Cheval de troie: Downloader.Zlob.AKDE

pascal -
Pascal - 26 avr. 2009 à 22:57

Bonjour,
depuis quelques jours, s'ouvrent des fenêtres de pub, un pseudo? antivirus lance un scan...
J'ai utilisé ccleaner, spybot.
Le bouclier résident d'avg free signale un cheval de troie: Downloader.Zlob.AKDE, mais je n'arrive pas à m'en débarrasser.
J'ai lu qu'il fallait utiliser hijackthis pour éditer un rapport, mais ensuite que faire? que faut il effacer ou modifier?
Ci dessous le rapport, d'avance merci:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:14:50, on 27/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Moi\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\APPS\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [L08FXLRD_7047500] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 10959 bytes

Configuration: Windows XP
Firefox 3.0.7

Afficher la suite

A voir également:

Cheval de troie: Downloader.Zlob.AKDE
Antivirus cheval de troie - Télécharger - Antivirus & Antimalwares
Un cheval de Troie caché dans un antivirus sur le Play Store - Guide
Cheval de troie virus ✓ - Forum Virus
Comment se débarrasser d'un cheval de troie - Forum Virus
Cheval de troie e.tre456_worm_windows - Forum Windows

12 réponses

Réponse 1 / 12

loloetseb Messages postés 5684 Statut Membre 174

Télécharger Smitfraudfix par S!RI :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

Décompresser l'archive
Exécuter le en double cliquant sur Smitfraudfix.cmd
Appuyer sur une touche pour continuer
Arriver à l'invite de commande, saisir la lettre L afin de basculer le fix en langue française
Au menu, choisir l’option 4 puis 1 : Recherche
Poster le rapport ainsi généré

pascal

Bonsoir,
ci dessous le rapport généré:
d'avance merci pour la suite:

SmitFraudFix v2.405

Rapport fait à 22:41:05,85, 27/03/2009
Executé à partir de C:\Documents and Settings\Moi\Bureau\smitfraudfix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Documents and Settings\Moi\Bureau\smitfraudfix\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Moi

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Moi\LOCALS~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Moi\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Moi\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"=""
"SubscribedURL"=""
"FriendlyName"=""

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: VIA Rhine II Fast Ethernet Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{D4A926A5-4779-4246-90EC-7E8BE15A9330}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D4A926A5-4779-4246-90EC-7E8BE15A9330}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Réponse 2 / 12

loloetseb Messages postés 5684 Statut Membre 174

1/Nettoyage :
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).

----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport,
Redémarre en mode normal,
copie/colle le rapport sauvegardé sur le forum

process.exe
est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

2/ Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...

-> laisse faire le scan et ne touche pas au PC ...

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )

Pascal

Bonsoir,
voici le rapport

SmitFraudFix v2.405

Rapport fait à 21:52:54,12, 30/03/2009
Executé à partir de C:\Documents and Settings\Moi\Bureau\smitfraudfix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
...

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{D4A926A5-4779-4246-90EC-7E8BE15A9330}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D4A926A5-4779-4246-90EC-7E8BE15A9330}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Pascal > Pascal

Logfile of random's system information tool 1.06 (written by random/random)
Run by Moi at 2009-03-30 22:08:32
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 259 GB (87%) free of 297 GB
Total RAM: 1022 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:08:46, on 30/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\Moi\Bureau\RSIT.exe
C:\Documents and Settings\Moi\Bureau\Moi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\APPS\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [L08FXLRD_7047500] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Pascal > Pascal

info.txt logfile of random's system information tool 1.06 2009-03-30 22:08:49

======Uninstall list======

-->"c:\apps\skype\phone\unins000.exe"
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 4.42-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop Elements\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements\Uninst.dll"
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe SVG Viewer-->C:\WINDOWS\IsUn040c.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoBase 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}\setup.exe" -l0x40c -uninst
ArcSoft PhotoStudio 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}\setup.exe" -l0x40c -uninst
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x40c Brunin03.dll -removeonly
Browser Address Error Redirector-->regsvr32 /u /s "C:\APPS\BAE\BAE.dll"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CharlyGraal V5-->MsiExec.exe /I{43062EA1-4947-4FB6-BD91-EDC35F6DB3AD}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
eDrawings for SketchUp-->MsiExec.exe /X{1A73872E-287B-4EBB-999B-2A70E2F5036E}
FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"
Free Buttons.org-->C:\Program Files\Free Buttons.org\uninstall.exe
Géorando - Limousin-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C3D989A-4930-4485-853B-90D1D1F2F0F2}\SETUP.EXE" -l0x40c -removeonly
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
Google SketchUp-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E1423608-F529-40A1-93CA-C7F396F30DF0}\setup.exe" -l0x9
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Moi\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Juice 2.2-->C:\Program Files\Juice\uninst.exe
K-Lite Codec Pack 2.84 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
La boite a couleurs version 1.6.15-->"C:\Program Files\LaBoiteACouleurs\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Macromedia Flash Player 8-->MsiExec.exe /X{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manual CanoScan LiDE 50-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2C726E9-C3A0-4850-82C7-5D01FE0E4EB8}\setup.exe" -l0x40c
MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Encarta 2008 - Études-->MsiExec.exe /I{08181881-FCA5-44A7-B863-D66037A16AAF}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (2.0.0.11)-->E:\Apps\PortableFirefox\firefox\uninstall\helper.exe
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.21)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
Nokia Multimedia Factory-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{BD72E64C-F0DB-40CB-846B-611C57D8AB0C} /l1036
Nokia PC Connectivity Solution-->MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
Nokia PC Suite-->MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
OmniPage SE-->MsiExec.exe /I{6249C22D-E6A8-407B-BA8B-40298848ED94}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
PaperPort-->MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SketchUp 5 Architecture Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A535CF14-E12F-40B0-B6A3-6E214EA12CD3}\setup.exe" -l0x9 -removeonly
SketchUp 5 Construction Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC842852-5787-441A-90C1-5F315531BCE3}\setup.exe" -l0x9 -removeonly
SketchUp 5 Landscape Architecture Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDAA5D11-FAA6-425A-AF9D-0D7B5FCDCD74}\setup.exe" -l0x9 -removeonly
SketchUp 5 People Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA0951BF-BBC4-407B-A9C4-92A37EAE3AF3}\setup.exe" -l0x9 -removeonly
SketchUp 5 Transportation Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{862E85C6-3A84-444C-A9B8-456E8115C392}\setup.exe" -l0x9 -removeonly
SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
SolidWorks Education Edition-->RunDll32 C:\PROGRA~1\SOLIDW~1\setup\i386\swuninst.dll,UninstInitViaRunDll32 /sw_dt:"SolidWorks" /sw_it:"Individual" /sw_ld:"C:\Program Files\SolidWorks EE 2002-2003" /sw_pg:"{CE6AE703-BDAA-11D5-BDCA-00C04F019809}"
SolidWorks Toolbox Education Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D598F0A5-B6F3-4450-B95A-843AC81CB049}\setup.exe" -uninst
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SYSTRAN Web Translator 5.0-->MsiExec.exe /I{E0B38894-0E4D-4AE1-B17E-CFBC3692E86A}
TopStyle Lite (Version 3.0)-->C:\WINDOWS\unlite3.exe "C:\Program Files\Bradbury\TopStyle3"
Ulead PhotoImpact 10 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x40c
Ulead VideoStudio 9.0 SE DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}\setup.exe" -l0x40c
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
WBEncarta-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files\Learning Essentials\1.0\fr\FR\WBEncarta\Uninstall\Uninstall.inf,Uninstall,,,N
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_62A340731F8930057B44B8864F236850B0D49D65\nokbtmdm.inf
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
XnView 1.90.2-->"C:\Program Files\XnView\unins000.exe"

======Hosts File======

127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: pascal
Event Code: 7036
Message: Le service Service de l’iPod est entré dans l'état : en cours d'exécution.

