europe.samsungportal.com/EP/web/common/cabfiles/UniSSOCheck.cab
O16 - DPF: {9F0AA341-1D10-4B18-B70B-6AA49CE7F5D6} (MxImageSetU Class) - file:///C:/WINDOWS/Temp/MxImageSetU.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - file:///C:/DOCUME~1/D4C71~1.PEL/LOCALS~1/Temp/kdfense8.cab
O16 - DPF: {AF989B7C-8AC3-40BC-B749-EB335BDFD190} (MxDataSetU Class) - file:///C:/WINDOWS/Temp/MxDataSetU.cab
O16 - DPF: {B06ECF02-E502-4737-BA32-91CA0CECFBD1} (MultiDownload Control) - http://europe.samsungportal.com/km/htdocs/include/cabfiles/MultiDownload.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BB4533A0-85E0-4657-9BF2-E8E7B100D47E} (MxComboU Class) - file:///C:/WINDOWS/Temp/MxComboU.cab
O16 - DPF: {BB783B43-D0E8-4EF2-A275-D147A4709E4E} (Treeview Control) - http://ecms.samsungelectronics.com/include/activex/treeview.cab
O16 - DPF: {C4D88B8E-352B-11D6-BF77-0080C740A177} (Setup Class) - http://europe.samsungportal.com/EP/web/common/cabfiles/ActiveXSetup.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D7779973-9954-464E-9708-DA774CA50E13} (MxMaskEditU Class) - file:///C:/WINDOWS/Temp/MxMaskEditU.cab
O16 - DPF: {DE6ABA6A-095B-43E3-BEBB-879868DC5C8A} (SSLinks Control) - http://mysingle5.samsung.net/portalWeb/cabs/messenger/SSLinks.cab
O16 - DPF: {DF1AD5D9-977A-4A1F-9392-2AFFCCE6211F} (IxSheet Control) - http://edms-ab.sec.samsung.net/edms/lib/IxSheet_U.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://samsungepm.webex.com/client/T26L/webex/ieatgpc.cab
O16 - DPF: {E1D1DACA-5BA2-4376-89AD-3A213B916779} (IBLeaders IBSheet For Unicode Control) - http://eu.ghr.sec.samsung.net:8801/activex/IBSheet4Unicode.CAB
O16 - DPF: {E463DD62-1D07-425E-B82A-539FBA2F4162} (GSBN_Updater.UserControl1) - https://www.samsunggsbn.com/PSI3/Cab/GSBN_Updater.CAB
O16 - DPF: {F2B7C894-49BD-4582-A142-0AE1C99460C2} (CodeAxNew Class) - http://stels.sec.samsung.com/common/cabfiles/CM_CodeAxNew.cab
O16 - DPF: {F36BB72B-9876-4C6D-B22F-D68E480A39B5} (XFileUploadListDown.ListDownCTL) - http://www.samsungprins.com/F_Include/XFileUpload/XFileUpload_OnlyOne.CAB
O16 - DPF: {F9C6BABD-843A-419E-996A-8FB7C8F77A78} (MakeProductKeyOCX Control) - http://www.samsungprins.com/f_product/Pims_download/productkey.cab
O16 - DPF: {FEA96871-7BA4-496B-B020-6B078839891E} (SVPNEnvCheck Control) - file:///C:/DOCUME~1/D4C71~1.PEL/LOCALS~1/Temp/SVPNEnvModule.cab
O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} (Plaxo Auto-Import Utility) - https://www.xfinity.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sef_dms.lan
O17 - HKLM\Software\..\Telephony: DomainName = sef_dms.lan
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sef_dms.lan
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = sef_dms.lan
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = sef_dms.lan
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: mnhbvp.dll
O20 - Winlogon Notify: wlic3 - C:\WINDOWS\SYSTEM32\WLIC3Pk.dll
O20 - Winlogon Notify: yayxvWQK - yayxvWQK.dll (file missing)
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Memeo (BMUService) - Tanagra, Inc. - C:\Program Files\Tanagra\Memeo\MemeoService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Franson GpsGate 2.0 - Unknown owner - C:\Program Files\Franson\GpsGate 2.0\GpsGateService.exe
O23 - Service: gateman - SDS - C:\WINDOWS\incops3\gateman.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Option\GlobeTrotter Mobility Manager\GtDetectSc.exe
O23 - Service: GTMM Device Service - Option nv - C:\Program Files\Option\GlobeTrotter Mobility Manager\GtmmDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Program Files\Fichiers communs\MicroWorld\Agent\MWASER.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pcounter Data Server (PcounterData) - A.N.D. Technologies, Inc. - C:\WINDOWS\System32\PCNTDATA.EXE
O23 - Service: Pcounter Printer Control (PcounterPrint) - A.N.D. Technologies, Inc. - C:\WINDOWS\System32\PCOUNTER.EXE
O23 - Service: Digital Pen rendezvous server (PenRendezvous) - Logitech - C:\Program Files\Fichiers communs\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: Digital Pen Socket to USB protocol (PenSup) - Logitech - C:\Program Files\Fichiers communs\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
0
Réponse 3 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
6 mars 2009 à 15:33
fin du log.txtx
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-06-29 92792]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2006-02-14 221191]
S4 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2006-06-08 29184]
S4 winfil32;winfil32; C:\WINDOWS\system32\winfil32.exe [2006-09-14 77824]