Record Number: 17751
Source Name: Service Control Manager
Time Written: 20090128183234.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de l’iPod.

Record Number: 17750
Source Name: Service Control Manager
Time Written: 20090128183234.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: pascal
Event Code: 7036
Message: Le service ServiceLayer est entré dans l'état : en cours d'exécution.

Record Number: 17749
Source Name: Service Control Manager
Time Written: 20090128183218.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 7036
Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution.

Record Number: 17748
Source Name: Service Control Manager
Time Written: 20090128183209.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL.

Record Number: 17747
Source Name: Service Control Manager
Time Written: 20090128183209.000000+060
Event Type: Informations
User: AUTORITE NT\SERVICE LOCAL

=====Application event log=====

Computer Name: pascal
Event Code: 1
Message:
Record Number: 639
Source Name: Avg7UpdSvc
Time Written: 20080226201959.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 0
Message:
Record Number: 638
Source Name: ServiceLayer
Time Written: 20080220171744.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 637
Source Name: SecurityCenter
Time Written: 20080220171737.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 1
Message:
Record Number: 636
Source Name: AVGEMS
Time Written: 20080220171710.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 0
Message:
Record Number: 635
Source Name: USBDeviceService
Time Written: 20080220171704.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

Réponse 3 / 12

loloetseb Messages postés 5684 Statut Membre 174

1/
Telecharge maintenant FindyKill sur ton bureau :

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

--> Lance l installation avec les parametres par default

--> Au menu principal,choisi l option 1 (Recherche)

--> Post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

2/
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

--> Fais clic droit sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 2 (Suppression)

/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"

/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

3/Télécharge Superantispyware (SAS)

Choisis "enregistrer" et enregistre-le sur ton bureau.

Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

Créé une icône sur le bureau.

Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

- Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
- Sous Configuration and Preferences, clique sur le bouton "Preferences"
- Clique sur l'onglet "Scanning Control "
- Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining
- Laisse les autres lignes décochées.

- Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

- Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

Dans la colonne de gauche, coche C:\Fixed Drive.

Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"

Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

Pour recopier les informations sur le forum, fais ceci :

- après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
- Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
- Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.

- Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

- Copie son contenu dans ta réponse.

Regarde bien le tuto SUPERAntiSpyware il est très bien expliqué.

Pascal

############################## [ FindyKill V4.721 ]

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jucheck.exe

################## [ Fichiers / Dossiers infectieux C:\ ]

################## [ C:\WINDOWS & C:\WINDOWS\Prefetch ]

Found ! - C:\WINDOWS\prefetch\MPCMDRUN.EXE-177DBF1A.pf

################## [ C:\WINDOWS\system32 ]

################## [ C:\WINDOWS\system32\drivers ]

################## [ C:\.. Application Data ... ]

################## [ C:\Users...\Temp Files... ]

################## [ Registre / Clés infectieuses ]

################## [ Recherche dans supports amovibles]

# Présence des fichiers :

################## [ Registre / Mountpoint2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.721 ! ]

Réponse 4 / 12

loloetseb Messages postés 5684 Statut Membre 174

C'est bon ,tu peux faire la procedure 2 de findy kill

Pascal

Et voici:

############################## [ FindyKill V4.721 ]

############################## [ Active Processes ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jucheck.exe

################## [ Infected Files / Folders C:\ ]

################## [ C:\WINDOWS & C:\WINDOWS\prefetch ]

Deleted ! - C:\WINDOWS\prefetch\MPCMDRUN.EXE-177DBF1A.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-0F8DCEDB.pf

################## [ C:\WINDOWS\System32 ]

################## [ C:\WINDOWS\System32\drivers ]

################## [ C:\.. Application Data ... ]

################## [ C:\Documents and Settings\Moi\.....\Temp Files... ]

################## [ Registry / Infected keys ]

################## [ Cleaning Removable drives ]

# Deleting Files :

################## [ Registry / Mountpoint2 ]

# -> Not found !

################## [ States / Restarting of services ]

# Services : [ Auto=2 / Request=3 / Disable=4 ]

# Ndisuio -> # Type of startup =3
# EapHost -> # Type of startup =2
# Ip6Fw -> # Type of startup =2
# SharedAccess -> # Type of startup =2
# wuauserv -> # Type of startup =2
# wscsvc -> # Type of startup =2

################## [ Searching Other Infections ]

# -> Nothing found.

################## [ ! End of Report # FindyKill V4.721 ! ]

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 12

loloetseb Messages postés 5684 Statut Membre 174

Tu peux faire Superantispyware maintenant

Pascal

Voici le rapport de superantispyware:

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 04/06/2009 at 00:02 AM

Application Version : 4.26.1000

Core Rules Database Version : 3829
Trace Rules Database Version: 1785

Scan type : Complete Scan
Total Scan Time : 02:20:59

Memory items scanned : 683
Memory threats detected : 1
Registry items scanned : 6943
Registry threats detected : 0
File items scanned : 152983
File threats detected : 44

Trojan.Dropper/UserInit-Fake
C:\WINDOWS\SYSTEM32\USERINIT.EXE
C:\WINDOWS\SYSTEM32\USERINIT.EXE
C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf

Adware.Tracking Cookie
C:\Documents and Settings\Moi\Cookies\moi@redirectclicks[2].txt
C:\Documents and Settings\Invité\Cookies\invité@server.iad.liveperson[2].txt
C:\Documents and Settings\Invité\Cookies\invité@www.smartadserver[2].txt
C:\Documents and Settings\Invité\Cookies\invité@yourmedia[1].txt
C:\Documents and Settings\Moi\Cookies\moi@redirectclicks[1].txt

Trace.Known Threat Sources
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\w_bg[1].gif
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\140[1].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\config[1].js
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\jquery[1].js
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\142[1].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\140[3].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\folder[1].gif
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8WU59YWY\disk2[1].gif
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8WU59YWY\jquery-init[1].js
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8WU59YWY\banner2[1].jpg
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\i6[1].jpg
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8WU59YWY\sg1[1].css
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\closebutton[1].gif
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\disk1[1].gif
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\init[1].js
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\box_top_bg[1].gif
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\flist[1].js
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\140[2].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8WU59YWY\140[1].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\w_top[1].jpg
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\error_detected[1].gif
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8WU59YWY\i2[1].jpg
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\l_bg3[1].gif
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\142[1].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\jquery[1].js
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\140[1].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\i4[1].jpg
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8WU59YWY\140[2].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8WU59YWY\14[1].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\142[1].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\i3[1].jpg
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\engine[1].js
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\140[1].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\140[2].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\YGGGVTJH\crypt[1].js
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\8HR7U4X0\142[2].htm
C:\Documents and Settings\Moi\Local Settings\Temporary Internet Files\Content.IE5\PBCI6AX0\i1[1].jpg

Réponse 6 / 12

loloetseb Messages postés 5684 Statut Membre 174

Télécharge SDFix sur ton bureau :
ici http://downloads.andymanchesta.com/RemovalTools/SDFix.exe.
ou ici http://download.bleepingcomputer.com/andymanchesta/SDFix.exe
ou ici http://sdfix.net/SDFix.exe

--> Double-clique sur SDFix.exe et choisis "Install" .

( tuto ici : https://www.malekal.com/slenfbot-still-an-other-irc-bot/ )

Puis une fois l'installe faite ,

Impératif : Démarrer en mode sans echec .

/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

Comment aller en Mode sans échec :
1) Redémarre ton ordi .
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" .
3) Tu tapotes jusqu' à l'apparition de l'écran avec les options de démarrage .
4) Choisis la première option : Sans Échec , et valide en tapant sur [Entrée] .
5) Choisis ton compte habituel ( et pas Administrateur ).
attention : pas de connexion possible en mode sans échec , donc copie ou imprime bien la manipe pour éviter les erreurs ...

Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer l'outil .
-->Tapes Y pour lancer le script ...
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire , donc :
presses une touche pour redémarrer quand il te le sera demandé .

Le PC va mettre du temps avant de démarrer ( c'est normale ), après le chargement du Bureau presses une touche lorsque "Finished" s'affiche .

Le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier
C:\SDFix sous le nom "Report.txt".

Poste ce dernier dans ta prochaine réponse accompagné d'un nouveau rapport Hijakcthis pour analyse

Pascal

Bonjour,
lors du redémarrage automatique l'ordi plante systématiquement (il n'y a que le ventilo qui démarre). il n'y a plus qu'à le débrancher, et ensuite, impossible de démarrer, il faut attendre qques heures!
Voici néanmoins le rapport sdfix:

[b]SDFix: Version 1.240 [/b]
Run by Moi on 10/04/2009 at 20:52

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

[b]Checking Files [/b]:

No Trojan Files Found

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-11 08:45:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Mon graveur]

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services [/b]:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\\AOL 9.0\\aol.exe"="%ProgramFiles%\\AOL 9.0\\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:PANDORA"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\APPS\\Inventime\\my.exe"="C:\\APPS\\Inventime\\my.exe:*:Enabled:INVENTIME"
"C:\\APPS\\skype\\phone\\Skype.exe"="C:\\APPS\\skype\\phone\\Skype.exe:*:Enabled:Skype"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[b]Remaining Files [/b]:

[b]Files with Hidden Attributes [/b]:

Thu 9 Nov 2006 208 A.SHR --- "C:\BOOT.BAK"
Tue 31 May 2005 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
Tue 31 May 2005 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
Tue 31 May 2005 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
Mon 21 Aug 2006 4,900,600 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"
Mon 26 Jan 2009 1,740,632 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Thu 5 Mar 2009 2,260,480 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Sat 10 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050061.sys"
Sun 11 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050127.sys"
Sun 11 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050134.sys"
Mon 12 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050149.sys"
Wed 14 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050163.sys"
Thu 15 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050178.sys"
Mon 26 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050203.sys"
Tue 27 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050217.sys"
Wed 28 Jan 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP218\A0050231.sys"
Wed 4 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0051231.sys"
Thu 5 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0051251.sys"
Thu 5 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0051258.sys"
Fri 6 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0051275.sys"
Sat 7 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0051284.sys"
Sun 8 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0051300.sys"
Mon 9 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0051315.sys"
Wed 11 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0051329.sys"
Wed 11 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0052330.sys"
Thu 12 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0052347.sys"
Thu 12 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0052356.sys"
Thu 12 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0052460.sys"
Fri 13 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0052481.sys"
Sat 14 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0052500.sys"
Sat 14 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP219\A0053501.sys"
Sun 15 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP220\A0053864.sys"
Sun 15 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP220\A0053872.sys"
Mon 16 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP221\A0054217.sys"
Tue 17 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP222\A0054228.sys"
Wed 18 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP223\A0054446.sys"
Wed 18 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP223\A0054457.sys"
Thu 19 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP223\A0054472.sys"
Fri 20 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP223\A0054491.sys"
Fri 20 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP223\A0054504.sys"
Mon 23 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP224\A0054521.sys"
Tue 24 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP226\A0054568.sys"
Wed 25 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP226\A0054595.sys"
Fri 27 Feb 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP227\A0054627.sys"
Sun 1 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP228\A0054646.sys"
Mon 2 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP228\A0055652.sys"
Thu 5 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP228\A0055655.sys"
Thu 5 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP228\A0055673.sys"
Sat 7 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP229\A0055691.sys"
Sun 8 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP229\A0055705.sys"
Mon 9 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP230\A0055745.sys"
Tue 10 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP231\A0055761.sys"
Tue 10 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP232\A0055932.sys"
Tue 10 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP232\A0056033.sys"
Wed 11 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP234\A0056080.sys"
Wed 11 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP235\A0056117.sys"
Thu 12 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP238\A0056184.sys"
Thu 12 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP239\A0056198.sys"
Thu 12 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP241\A0056231.sys"
Fri 13 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP242\A0056298.sys"
Fri 13 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP243\A0056317.sys"
Sat 14 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP244\A0056345.sys"
Sun 15 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP245\A0056371.sys"
Thu 19 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0056399.sys"
Fri 20 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP248\A0056428.sys"
Sun 22 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP248\A0056511.sys"
Sun 22 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP249\A0056537.sys"
Wed 25 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP250\A0057536.sys"
Wed 25 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP250\A0057577.sys"
Thu 26 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP253\A0057632.sys"
Fri 27 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP254\A0057676.sys"
Sat 28 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP255\A0057701.sys"
Mon 30 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP256\A0057740.sys"
Mon 30 Mar 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP256\A0057757.sys"
Thu 2 Apr 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP258\A0057868.sys"
Fri 3 Apr 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP258\A0057886.sys"
Sun 5 Apr 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP260\A0057926.sys"
Mon 6 Apr 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP261\A0057958.sys"
Wed 8 Apr 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP262\A0058011.sys"
Thu 9 Apr 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP262\A0058046.sys"
Fri 10 Apr 2009 72 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP262\A0058083.sys"
Tue 13 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Thu 24 May 2007 24,064 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL0003.tmp"
Thu 24 May 2007 29,184 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL0342.tmp"
Thu 24 May 2007 27,648 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL0694.tmp"
Wed 23 May 2007 43,008 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL0867.tmp"
Wed 23 May 2007 39,424 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL0976.tmp"
Wed 23 May 2007 44,544 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL1334.tmp"
Wed 23 May 2007 32,768 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL2479.tmp"
Thu 24 May 2007 25,600 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL2482.tmp"
Thu 24 May 2007 29,184 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL2579.tmp"
Wed 23 May 2007 44,544 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL2583.tmp"
Wed 23 May 2007 40,960 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL2627.tmp"
Wed 23 May 2007 41,984 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL3544.tmp"
Thu 24 May 2007 45,568 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL3859.tmp"
Wed 23 May 2007 31,232 ...H. --- "C:\Documents and Settings\chez_marcou\Mes documents\demandes_devis\~WRL4098.tmp"
Sat 11 Apr 2009 72 A..H. --- "C:\Program Files\Common Files\X10\Common\x10prod.sys"
Tue 31 May 2005 106,496 A..H. --- "C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll"
Sat 11 Apr 2009 5,686 A.SH. --- "C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\TempSBE\SBE1.tmp"
Sat 11 Apr 2009 5,940 A.SH. --- "C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\TempSBE\SBE2.tmp"
Mon 18 Aug 2003 28,672 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0002.tmp"
Mon 27 Oct 2003 32,768 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0004.tmp"
Wed 1 Oct 2003 28,160 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0024.tmp"
Wed 1 Oct 2003 25,088 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0075.tmp"
Wed 1 Oct 2003 27,136 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0107.tmp"
Thu 2 Oct 2003 31,232 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0224.tmp"
Mon 27 Oct 2003 33,280 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0361.tmp"
Mon 27 Oct 2003 33,280 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0525.tmp"
Thu 2 Oct 2003 31,744 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0643.tmp"
Wed 1 Oct 2003 24,064 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0662.tmp"
Wed 1 Oct 2003 27,136 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0731.tmp"
Thu 2 Oct 2003 31,232 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0824.tmp"
Mon 27 Oct 2003 32,768 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0925.tmp"
Mon 27 Oct 2003 33,280 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL0959.tmp"
Mon 27 Oct 2003 30,208 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1012.tmp"
Wed 1 Oct 2003 29,184 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1122.tmp"
Wed 1 Oct 2003 25,600 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1234.tmp"
Thu 2 Oct 2003 32,256 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1328.tmp"
Wed 1 Oct 2003 26,624 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1404.tmp"
Wed 1 Oct 2003 24,576 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1469.tmp"
Wed 1 Oct 2003 24,576 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1536.tmp"
Mon 27 Oct 2003 32,768 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1558.tmp"
Wed 1 Oct 2003 27,136 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1843.tmp"
Wed 1 Oct 2003 27,136 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1941.tmp"
Mon 27 Oct 2003 33,792 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL1963.tmp"
Wed 1 Oct 2003 27,648 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL2128.tmp"
Wed 1 Oct 2003 26,624 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL2222.tmp"
Thu 2 Oct 2003 32,256 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL2375.tmp"
Wed 1 Oct 2003 28,160 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL2661.tmp"
Mon 27 Oct 2003 39,936 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL2723.tmp"
Wed 1 Oct 2003 28,160 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL2823.tmp"
Wed 1 Oct 2003 28,160 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL2840.tmp"
Mon 29 Sep 2003 37,888 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL2874.tmp"
Wed 1 Oct 2003 30,208 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL3372.tmp"
Wed 1 Oct 2003 30,720 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL3535.tmp"
Mon 27 Oct 2003 33,280 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL3637.tmp"
Mon 27 Oct 2003 33,280 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\PRIVE\~WRL3739.tmp"
Thu 18 Sep 2003 53,248 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL0003.tmp"
Thu 18 Sep 2003 58,368 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL0555.tmp"
Thu 18 Sep 2003 55,808 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL0899.tmp"
Thu 18 Sep 2003 59,392 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL0957.tmp"
Thu 18 Sep 2003 60,928 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL1211.tmp"
Thu 18 Sep 2003 56,832 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL1533.tmp"
Thu 18 Sep 2003 57,856 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL1642.tmp"
Thu 18 Sep 2003 56,832 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL1867.tmp"
Thu 18 Sep 2003 58,880 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL2057.tmp"
Thu 18 Sep 2003 60,416 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL2699.tmp"
Thu 18 Sep 2003 55,808 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL2926.tmp"
Thu 18 Sep 2003 58,880 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL3281.tmp"
Thu 18 Sep 2003 60,928 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL3305.tmp"
Thu 18 Sep 2003 56,832 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL3824.tmp"
Thu 18 Sep 2003 58,368 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL3909.tmp"
Thu 18 Sep 2003 57,344 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\COORDINATION\~WRL4026.tmp"
Wed 24 Sep 2003 24,064 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL0003.tmp"
Wed 24 Sep 2003 24,576 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL0322.tmp"
Thu 25 Sep 2003 40,960 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL0566.tmp"
Thu 25 Sep 2003 24,064 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL0893.tmp"
Thu 25 Sep 2003 41,472 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL1077.tmp"
Thu 25 Sep 2003 24,064 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL1386.tmp"
Wed 24 Sep 2003 24,064 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL1711.tmp"
Wed 24 Sep 2003 24,064 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL2305.tmp"
Wed 24 Sep 2003 24,576 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL3306.tmp"
Thu 25 Sep 2003 40,960 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL3398.tmp"
Thu 25 Sep 2003 24,064 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL3622.tmp"
Thu 25 Sep 2003 40,960 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\COLLEGE2003\PROD_SERV_2003\~WRL3954.tmp"
Mon 24 Mar 2003 32,256 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL0001.tmp"
Tue 25 Mar 2003 32,256 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL0003.tmp"
Tue 25 Mar 2003 34,304 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL0229.tmp"
Tue 25 Mar 2003 34,816 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL0504.tmp"
Tue 25 Mar 2003 34,304 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL0587.tmp"
Tue 25 Mar 2003 34,304 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL0670.tmp"
Tue 25 Mar 2003 34,304 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL0821.tmp"
Tue 25 Mar 2003 35,328 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL1888.tmp"
Tue 25 Mar 2003 34,304 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL1983.tmp"
Tue 25 Mar 2003 34,304 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL2428.tmp"
Tue 25 Mar 2003 34,304 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL3075.tmp"
Tue 25 Mar 2003 32,768 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\iufm\IUFMTECHNO2002\~WRL3415.tmp"
Thu 8 Apr 2004 81,920 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL0167.tmp"
Thu 8 Apr 2004 81,920 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL0579.tmp"
Fri 9 Apr 2004 99,328 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL0614.tmp"
Fri 9 Apr 2004 41,984 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL1134.tmp"
Fri 9 Apr 2004 51,200 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL1286.tmp"
Fri 9 Apr 2004 84,480 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL1514.tmp"
Fri 9 Apr 2004 46,592 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL1757.tmp"
Fri 9 Apr 2004 53,248 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL1819.tmp"
Fri 9 Apr 2004 91,136 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL1877.tmp"
Thu 8 Apr 2004 81,920 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL2058.tmp"
Fri 9 Apr 2004 84,480 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL2063.tmp"
Fri 9 Apr 2004 50,688 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL2106.tmp"
Fri 9 Apr 2004 52,736 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL2255.tmp"
Fri 9 Apr 2004 48,640 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL2589.tmp"
Fri 9 Apr 2004 98,816 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL2919.tmp"
Fri 9 Apr 2004 98,304 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL3004.tmp"
Fri 9 Apr 2004 97,280 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL3218.tmp"
Fri 9 Apr 2004 41,984 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL3734.tmp"
Fri 9 Apr 2004 91,648 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL3777.tmp"
Fri 9 Apr 2004 46,592 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL3882.tmp"
Fri 9 Apr 2004 97,280 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL4099.tmp"
Fri 9 Apr 2004 50,688 A..H. --- "C:\Documents and Settings\Moi\Mes documents\save_compacq_pascal_210307\rescue05_09_05\animations\formation staroffice\anim StarOff\~WRL4101.tmp"

[b]Finished![/b]

et le hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:13:15, on 11/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\Moi\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\APPS\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [L08FXLRD_7047500] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Réponse 7 / 12

loloetseb Messages postés 5684 Statut Membre 174

De retour,

J'analyse les rapports et donne la procedure à suivre

Réponse 8 / 12

loloetseb Messages postés 5684 Statut Membre 174

Supprimes les logiciels de desinfection inutiles avec tool cleaner

https://www.commentcamarche.net/telecharger/ 34055291 toolscleaner
---> Télécharge ToolsCleaner2 sur ton Bureau.
* Double-clique sur ToolsCleaner2.exe pour le lancer.
* Clique sur Recherche et laisse le scan agir.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options Facultatives.
* Clique sur Quitter pour obtenir le rapport.
* Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
_________________________________________________

Scan de controle sur bitdefender on line

-> Scan BitDefender

Fais une analyse antivirus en ligne sur BitDefender avec Internet Explorer.:

BitDefender on line

* Clique en bas à gauche sur Scan on line.
* Accepte la licence et laisse-le installer l'Active x..
* Laisse-toi guider. Colle son rapport ici.
* Poste un nouveau rapport Hijackthis.