-----------------EOF-----------------
0
Réponse 4 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
6 mars 2009 à 15:34
La fin du log.txt

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-06-29 92792]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2006-02-14 221191]
S4 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2006-06-08 29184]
S4 winfil32;winfil32; C:\WINDOWS\system32\winfil32.exe [2006-09-14 77824]

-----------------EOF-----------------
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
6 mars 2009 à 15:34
et l'info.txt
info.txt logfile of random's system information tool 1.05 2009-03-06 15:16:30

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E47302B-8081-46D3-9FEA-BEB2E5F5C3EC}\setup.exe" -l0x40c anything
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
ACUBE UniSSOTray V1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{817DE62F-5787-43BB-8877-5F81FAE5A823}\Setup.exe" UNINSTALL
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat 6.0.1 Standard - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-BA7E-000000000001}
Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
Adobe Acrobat and Reader 6.0.4 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
Adobe Acrobat and Reader 6.0.5 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
Adobe Acrobat and Reader 6.0.6 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000606}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
ALZip-->"C:\Program Files\ALZip\unins000.exe"
Anoto penDirector 1.1.2.0-->MsiExec.exe /I{770E1C5A-8004-4875-BC53-C10142432392}
Anoto penPresenter 1.0.0.0-->MsiExec.exe /I{90D69E02-3FE9-493D-B43F-B78FD3A02B72}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Aspell French Dictionary-0.50-3-->"C:\Program Files\Aspell\unins001.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
Atheros WLAN Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B18B7901-4025-4BFF-9DA2-BCC45F594DE2}\setup.exe" -l0x40c
AVStation Premium 3.75-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{BA7AF70A-F81B-40EF-9268-741A7DE3D608} /l1036
Bibliothèques GTK+ 2.12.12 rev a (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe
BtwMfcMM-->MsiExec.exe /I{D5B46D30-F054-4C64-9C0F-97C8451E7D04}
CANAL WIDGET-->MsiExec.exe /X{09B6B322-325F-4A5F-9051-830ED194A1A7}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDex extraction audio-->"C:\Program Files\CDex_150\uninstall.exe"
Centra Client-->C:\PROGRA~1\Centra\Client\bin\updater.exe -uninstall
Connection Manager-->MsiExec.exe /I{1268E742-C02A-489F-A8A3-BAE48FCED6E9}
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
DisplayManager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -l0x9 -removeonly
DivX Author 1.5-->C:\Program Files\DivX\DivX Author 1.5\DivXAuthorUninstall.exe /DIVX_AUTHOR
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Documentation de PlanetPress Suite 6-->MsiExec.exe /X{CD53CCA4-83BA-4D0E-96E2-AF559B0AFF92}
Driver Detective-->C:\Program Files\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
EudoSync-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Eudoweb\EudoSync\DeIsL1.isu" -c"C:\Program Files\Eudoweb\EudoSync\_ISREG32.DLL"
Favorit-->"c:\documents and settings\d.pelletier\local settings\application data\cecedxtx.exe" -uninstall
Favorit-->"c:\documents and settings\d.pelletier\local settings\application data\cqelbvd.exe" -uninstall
FileZilla Client 3.1.5.1-->C:\Program Files\FileZilla Client\uninstall.exe
Foxit PDF Editor-->C:\Program Files\Foxit Software\PDF Editor\uninstall.exe
Foxit PDF Suite-->C:\Program Files\Foxit Software\Uninstall.exe
Franson GpsGate 2.6-->MsiExec.exe /I{8A0E9B9D-7E20-4B86-870D-70434207AD0B}
GlobeTrotter Mobility Manager-->MsiExec.exe /X{427D8359-6D2E-4C9E-ACF9-CF595CED1DB6}
GNU Aspell 0.50-3-->"C:\Program Files\Aspell\unins000.exe"
GpsGate-->C:\Program Files\Microsoft ActiveSync\GpsGate\Uninstall.exe GpsGate
GTK+ 2.10.13 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\setup\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\HijackThis\HijackThis.exe" /uninstall
HttpWatch Basic 5.3.20-->C:\Program Files\HttpWatch\uninstall.exe
IBE RegEditor for Pocket PC-->"C:\Program Files\IBE\Registry Editor for Pocket PC\unins000.exe"
ImageMagick 6.3.6-3 Q16 (10/15/07)-->"C:\Program Files\ImageMagick-6.3.6-Q16\unins000.exe"
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
JScribe Software Development Kit 4.0-->MsiExec.exe /I{75587AC2-3EF2-4358-81F7-EC678723DF76}
JScribe Software Development Kit 4.1-->MsiExec.exe /I{2A555B4D-1B72-4220-A9EF-3385EDD868A5}
JTalk 4.0.1-->MsiExec.exe /I{C2575698-5709-4EF8-8912-FEDCCA931A9D}
K-Defense8 Control - Å°º¸µå º¸¾È-->C:\WINDOWS\system32\uninstallkdf8.exe
K-Lite Codec Pack 3.2.5 Standard-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Korean Fonts Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5670-0000-800000000003}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
LiveUpdate 2.0 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Lizardtech DjVu Control (autoinstall)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\DjVuLite.us.inf,DefaultUninstall,5
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Magic Keyboard-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD723E53-A42C-4702-AA04-1D74A0311590}\Setup.exe" -l0x9 Remove
Management Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17CA6206-7109-4426-8EE0-1BD0BE54BCC9}\setup.exe" -l0x9 -removeonly
McAfee VirusScan Enterprise-->MsiExec.exe /I{4DCA2739-9D16-4B55-808C-E72CD70A5BD3}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Metro-->C:\Program Files\Microsoft ActiveSync\Metro\Uninstall.exe Metro
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2003 French User Interface Pack-->MsiExec.exe /I{901E040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server Compact 3.5 Design Tools ENU-->MsiExec.exe /X{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}
Microsoft SQL Server Compact 3.5 ENU-->MsiExec.exe /I{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual Basic 2005 Express - FRA-->C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Basic 2005 Express Edition - FRA\setup.exe
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
MIS DecisionWare - Alea-->MsiExec.exe /I{D69D9D17-EF4B-45B5-B132-2A451C56DB59}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox 3\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MP4 Player -->C:\Program Files\MP4 Player\uninst.exe
MSDN Library for Microsoft Visual Studio 2008 Express Editions-->C:\Program Files\Microsoft Visual Studio 9.0\MSDN Library for Microsoft Visual Studio 2008 Express Editions\install.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\setup.exe /uninstall ExtraUninstallID=""
Network Fax Printer-->C:\Program Files\InstallShield Installation Information\{80078570-6C67-486C-8CF0-B0D778FC69B5}\setup.exe -runfromtemp -l0x0009 -removeonly
Numérisation en réseau-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98357EB8-C10E-414A-A6EC-F3392EA97D35}\Setup.exe" -l0x40c
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Orange Plug-in messagerie vocale 888-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}\Setup.exe" -l0x40c --AddRemove
palmOne-->MsiExec.exe /X{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}
PDM Version 4.1-->"C:\Program Files\PDM\unins000.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Readiris Pro 10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}\setup.exe" -l0x40c
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Registry Easy v4.2-->"C:\Program Files\Registry Easy\unins000.exe"
Rose-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAB45137-6282-4258-A200-4A7375B2E49C}\setup.exe" -l0x9 -removeonly
Samsung Battery Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\Setup.exe" -l0x9 Remove
Samsung CLP-660 Series-->C:\Program Files\Samsung\Samsung CLP-660 Series\Install\Setup.exe /R
Samsung CLX-6200 Series-->C:\Program Files\Samsung\Samsung CLX-6200 Series\Install\Setup.exe /R
SAMSUNG Dr. Printer -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DB87EAC-F695-4D59-9609-C93119AE6B35}\setup.exe" -l0x40c -removeonly
Samsung Flash Form Solution-->C:\Program Files\Samsung\Samsung Flash Form Solution\Install\Setup.exe /R
Samsung Media Studio 5-->"C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung ML-2850 Series-->C:\Program Files\Samsung\Samsung ML-2850 Series\Install\Setup.exe /R
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{A620E308-2124-4A35-BA95-F1CAEF538CB9}
SAMSUNG Mobile USB Modem ^^-->C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung Network Manager 2.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735} /l1036
Samsung Network PC Fax-->C:\WINDOWS\prinst.exe /m"Samsung" /u"Samsung Network PC Fax"
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung Samples Installer-->"C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung SCX-4500 Series-->C:\Program Files\Samsung\Samsung SCX-4500 Series\Install\Setup.exe /R
Samsung SCX-5x30 Series-->C:\Program Files\SAMSUNG\Samsung SCX-5x30 Series\Install\Setup.exe /R
Samsung SCX-6x45 Series-->C:\Program Files\SAMSUNG\Samsung SCX-6x45 Series\Install\Setup.exe /R
Samsung Update Plus-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{685707A4-911C-468D-BFC4-64A50E5E3A0C} /l1036
SAP Front End-->"C:\Program Files\SAP\FrontEnd\setup\sapsetup.exe" /uninstall
SciTE 1.57-->"C:\Program Files\SciTE Source Code Editor\unins000.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SENS LT56ADW Modem-->agrsmdel
SetIP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C206015D-DAC5-407C-A54B-6D7776A0881C}\Setup.exe" -l0x40c
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{09959E11-AD5D-408E-96AF-E3346954D6B8}
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}
SimsCsStart-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AE1BA7AE-21A3-4B53-863D-0AA39D2E9D9B}\Setup.exe" -l0x9
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmarThru 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{90F1943D-EA4A-4460-B59F-30023F3BA69A}\Setup.exe" -l0x40c uninstall -l040c
SmarThru Office PC Fax-->C:\WINDOWS\prinst.exe /m"Samsung" /u"SmarThru Office PC Fax"
SmarThru Office-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}\Setup.exe" -l0x40c uninstall -l040c
SmarThru PC Fax-->C:\WINDOWS\prinst.exe /m"Samsung" /u"SmarThru PC Fax"
Smartione-->"C:\Program Files\Smartione\unins000.exe"
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
Spamihilator-->"C:\Program Files\Spamihilator\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
THE Rename 2.1.6-->"C:\Program Files\THE Rename\unins000.exe"
Thunderbird-Tray-->C:\Program Files\Thunderbird-Tray\TBTray-Uninstall.exe
Unlocker 1.8.5-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
Update for Windows Internet Explorer 7 (KB928089)-->"C:\WINDOWS\ie7updates\KB928089\spuninst\spuninst.exe"
User's Guide-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF99C14B-17C2-4994-B5C1-EB204A343A6F}\Setup.exe" Remove
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM-->MsiExec.exe /I{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 MFC (x86) WinSXS MSM-->MsiExec.exe /I{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM-->MsiExec.exe /I{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}
Visual C++ CRT 8.0-->MsiExec.exe /I{B2395631-54D5-481E-B9A8-74B269546F40}
Visual C++ CRT 9.0 SP1-->MsiExec.exe /I{EC25B803-4BDB-47F7-B877-FCE7D7966C0F}
Visual C++ CRT 9.0-->MsiExec.exe /I{9ED38F62-7A50-4145-8C5D-0FCFFBF10A7B}
Visual Studio 2005 Tools pour Office Second Edition Runtime-->C:\Program Files\Fichiers communs\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
VisualGPSce-->C:\Program Files\Microsoft ActiveSync\VisualGPSce\Uninstall.exe VisualGPSce
Visualizer Photo Resize-->MsiExec.exe /I{838F0053-8744-4B63-8819-CC44C06308AC}
VLC media player 0.9.2-->C:\Program Files\VLC\uninstall.exe
VMware Infrastructure Update-->MsiExec.exe /X{D93B70D2-4DA4-4F6F-9DC8-72D08F74A386}
VPN Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\setup.exe" -l0x9 VpnUninstall
WebEx-->C:\WINDOWS\DOWNLO~1\atcliun.exe
WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 4.0.1-->C:\Program Files\WinPcap\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Wireshark 0.99.6a-->"C:\Program Files\Wireshark\uninstall.exe"
WorkgroupShare Client-->C:\Program Files\WorkgroupShare Client\UninstallWSClient.exe
WOW XT and TSXT Filter Driver-->MsiExec.exe /X{A48A8684-A104-44DA-B3DF-0178A125D8D9}
X11 VR Showroom-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C1842F45-BD7E-4BFD-9A81-40D1E35A59B4} /l1036