Aide

Pascal

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\FindyKill.txt: trouvé !
C:\SDFIX: trouvé !
C:\FindyKill: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Moi\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\Moi\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\Moi\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\Moi\Bureau\Rsit.exe: trouvé !
C:\Documents and Settings\Moi\Bureau\SmitFraudfix: trouvé !
C:\Documents and Settings\Moi\Bureau\Rsit: trouvé !
C:\Documents and Settings\Moi\Bureau\smitfraudfix\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\Moi\Bureau\smitfraudfix\SmitFraudfix: trouvé !
C:\Documents and Settings\Moi\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Documents and Settings\Moi\Mes documents\soft\fsbl.exe: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\Moi\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\Moi\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\Moi\Bureau\smitfraudfix\SmitFraudFix.exe: supprimé !
C:\Documents and Settings\Moi\Mes documents\soft\fsbl.exe: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\Moi\Bureau\hijackthis.log: supprimé !
C:\Documents and Settings\Moi\Bureau\Rsit.exe: supprimé !
C:\SDFIX: supprimé !
C:\FindyKill: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\Moi\Bureau\SmitFraudfix: supprimé !
C:\Documents and Settings\Moi\Bureau\Rsit: supprimé !
C:\Documents and Settings\Moi\Menu Démarrer\Programmes\FindyKill: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !

Réponse 9 / 12

loloetseb Messages postés 5684 Statut Membre 174

Ok,tu peux faire le scan avec bitdefender

Pascal

Le rapport de scan de bd

<HTML>
<HEAD>
<TITLE>BitDefender Online Scanner - Rapport d'analyse</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >

<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
<tr>
<td width="458">
BitDefender Online Scanner
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>
<tr>
<td colspan="3" width="912">
Rapport d'analyse généré à: Tue, Apr 14, 2009 - 20:54:22
</td>
</tr>

<tr>
<td width="458">
 
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
Voie d'analyse: C:\;D:\;F:\;G:\;H:\;I:\;J:\;
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
 
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
Statistiques
</td>
</tr>
<tr>
<td width="57%">
Temps
</td>
<td width="43%" align="right">
00:51:28
</td>
</tr>
<tr>
<td width="57%">
Fichiers
</td>
<td width="43%" align="right">
141188
</td>
</tr>
<tr>
<td width="57%">
Directoires
</td>
<td width="43%" align="right">
15445
</td>
</tr>
<tr>
<td width="57%">
Secteurs de boot
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Archives
</td>
<td width="43%" align="right">
2163
</td>
</tr>
<tr>
<td width="57%">
Paquets programmes
</td>
<td width="43%" align="right">
14222
</td>
</tr>
</table>
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
Résultats
</td>
</tr>
<tr>
<td width="57%">
Virus identifiés
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Fichiers infectés
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Fichiers suspects
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Avertissements
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Désinfectés
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Fichiers effacés
</td>
<td width="43%" align="right">
0
</td>
</tr>
</table>
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
Info sur les moteurs
</td>
</tr>
<tr>
<td width="57%">
Définition virus
</td>
<td width="43%" align="right">
2846463
</td>
</tr>
<tr>
<td width="57%">
Version des moteurs
</td>
<td width="43%" align="right">
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
</td>
</tr>
<tr>
<td width="57%">
Analyse des plugins
</td>
<td width="43%" align="right">
17
</td>
</tr>
<tr>
<td width="57%">
Archive des plugins
</td>
<td width="43%" align="right">
45
</td>
</tr>
<tr>
<td width="57%">
Unpack des plugins
</td>
<td width="43%" align="right">
7
</td>
</tr>
<tr>
<td width="57%">
E-mail plugins
</td>
<td width="43%" align="right">
6
</td>
</tr>
<tr>
<td width="57%">
Système plugins
</td>
<td width="43%" align="right">
4
</td>
</tr>
</table>
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
Paramètres d'analyse
</td>
</tr>
<tr>
<td width="57%">
Première action
</td>
<td width="43%" align="right">
Désinfecté
</td>
</tr>
<tr>
<td width="57%">
Seconde Action
</td>
<td width="43%" align="right">
Supprimé
</td>
</tr>
<tr>
<td width="57%">
Heuristique
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Acceptez les avertissements
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Extensions analysées
</td>
<td width="43%" align="right">
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
</td>
</tr>

<tr>
<td width="57%">
Excludez les extensions
</td>
<td width="43%" align="right">
 
</td>
</tr>
<tr>
<td width="57%">
Analyse d'emails
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Analyse des Archives
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Analyser paquets programmes
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Analyse des fichiers
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Analyse de boot
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
</table>
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td colspan=2>
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
Fichier analysé
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
 Statut
</td>
</tr>
<tr>
<td width="57%">
Aucun virus trouvé.
</td>
<td width="43%" align="left">
 
</td>
</tr>
</table>
</td>

<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
 
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
 
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

</table>
 

</body>
</html>

Pascal

Ce matin, le résident d'avg a encore émis une alerte, voici son rapport:

Détection du Bouclier résident
"Infection";"Objet";"Résultat";"Date de la détection";"Type d'objet";"Processus"
"Cheval de Troie : Dropper.Agent.MDJ";"C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP263\A0058145.exe";"Infecté";"14/04/2009, 11:26:42";"fichier";"C:\WINDOWS\system32\svchost.exe"
"Cheval de Troie : Dropper.Agent.MDJ";"C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP263\A0058145.exe";"Infecté";"14/04/2009, 10:14:45";"fichier";"C:\WINDOWS\system32\svchost.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP260\A0057919.EXE";"Placé en quarantaine";"08/04/2009, 19:35:52";"fichier";"C:\WINDOWS\system32\svchost.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\Documents and Settings\Moi\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 04-06-2009 - 02-13-03\{5E9857AF-F4E8-4EB8-93B2-4CA5329D8511}";"Infecté";"06/04/2009, 02:13:04";"fichier";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 02:12:39";"fichier";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 02:06:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 01:51:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 01:36:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 01:21:43";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 01:06:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 00:51:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 00:36:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 00:21:43";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 00:06:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"06/04/2009, 00:01:04";"fichier";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 23:51:43";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 23:36:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 23:21:45";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 23:06:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 22:51:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Dropper.Agent.MDJ";"C:\FindyKill\Tools\FyK_C.exe";"Infecté";"05/04/2009, 22:38:15";"fichier";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 22:36:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 22:21:53";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 22:06:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 21:51:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 21:41:22";"fichier";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 21:36:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 21:36:32";"fichier";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 21:35:53";"fichier";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 21:21:43";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 21:06:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 20:51:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 20:36:42";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 20:22:53";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 20:22:49";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 20:22:23";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 20:21:53";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"05/04/2009, 20:21:36";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"03/04/2009, 09:32:59";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"03/04/2009, 09:17:59";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"03/04/2009, 09:06:33";"fichier";"C:\FindyKill\Tools\FYKS.exe"
"Cheval de Troie : Dropper.Agent.MDJ";"C:\FindyKill\Tools\FyK_C.exe";"Infecté";"03/04/2009, 08:58:33";"fichier";"C:\FindyKill\Tools\FYKS.exe"
"Cheval de Troie : Dropper.Agent.MDJ";"C:\FindyKill\Tools\FyK_C.exe";"Infecté";"03/04/2009, 08:48:16";"fichier";"C:\WINDOWS\system32\cmd.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"03/04/2009, 08:47:56";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"03/04/2009, 08:47:37";"fichier";"C:\WINDOWS\system32\userinit.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"03/04/2009, 08:47:35";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 21:50:43";"fichier";"C:\FindyKill\Tools\winupgro.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 21:50:43";"fichier";"C:\FindyKill\Tools\winupgro.exe"
"Cheval de Troie : Dropper.Agent.MDJ";"C:\FindyKill\Tools\FyK_C.exe";"Infecté";"02/04/2009, 21:50:43";"fichier";"C:\WINDOWS\system32\cmd.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 21:46:54";"fichier";"C:\FindyKill\Tools\winupgro.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 21:46:53";"fichier";"C:\FindyKill\Tools\winupgro.exe"
"Cheval de Troie : Dropper.Agent.MDJ";"C:\FindyKill\Tools\FyK_C.exe";"Infecté";"02/04/2009, 21:46:53";"fichier";"C:\WINDOWS\system32\cmd.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 21:43:18";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 21:36:08";"fichier";"C:\WINDOWS\system32\msiexec.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 21:28:16";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 21:13:16";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 20:58:16";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 20:43:18";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 20:28:16";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 20:13:16";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 19:58:16";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 19:44:08";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 19:43:03";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 19:43:00";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"02/04/2009, 18:54:40";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 22:27:10";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 22:20:28";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 22:15:11";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 22:01:32";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 22:01:11";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 22:00:45";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 22:00:14";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 21:59:56";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 20:29:35";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 20:28:18";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 20:28:16";"fichier";"C:\WINDOWS\system32\userinit.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"30/03/2009, 20:28:16";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"28/03/2009, 23:18:13";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"28/03/2009, 23:17:54";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"28/03/2009, 23:17:20";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"28/03/2009, 23:17:10";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"28/03/2009, 23:16:40";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"28/03/2009, 23:16:07";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"28/03/2009, 23:15:50";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:42:32";"fichier";"C:\WINDOWS\system32\findstr.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:42:32";"fichier";"C:\WINDOWS\system32\findstr.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:42:26";"fichier";"C:\WINDOWS\system32\findstr.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:41:14";"fichier";"C:\WINDOWS\system32\findstr.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:11:03";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:04:23";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:03:53";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:03:22";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:02:52";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:02:21";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:01:22";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 23:00:50";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 22:59:58";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 22:58:10";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 22:57:39";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 22:55:39";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 22:54:56";"fichier";"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 19:12:14";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 19:04:46";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 19:04:05";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 19:03:43";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 19:02:31";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 19:02:21";"fichier";"C:\WINDOWS\system32\userinit.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"27/03/2009, 19:02:20";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"26/03/2009, 23:19:14";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"26/03/2009, 23:04:11";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"26/03/2009, 22:49:11";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"26/03/2009, 22:34:11";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"26/03/2009, 22:20:04";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"26/03/2009, 22:18:55";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"26/03/2009, 22:18:55";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"26/03/2009, 22:18:55";"fichier";"C:\WINDOWS\system32\userinit.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 21:32:23";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 21:17:23";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 21:13:40";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 21:06:39";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 21:02:23";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 20:48:16";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 20:47:11";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 20:47:07";"fichier";"C:\WINDOWS\system32\userinit.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 20:47:07";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 17:44:55";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 17:44:28";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"25/03/2009, 17:44:08";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 21:19:29";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 21:01:07";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 20:59:23";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 20:58:38";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 20:58:27";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 20:56:56";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 20:56:49";"fichier";"C:\WINDOWS\system32\userinit.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 20:56:49";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 16:36:16";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 16:21:14";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 16:06:14";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 16:02:13";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 15:55:27";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 15:51:14";"fichier";"C:\WINDOWS\explorer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 15:37:49";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 15:36:21";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 15:35:58";"fichier";"C:\WINDOWS\system32\userinit.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"22/03/2009, 15:35:58";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"20/03/2009, 22:54:49";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"20/03/2009, 22:34:46";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"20/03/2009, 22:32:19";"fichier";"C:\WINDOWS\system32\winlogon.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"19/03/2009, 23:21:14";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"19/03/2009, 23:00:36";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"19/03/2009, 23:00:03";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"19/03/2009, 22:59:59";"fichier";"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"19/03/2009, 22:59:32";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"19/03/2009, 22:59:29";"fichier";"C:\Program Files\Windows Defender\MsMpEng.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"19/03/2009, 22:59:02";"fichier";"C:\Program Files\Java\jre6\bin\jqs.exe"
"Cheval de Troie : Downloader.Zlob.AKDE";"C:\WINDOWS\system32\userinit.exe";"Object is white-listed (critical/system file that should not be removed)";"19/03/2009, 22:58:42";"fichier";"C:\WINDOWS\system32\winlogon.exe"

Pascal

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:21:31, on 14/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Moi\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\APPS\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [L08FXLRD_7047500] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-291572906-3017303880-2575577189-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'chez_marcou')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Réponse 10 / 12

loloetseb Messages postés 5684 Statut Membre 174

Télécharge LOP S&D sur ton Bureau.

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

Pascal

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Moi ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
C:\ (Local Disk) - NTFS - Total:290 Go (Free:252 Go)
D:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 14/04/2009|23:14 )

--------------------\\ Listing des dossiers dans APPLIC~1

[30/11/2006|06:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[30/11/2006|06:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[27/11/2007|22:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[30/11/2006|06:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[30/11/2006|06:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[01/12/2008|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[17/02/2008|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/11/2006|06:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/12/2008|23:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/12/2008|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/03/2009|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[25/11/2007|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[10/07/2007|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[08/07/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[24/02/2009|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/11/2006|06:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[11/03/2009|00:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[12/03/2009|00:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/03/2009|04:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[13/02/2007|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[30/11/2006|06:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[08/07/2007|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[30/11/2006|06:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[25/11/2007|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[07/02/2007|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[30/11/2006|06:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[28/03/2009|23:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[15/02/2007|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[15/02/2007|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[05/04/2009|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[08/02/2007|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[30/11/2006|06:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[30/11/2006|06:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[13/02/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[14/04/2009|08:47] C:\DOCUME~1\CHEZ_M~1\APPLIC~1\Adobe
[30/11/2006|06:18] C:\DOCUME~1\CHEZ_M~1\APPLIC~1\Identities
[14/04/2009|13:35] C:\DOCUME~1\CHEZ_M~1\APPLIC~1\Macromedia
[14/04/2009|08:46] C:\DOCUME~1\CHEZ_M~1\APPLIC~1\Microsoft
[14/04/2009|08:54] C:\DOCUME~1\CHEZ_M~1\APPLIC~1\Mozilla
[07/12/2007|11:16] C:\DOCUME~1\CHEZ_M~1\APPLIC~1\PC Suite
[30/11/2006|06:18] C:\DOCUME~1\CHEZ_M~1\APPLIC~1\You've Got Pictures Screensaver

[30/11/2006|06:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[30/11/2006|06:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[30/11/2006|06:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[30/11/2006|06:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Mozilla
[30/11/2006|06:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[06/12/2007|17:40] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
[26/05/2007|17:00] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[30/11/2006|06:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[16/03/2007|20:32] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[11/02/2009|20:02] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[05/02/2009|11:54] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[06/04/2008|18:38] C:\DOCUME~1\INVIT~1\APPLIC~1\OD2
[06/12/2007|17:37] C:\DOCUME~1\INVIT~1\APPLIC~1\PC Suite
[06/02/2009|14:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun
[16/03/2007|20:29] C:\DOCUME~1\INVIT~1\APPLIC~1\Talkback
[30/11/2006|06:18] C:\DOCUME~1\INVIT~1\APPLIC~1\You've Got Pictures Screensaver

[18/02/2007|18:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\DivX
[27/11/2007|22:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[30/11/2006|06:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[17/03/2008|13:46] C:\DOCUME~1\Marie\APPLIC~1\Adobe
[30/11/2006|06:18] C:\DOCUME~1\Marie\APPLIC~1\Identities
[30/11/2006|06:18] C:\DOCUME~1\Marie\APPLIC~1\Macromedia
[09/12/2007|13:28] C:\DOCUME~1\Marie\APPLIC~1\Microsoft
[17/03/2008|13:47] C:\DOCUME~1\Marie\APPLIC~1\Mozilla
[07/12/2007|11:09] C:\DOCUME~1\Marie\APPLIC~1\PC Suite
[17/03/2008|13:46] C:\DOCUME~1\Marie\APPLIC~1\Talkback
[17/03/2008|13:47] C:\DOCUME~1\Marie\APPLIC~1\Thunderbird
[30/11/2006|06:18] C:\DOCUME~1\Marie\APPLIC~1\You've Got Pictures Screensaver