=====HijackThis Backups=====

O20 - Winlogon Notify: wlic3 - C:\WINDOWS\SYSTEM32\WLIC3Pk.dll
O15 - Trusted IP range: 106.10.1.122
O15 - Trusted IP range: 106.10.1.225
O15 - Trusted IP range: 165.213.254.115
O15 - Trusted IP range: 165.213.254.82
O15 - Trusted IP range: 106.10.1.223
O15 - Trusted IP range: 106.10.1.227
O15 - Trusted IP range: 106.10.1.221
O15 - Trusted IP range: 165.213.251.209
O23 - Service: winfil32 - SDS - C:\WINDOWS\system32\winfil32.exe

======Hosts File======

127.0.0.1 activate.adobe.com
106.10.1.2 single
106.102.1.250 chronotic
106.102.1.253 alea_nt
106.102.1.254 nt-dhcp
106.102.1.200 megateuf
106.102.1.220 terateuf
106.102.1.233 frontal
106.102.1.229 7ici
106.102.1.247 samsung_france

System event log

Computer Name: PELLETIERX11
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 5
Source Name: EventLog
Time Written: 20090306104930.000000+060
Event Type: Informations
User:

Computer Name: PELLETIERX11
Event Code: 9
Message: Broadcom NetXtreme Gigabit Ethernet: Network controller configured for 100Mb full-duplex link.

Record Number: 4
Source Name: b57w2k
Time Written: 20090306104604.000000+060
Event Type: Informations
User:

Computer Name: PELLETIERX11
Event Code: 15
Message: Broadcom NetXtreme Gigabit Ethernet: Driver initialized successfully.

Record Number: 3
Source Name: b57w2k
Time Written: 20090306104604.000000+060
Event Type: Informations
User:

Computer Name: PELLETIERX11
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20090306104556.000000+060
Event Type: Informations
User:

Computer Name: PELLETIERX11
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090306104556.000000+060
Event Type: Informations
User:

Application event log

Computer Name: PELLETIERX11
Event Code: 35
Message: Impossible de déterminer si la banque se trouve dans l'étendue d'analyse (erreur=0x8007043c).

Record Number: 21799
Source Name: Outlook
Time Written: 20090306131615.000000+060
Event Type: erreur
User:

Computer Name: PELLETIERX11
Event Code: 35
Message: Impossible de déterminer si la banque se trouve dans l'étendue d'analyse (erreur=0x8007043c).

Record Number: 21798
Source Name: Outlook
Time Written: 20090306131615.000000+060
Event Type: erreur
User:

Computer Name: PELLETIERX11
Event Code: 35
Message: Impossible de déterminer si la banque se trouve dans l'étendue d'analyse (erreur=0x8007043c).

Record Number: 21797
Source Name: Outlook
Time Written: 20090306131615.000000+060
Event Type: erreur
User:

Computer Name: PELLETIERX11
Event Code: 35
Message: Impossible de déterminer si la banque se trouve dans l'étendue d'analyse (erreur=0x8007043c).

Record Number: 21796
Source Name: Outlook
Time Written: 20090306131615.000000+060
Event Type: erreur
User:

Computer Name: PELLETIERX11
Event Code: 35
Message: Impossible de déterminer si la banque se trouve dans l'étendue d'analyse (erreur=0x8007043c).

Record Number: 21795
Source Name: Outlook
Time Written: 20090306131615.000000+060
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=c:\program files\imagemagick-6.3.6-q16;C:\Program Files\Fichiers communs\Anoto\gs\gs8.61\lib;C:\Program Files\Fichiers communs\Anoto\gs\gs8.61\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung PC Studio 3;C:\Program Files\MIS\Alea\bin;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\ALZip\;C:\Program Files\MIS\Alea\bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0f02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"LANG"=fr
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 6 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
6 mars 2009 à 15:35
Désolé pour le multi-post mais j'ai vraiment des soucis. J'espère que tu as tout.

Merci de ton aide.
0
Réponse 7 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
6 mars 2009 à 15:52
Ok, je regardes toute de suite !
0
Réponse 8 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
6 mars 2009 à 16:24
Telecharges Ccleaner : https://filehippo.com/download_ccleaner/

- Pendant l'installation, décoches la case proposant la barre Yahoo et celle proposant d'ajouter l'options des mises a jours..
- Une fois installé, fermes toutes les applications en cours et lances Ccleaner
- clic sur mode avancé et décoche la case " effacer les fichiers du....plus vieux que 48h, ne touches pas aux autres parametres
- Clic sur "Nettoyeur " >> " analyse " >> et lances le nettoyage, puis refermes le programme
telecharge SDFix sur ton bureau : http://downloads.andymanchesta.com/RemovalTools/SDFix.exe



- Fermes toutes les applications en cours, puis double clic sur le raccourci de ton bureau
- Clic sur " Install " pour l'extraire dans un dossier dedié

- Redemarres ton pc en mode sans echec :
- Au demarrage du pc, tapotes sur la touche F8 ou F5 du clavier juste aprés le bip du bios et avant le logo " windows "
- Un ecran avec plusieurs choix apparaitra > selectionnes " mode sans echec " et valides par la touche " Entrée " de ton clavier

- Une fois en " mode sans echec " , ouvres le fichier créé, puis double clic sur " Runthis.bat "
- Une fenetre noir apparait, appuies sur la touche " Y " pour lancer le nettoyage
- Le bureau va disparaitre, c'est normal
- L'outil va travailler, patientes jusqu'à la fin du scan
- Une fois terminé, Sdfix te signalera que l'ordi doit redemarrer, acceptes en pressant une touche..
- Le pc va redemarrer en mode normal, une fois ton bureau en place, il va générer un rapport
- Sauvegardes le et poste son contenu ( tu le trouveras aussi à c:\report.txt)
0
Réponse 9 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
6 mars 2009 à 17:13
J'ai un gros soucis là. Je ne peux pas démarrer en mode sans échec. Lorsque j'essaie, il se met bien en sans échec , me demande mon mdp mais il reboote ensuite.