[09/12/2007|19:43] C:\DOCUME~1\Moi\APPLIC~1\Adobe
[29/03/2007|18:05] C:\DOCUME~1\Moi\APPLIC~1\AdobeUM
[01/12/2008|23:08] C:\DOCUME~1\Moi\APPLIC~1\Apple Computer
[15/02/2007|14:58] C:\DOCUME~1\Moi\APPLIC~1\ArcSoft
[10/03/2009|21:27] C:\DOCUME~1\Moi\APPLIC~1\AVGTOOLBAR
[12/12/2007|20:47] C:\DOCUME~1\Moi\APPLIC~1\Brother
[18/07/2007|14:42] C:\DOCUME~1\Moi\APPLIC~1\Canon
[10/07/2007|19:34] C:\DOCUME~1\Moi\APPLIC~1\CyberLink
[08/07/2007|23:02] C:\DOCUME~1\Moi\APPLIC~1\Datalayer
[23/05/2007|15:10] C:\DOCUME~1\Moi\APPLIC~1\Google
[15/02/2007|17:12] C:\DOCUME~1\Moi\APPLIC~1\HAPedit
[23/02/2007|19:05] C:\DOCUME~1\Moi\APPLIC~1\Help
[30/11/2006|06:18] C:\DOCUME~1\Moi\APPLIC~1\Identities
[28/02/2008|23:25] C:\DOCUME~1\Moi\APPLIC~1\IGN2K5
[23/11/2008|22:00] C:\DOCUME~1\Moi\APPLIC~1\InstallShield
[26/11/2008|00:40] C:\DOCUME~1\Moi\APPLIC~1\iPodder
[13/02/2007|22:42] C:\DOCUME~1\Moi\APPLIC~1\Leadertech
[13/02/2007|21:13] C:\DOCUME~1\Moi\APPLIC~1\Macromedia
[11/03/2009|00:40] C:\DOCUME~1\Moi\APPLIC~1\Malwarebytes
[17/02/2007|17:38] C:\DOCUME~1\Moi\APPLIC~1\Media Player Classic
[10/12/2008|22:44] C:\DOCUME~1\Moi\APPLIC~1\Microsoft
[06/12/2008|21:45] C:\DOCUME~1\Moi\APPLIC~1\Mozilla
[08/07/2007|22:43] C:\DOCUME~1\Moi\APPLIC~1\Nokia
[15/02/2007|17:18] C:\DOCUME~1\Moi\APPLIC~1\Nvu
[13/02/2007|22:23] C:\DOCUME~1\Moi\APPLIC~1\OD2
[06/12/2008|22:25] C:\DOCUME~1\Moi\APPLIC~1\OpenOffice.org
[06/12/2008|22:22] C:\DOCUME~1\Moi\APPLIC~1\OpenOffice.org2
[06/04/2009|22:08] C:\DOCUME~1\Moi\APPLIC~1\Opera
[08/07/2007|22:41] C:\DOCUME~1\Moi\APPLIC~1\PC Suite
[25/11/2007|23:59] C:\DOCUME~1\Moi\APPLIC~1\ScanSoft
[07/02/2007|19:55] C:\DOCUME~1\Moi\APPLIC~1\Skype
[13/02/2007|22:42] C:\DOCUME~1\Moi\APPLIC~1\Sonic
[13/02/2007|21:55] C:\DOCUME~1\Moi\APPLIC~1\Sun
[05/04/2009|21:34] C:\DOCUME~1\Moi\APPLIC~1\SUPERAntiSpyware.com
[13/02/2007|22:31] C:\DOCUME~1\Moi\APPLIC~1\Talkback
[13/02/2007|22:53] C:\DOCUME~1\Moi\APPLIC~1\Thunderbird
[13/02/2007|21:38] C:\DOCUME~1\Moi\APPLIC~1\Ulead Systems
[19/06/2007|20:57] C:\DOCUME~1\Moi\APPLIC~1\XnView
[30/11/2006|06:18] C:\DOCUME~1\Moi\APPLIC~1\You've Got Pictures Screensaver

[27/11/2007|22:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[14/04/2009 11:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/04/2009 08:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 15:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[29/03/2007|19:04] C:\Program Files\@Last Software
[15/02/2007|16:36] C:\Program Files\7-Zip
[02/07/2008|22:53] C:\Program Files\Adobe
[30/11/2006|06:20] C:\Program Files\AOL 9.0
[30/11/2006|06:20] C:\Program Files\AOL Compagnon
[01/12/2008|23:07] C:\Program Files\Apple Software Update
[15/02/2007|14:45] C:\Program Files\ArcSoft
[10/03/2009|21:22] C:\Program Files\AVG
[15/02/2007|17:27] C:\Program Files\Bradbury
[25/11/2007|23:40] C:\Program Files\Brother
[15/02/2007|14:47] C:\Program Files\Canon
[10/03/2009|23:24] C:\Program Files\CCleaner
[28/11/2007|11:47] C:\Program Files\Charlyrobot
[30/11/2006|06:18] C:\Program Files\Common Files
[30/11/2006|06:18] C:\Program Files\ComPlus Applications
[30/11/2006|06:18] C:\Program Files\CyberLink
[08/07/2007|22:42] C:\Program Files\DIFX
[05/04/2009|21:33] C:\Program Files\Fichiers communs
[15/02/2007|16:57] C:\Program Files\FileZilla
[15/02/2007|17:29] C:\Program Files\Free Buttons.org
[24/02/2009|21:49] C:\Program Files\Google
[27/11/2007|22:59] C:\Program Files\Grisoft
[24/02/2009|21:23] C:\Program Files\hapedit
[07/02/2008|16:25] C:\Program Files\IGN France
[23/11/2008|22:00] C:\Program Files\InstallShield Installation Information
[15/02/2009|11:39] C:\Program Files\Internet Explorer
[07/02/2007|19:36] C:\Program Files\Inventel
[01/12/2008|23:08] C:\Program Files\iPod
[01/12/2008|23:08] C:\Program Files\iTunes
[11/03/2009|00:56] C:\Program Files\Java
[06/12/2008|22:24] C:\Program Files\JRE
[01/12/2008|22:32] C:\Program Files\Juice
[17/02/2007|18:19] C:\Program Files\K-Lite Codec Pack
[15/02/2007|17:19] C:\Program Files\LaBoiteACouleurs
[30/11/2006|06:18] C:\Program Files\Learn2.com
[10/12/2008|22:35] C:\Program Files\Learning Essentials
[10/12/2008|20:49] C:\Program Files\Messenger
[15/02/2009|11:43] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[10/12/2008|22:39] C:\Program Files\Microsoft Etudes
[30/11/2006|06:18] C:\Program Files\microsoft frontpage
[10/12/2008|22:01] C:\Program Files\Microsoft Office
[15/02/2007|15:28] C:\Program Files\Microsoft Visual Studio
[16/02/2009|10:48] C:\Program Files\Microsoft Works
[15/02/2007|15:28] C:\Program Files\Microsoft.NET
[10/12/2008|20:45] C:\Program Files\Movie Maker
[14/04/2009|23:14] C:\Program Files\Mozilla Firefox
[14/04/2009|23:13] C:\Program Files\Mozilla Thunderbird
[30/11/2006|06:18] C:\Program Files\MSN
[30/11/2006|06:18] C:\Program Files\MSN Gaming Zone
[10/12/2008|20:43] C:\Program Files\NetMeeting
[08/07/2007|22:41] C:\Program Files\Nokia
[15/02/2007|17:18] C:\Program Files\Nvu
[30/11/2006|06:20] C:\Program Files\Online Services
[13/02/2007|23:17] C:\Program Files\open_office
[28/11/2007|12:22] C:\Program Files\OpenOffice.org 2.1
[06/12/2008|22:23] C:\Program Files\OpenOffice.org 2.3
[06/12/2008|22:23] C:\Program Files\OpenOffice.org 3
[06/04/2009|22:08] C:\Program Files\Opera
[23/11/2008|22:08] C:\Program Files\Orange
[10/12/2008|20:43] C:\Program Files\Outlook Express
[09/07/2007|23:47] C:\Program Files\PhotoFiltre
[07/02/2007|19:24] C:\Program Files\Picasa2
[01/12/2008|23:07] C:\Program Files\QuickTime
[30/11/2006|06:18] C:\Program Files\Real
[30/11/2006|06:18] C:\Program Files\Realtek
[23/11/2008|22:00] C:\Program Files\SAGEM
[25/11/2007|23:38] C:\Program Files\ScanSoft
[08/02/2007|20:10] C:\Program Files\Securitoo
[30/11/2006|06:21] C:\Program Files\Services en ligne
[30/11/2006|06:18] C:\Program Files\SmartSound Software
[12/02/2007|19:25] C:\Program Files\Softwin
[24/04/2008|18:23] C:\Program Files\SolidWorks EE 2002-2003
[30/11/2006|06:18] C:\Program Files\Sonic
[13/03/2009|20:49] C:\Program Files\Spybot - Search & Destroy
[05/04/2009|21:34] C:\Program Files\SUPERAntiSpyware
[26/11/2007|00:19] C:\Program Files\SYSTRAN
[30/11/2006|06:18] C:\Program Files\Ulead Systems
[30/11/2006|06:18] C:\Program Files\Uninstall Information
[30/11/2006|06:18] C:\Program Files\Viewpoint
[08/02/2007|20:11] C:\Program Files\Wanadoo
[30/11/2006|06:18] C:\Program Files\Windows Media Components
[13/02/2007|22:08] C:\Program Files\Windows Media Connect 2
[13/02/2007|22:08] C:\Program Files\Windows Media Player
[10/12/2008|20:43] C:\Program Files\Windows NT
[30/11/2006|06:18] C:\Program Files\Windows Plus
[30/11/2006|06:18] C:\Program Files\WindowsUpdate
[30/11/2006|06:21] C:\Program Files\X10 Hardware
[30/11/2006|06:18] C:\Program Files\xerox
[15/02/2007|16:36] C:\Program Files\XnView