Une autre idée?
0
Réponse 10 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
6 mars 2009 à 17:28
- Telecharges Combofix et enregistres le sur ton bureau

http://download.bleepingcomputer.com/sUBs/ComboFix.exe -

/!\ Desactives ton antivirus et la garde de ton antispyware ( si tu en as un) /!\

- Deconnectes toi et fermes toutes les applications en cours
- Double clic sur Combofix.exe >> un message apparait > réponds " oui "
- ( Il est conseillé d'installer la console de recuperations)
- Selectionnes la langue et presse la touche 1 ( yes) pour lancer le scan

/!\ Ne touche ni à la souris, ni au clavier durant le scan, cela pourrait figer l'ordi /!\

- A la fin du scan, Combofix aura besoin de redemarrer pour finir la desinfection, laisses le faire
- Une fois terminé, un rapport s'affiche, poste son contenu que tu peux aussi trouver à c:\combofix.txt
0
Réponse 11 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
6 mars 2009 à 19:51
Re...

Alors comme je n'arrivais plus à rien, j'ai démonté mon disque, je l'ai mis dans un boitier externe et je l'ai scanné à partir d'un autre PC avec AVG Free. Il a trouvé pas moins de 5 infections différentes mais n'en a nettoyé que 3.

Ça à l'air de marcher un peu mieux maintenant mais je ne sais pas si je dois reprendre la procédure là où on l'a laissée ou si tu veux que je recommence tout à zéro.

Je ne suis pas là ce soir mais je devrais être assez dispo ce week-end. J'attends tes instructions en te remerciant encore une fois pour ton aide.

Toast3r
0
Réponse 12 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
6 mars 2009 à 20:00
- Essayes comme ceci, tu devrais y arriver :

- Telecharges Malwarebytes' Anti-Malware :

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Installe le > double-clic sur Mbam-setup.exe, à la fin de l'installation, il se mettra automatiquement à jour
- Une fois installé, fermes toutes les applications en cours et lances Malwarebytes
- Executes un examen rapide du pc ( tu n'auras pas accés à internet pendant l'analyse)
- A la fin du scan clic sur " Afficher les resultats ", si Malwarebytes a trouvé des infections >> clic sur " Supprimer la selection "
- Si il a besoin de redemarrer le pc pour finir la desinfection, acceptes
- Un rapport s'etablira, postes son contenu.
0
Réponse 13 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
7 mars 2009 à 01:02
Voilà le rapport avant redémarrage, j'ai refait un scan après et il n'y avait plus rien:

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1825
Windows 5.1.2600 Service Pack 3

06/03/09 20:23:21
mbam-log-2009-03-06 (20-23-21).txt

Type de recherche: Examen rapide
Eléments examinés: 97093
Temps écoulé: 7 minute(s), 12 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 63
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 49

Processus mémoire infecté(s):
C:\Program Files\Fasoo DRM\fpm.exe (Trojan.BHO) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\Fasoo DRM\f_blksc.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_xlus.dll (Trojan.BHO) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\f_webdc.xwebdc (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{487b489f-95c2-44c1-b31f-f7fd71ffa5be} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3474531e-ccf0-494b-8ec5-254e93effaf9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4aaa2f98-2d2f-4938-afb1-3ec1b51c41d9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4aaa2f98-2d2f-4938-afb1-3ec1b51c41d9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4aaa2f98-2d2f-4938-afb1-3ec1b51c41d9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\f_webdc.xwebdc.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{1de3791c-e723-447a-a402-37fd2f133750} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d827611e-de82-4010-b6d6-1df3f63f5065} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{a7e8de60-4dea-11d6-a03d-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a7e8de6c-4dea-11d6-a03d-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5e705a09-557a-4ceb-8177-c94e0400c902} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b4c942e7-57d6-41fd-bb18-15c077179dcc} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{72917d60-46aa-11d6-a038-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72917d6d-46aa-11d6-a038-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{72917d6e-46aa-11d6-a038-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{236cc5e0-d591-442b-a070-0e2bc4d707e8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{80fb062c-3d5d-11d6-a031-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1687b15d-e5fd-47a7-8a3a-0ed326a54fa7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1687b15d-e5fd-47a7-8a3a-0ed326a54fa7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f7e4275d-81cb-4cc9-bf45-cc3b86eb9570} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{da74df6a-4b0b-4e42-9166-290b56239b69} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1773a6ae-93d3-4ce2-9965-ae29f1e59db1} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{49086551-9514-11d5-9772-0090273528bb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dd846afe-9557-11d5-9772-0090273528bb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dd846b02-9557-11d5-9772-0090273528bb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3a48d2b8-2ea5-418a-a4d4-52b6bbfc7e95} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{81abbbb2-c869-4e35-ae7a-583b470d3ed9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{a77c1658-358a-484a-ac86-bcfc0ef1d216} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{979e5fcf-eb94-4532-adc7-dcbe57dc1203} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{da3144f1-fce0-4012-a289-e4ceada25ee6} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{d55001f0-20eb-11d6-a01a-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d55001fd-20eb-11d6-a01a-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e547fb26-f94d-4b3c-99cb-c65003542a0a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e9b499c0-539b-11d6-a044-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{94768d6c-32eb-4db4-ac31-a3b6181adef5} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d4e0637-5d6e-4f4c-823d-82efc637541a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fde46f8c-d05c-43d3-81dd-06e17bb7060d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{952eb86c-14bf-4cff-bb1b-af65b473bc5d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{372b030e-ff2e-4c43-952f-fd02a5fbe1a9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b04a9325-39b1-414d-8923-0186fca1c40a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{30a39e90-1c8a-4ea4-8733-8c3dd0818281} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{30a39e90-1c8a-4ea4-8733-8c3dd0818281} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{30a39e90-1c8a-4ea4-8733-8c3dd0818281} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{a82eed52-7466-4fb6-b8b5-1107c1828b4f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e467ddd-f8a8-4845-acdf-775746a79725} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{934cefdc-e880-446f-880f-6560f613d8aa} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{934cefdc-e880-446f-880f-6560f613d8aa} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{934cefdc-e880-446f-880f-6560f613d8aa} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e4159d60-810b-4f8c-aaa0-7aa8aa18faac} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{087aac2c-6ce2-4518-9dc2-729244730629} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4feba4f2-1906-44bb-b269-7b5a4ae8cc6d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4feba4f2-1906-44bb-b269-7b5a4ae8cc6d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4feba4f2-1906-44bb-b269-7b5a4ae8cc6d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{26904ce0-3007-11d6-a025-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{26904ced-3007-11d6-a025-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{02443f1f-2ff1-11d6-a025-00d0b7909b4d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fph exe (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fpm exe (Trojan.BHO) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5ff32d71-2126-40b8-8737-021cecb9f3f2}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.14,85.255.112.62 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5ff32d71-2126-40b8-8737-021cecb9f3f2}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.14,85.255.112.62 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{5ff32d71-2126-40b8-8737-021cecb9f3f2}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.14,85.255.112.62 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{9355e87a-fe5c-4fe0-80da-12cd703923aa}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.14,85.255.112.62 -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\Fasoo DRM (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\Log (Trojan.BHO) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\d.pelletier\Local Settings\Application Data\cecedxtx_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\d.pelletier\Local Settings\Application Data\cecedxtx_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\d.pelletier\Local Settings\Application Data\cecedxtx.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\d.pelletier\Local Settings\Application Data\cqelbvd_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\d.pelletier\Local Settings\Application Data\cqelbvd_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\d.pelletier\Local Settings\Application Data\cqelbvd.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\Fasoo DRM\f_webdc.dll (Trojan.BHO) -> Delete on reboot.
C:\WINDOWS\system32\hs3i7jdgfd.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\UACe49e.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\UACefac.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Program Files\Fasoo DRM\FasooAcrobatManager4x.api (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\FasooAcrobatManager5x.api (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\fph.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\fpm.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\fsmLoader.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_agent.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_ai.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_blksc.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_cie.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_cie_ep_sso.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_cm.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_dc.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_diag.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_dm.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_dn.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_info.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_kcl(htmlviewer).fac (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_pm.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Fasoo DRM\f_smgbd.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_sps.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_swv.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_ver.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_vh.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_vi.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_vt.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_webdm.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_websn.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\f_xlus.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\InstAcro.exe (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\SMGBD.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Fasoo DRM\Log\101.log (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Fasoo DRM\Log\21.log (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Fasoo DRM\Log\70.log (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Fasoo DRM\Log\f_1507.log (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\UniSSOCheck.inf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-3-9-66-100030674-100016136-100029924-3256.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACestydmes.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UAChbxlisrx.log (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 14 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
7 mars 2009 à 12:38
- Vides la quarantaine de Malwarebytes >> onglet quarantaine et supprimes tout

- Ensuite,telecharge SDFix sur ton bureau : http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
- Fermes toutes les applications en cours, puis double clic sur le raccourci de ton bureau
- Clic sur " Install " pour l'extraire dans un dossier dedié

- Redemarres ton pc en mode sans echec :
- Au demarrage du pc, tapotes sur la touche F8 ou F5 du clavier juste aprés le bip du bios et avant le logo " windows "
- Un ecran avec plusieurs choix apparaitra > selectionnes " mode sans echec " et valides par la touche " Entrée " de ton clavier

- Une fois en " mode sans echec " , ouvres le fichier créé, puis double clic sur " Runthis.bat "
- Une fenetre noir apparait, appuies sur la touche " Y " pour lancer le nettoyage
- Le bureau va disparaitre, c'est normal
- L'outil va travailler, patientes jusqu'à la fin du scan
- Une fois terminé, Sdfix te signalera que l'ordi doit redemarrer, acceptes en pressant une touche..
- Le pc va redemarrer en mode normal, une fois ton bureau en place, il va générer un rapport
- Sauvegardes le et poste son contenu ( tu le trouveras aussi à c:\report.txt)
0
Réponse 15 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
7 mars 2009 à 15:38
voilà le rapport. Pour info, j'ai des fenêtres Firefox intempestives qui s'ouvrent et il me semble que mon centre de sécurité et mon McAfee (pas le choix c'est un pc pro) ne tournent plus:


[b]SDFix: Version 1.240 [/b]
Run by d.pelletier on 07/03/09 at 15:19

Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\d.pelletier\Bureau\SDFix\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\-59679~1 - Deleted
C:\DOCUME~1\D4C71~1.PEL\LOCALS~1\Temp\TMP4.tmp - Deleted
C:\DOCUME~1\D4C71~1.PEL\LOCALS~1\Temp\TMP6.tmp - Deleted
C:\DOCUME~1\D4C71~1.PEL\LOCALS~1\Temp\TMP70.tmp - Deleted
C:\DOCUME~1\D4C71~1.PEL\LOCALS~1\Temp\TMPB.tmp - Deleted





Removing Temp Files

[b]ADS Check [/b]:
0
Réponse 16 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
7 mars 2009 à 15:48
- Le rapport n'est pas entier, tu pourrais l'envoyer entièrement stp ?

.
0
Réponse 17 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
7 mars 2009 à 15:53
Euh...c'est tout ce que j'ai dans report.txt mais il ne s'est pas ouvert tout seul, il a fallu que j'aille le chercher dans le dossier sdfix
0
Réponse 18 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
7 mars 2009 à 16:11
Télécharge Navilog1 (de IL-MAFIOSO) http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
enregistre ce fichier sur le bureau.
- Desactives ton antivirus et la garde de ton antispyware, si tu en as un

- Lances l'installation en executant le fichier téléchargé

- Double clic sur navilog1 présent sur le bureau

- Appuie sur F ou f valide par Entrée

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

- Choisis l'option 1 appuie sur la touche Entrée pour valider ton choix.

- Patiente jusqu'au message : *** Analyse Termine le ..... ***

- Le scan fini un rapport portant ce fixnavi.txt sera affiché poste le contenu de ce rapport.
- Si le résultat du scan ne s'affiche pas tu le trouveras dans C:\fixnavi.txt.
0
Réponse 19 / 41
toast3r Messages postés 68 Date d'inscription vendredi 6 mars 2009 Statut Membre Dernière intervention 8 décembre 2016
7 mars 2009 à 16:47
voilà le rapport de navilog (exécuté en mode normal):

Search Navipromo version 3.7.5 commencé le 07/03/09 à 16:37:08.50

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 26.02.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz )
BIOS : Phoenix FirstBIOS(tm) Notebook Pro Version 2.0 21XI
USER : d.pelletier ( Not Administrator ! )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:101 Go (Free:56 Go)
D:\ (CD or DVD)
Z:\ (Network Disk)


Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\d.pelletier\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\admin\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\REMOTE~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\SEF\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\SEFAdmin\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\d.pelletier\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\admin\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\SEF\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\SEFAdmin\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\d.pelletier\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\admin\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\REMOTE~1\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\SEF\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\SEFAdmin\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\d.pelletier\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\admin\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\SEF\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\SEFAdmin\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\d.pelletier\locals~1\applic~1" :


* Dans "C:\DOCUME~1\admin\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\SEF\locals~1\applic~1" :


* Dans "C:\DOCUME~1\SEFAdmin\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :

C:\WINDOWS\system32\blncivrc.ini2 trouvé ! Infection Vundo possible non traitée par cet outil !


*** Analyse terminée le 07/03/09 à 16:45:58.93 ***
0
Réponse 20 / 41
Ced_King Messages postés 3519 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 10 octobre 2016 572
7 mars 2009 à 16:58
Ok, si tu as telechargé combofix la 1ere fois, il faut que tu fasses ceci :

Clique sur Démarrer puis Exécuter. Tapes combofix /u dans la zone de saisie puis OK. Il doit y avoir un espace avant /u"


- Ensuite :Telecharges Combofix et enregistres le sur ton bureau

http://download.bleepingcomputer.com/sUBs/ComboFix.exe -

/!\ Desactives ton antivirus et la garde de ton antispyware ( si tu en as un) /!\

- Deconnectes toi et fermes toutes les applications en cours
- Double clic sur Combofix.exe >> un message apparait > réponds " oui "
- ( Il est conseillé d'installer la console de recuperations)
- Selectionnes la langue et presse la touche 1 ( yes) pour lancer le scan

/!\ Ne touche ni à la souris, ni au clavier durant le scan, cela pourrait figer l'ordi /!\

- A la fin du scan, Combofix aura besoin de redemarrer pour finir la desinfection, laisses le faire
- Une fois terminé, un rapport s'affiche, poste son contenu que tu peux aussi trouver à c:\combofix.txt

.
0

Discussions similaires

Infection ?
Tomy -
MisteryBean -

10 réponses
Infection ou pas ???
karissia -
helpcenter -

1 réponse
infection ou pas?
jpn1000 -
mcvivien2 -

5 réponses
Infection ad.doubleclick.net
93 -
93 -

66 réponses
Infection FileRepMetagen
Fab8769 -
Malekal_morte- -

9 réponses