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[17/02/2008|22:04] C:\Program Files\Fichiers communs\Adobe
[30/11/2006|06:20] C:\Program Files\Fichiers communs\AOL
[30/11/2006|06:20] C:\Program Files\Fichiers communs\aolshare
[01/12/2008|23:08] C:\Program Files\Fichiers communs\Apple
[28/11/2007|11:41] C:\Program Files\Fichiers communs\DESIGNER
[23/03/2008|23:44] C:\Program Files\Fichiers communs\eDrawings2008
[23/11/2008|22:08] C:\Program Files\Fichiers communs\France Telecom
[25/11/2007|23:39] C:\Program Files\Fichiers communs\InstallShield
[30/11/2006|06:18] C:\Program Files\Fichiers communs\Java
[10/03/2009|21:22] C:\Program Files\Fichiers communs\Microsoft Shared
[30/11/2006|06:18] C:\Program Files\Fichiers communs\MSSoap
[08/07/2007|22:41] C:\Program Files\Fichiers communs\Nokia
[30/11/2006|06:18] C:\Program Files\Fichiers communs\Nullsoft
[30/11/2006|06:18] C:\Program Files\Fichiers communs\ODBC
[08/07/2007|22:41] C:\Program Files\Fichiers communs\PCSuite
[30/11/2006|06:18] C:\Program Files\Fichiers communs\Real
[25/11/2007|23:39] C:\Program Files\Fichiers communs\ScanSoft Shared
[30/11/2006|06:20] C:\Program Files\Fichiers communs\Services
[12/02/2007|19:25] C:\Program Files\Fichiers communs\Softwin
[23/03/2008|23:44] C:\Program Files\Fichiers communs\SolidWorks Shared
[30/11/2006|06:20] C:\Program Files\Fichiers communs\Sonic Shared
[30/11/2006|06:18] C:\Program Files\Fichiers communs\SpeechEngines
[30/11/2006|06:20] C:\Program Files\Fichiers communs\SureThing Shared
[08/02/2007|20:19] C:\Program Files\Fichiers communs\Symantec Shared
[10/12/2008|22:06] C:\Program Files\Fichiers communs\System
[30/11/2006|06:18] C:\Program Files\Fichiers communs\TiVo Shared
[30/11/2006|06:20] C:\Program Files\Fichiers communs\Ulead Systems
[05/04/2009|21:33] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 74 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-14 23:15:56
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:11][D:0]-> C:\DOCUME~1\Moi\Cookies
[F:56][D:4]-> C:\DOCUME~1\Moi\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 14/04/2009|23:17 - Option : [1]

--------------------\\ Fin du rapport a 23:17:02

Réponse 11 / 12

loloetseb Messages postés 5684 Statut Membre 174

> Télécharge Dr Web CureIt sur ton Bureau :

- Double clique <drweb-cureit.exe> et ensuite clique sur <Analyse>;

- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
- De retour à la fenêtre principale : clique pour activer <Analyse complète>
- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
- Ferme Dr.Web Cureit
- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.

Pascal

bonjour,
me revoilà! Lors de l'analyse par DrWeb, l'ordi s'est planté, pas moyen de redémarrer. En cours d'analyse j'ai vu qu'il avait trouvé 6 problèmes (certains dans Spybot!) mais je n'ai pas pu récupérer le rapport.
Je viens de faire une nouvelle analyse, pas trace des trucs précédents, voici le rapport:

A0058321.exe;C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP265;Tool.Prockill;Irréparable.Supprimé.;
A0058362.exe;C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP265;Tool.Prockill;Irréparable.Supprimé.;
A0058377.exe;C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP265;Tool.Prockill;Irréparable.Supprimé.;
A0058379.exe;C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP265;Tool.ShutDown.14;Irréparable.Supprimé.;

Merci pour votre patience et votre dévouement
PM

Réponse 12 / 12

loloetseb Messages postés 5684 Statut Membre 174

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...

-> laisse faire le scan et ne touche pas au PC ...

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )

Pascal

Bonsoir

Logfile of random's system information tool 1.06 (written by random/random)
Run by Moi at 2009-04-26 20:39:38
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 258 GB (87%) free of 297 GB
Total RAM: 1022 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:56, on 26/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Documents and Settings\Moi\Bureau\RSIT.exe
C:\Documents and Settings\Moi\Bureau\Moi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\APPS\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [L08FXLRD_7047500] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Pascal

info.txt logfile of random's system information tool 1.06 2009-04-26 20:39:59

======Uninstall list======

-->"c:\apps\skype\phone\unins000.exe"
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 4.42-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop Elements\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements\Uninst.dll"
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe SVG Viewer-->C:\WINDOWS\IsUn040c.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoBase 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}\setup.exe" -l0x40c -uninst
ArcSoft PhotoStudio 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}\setup.exe" -l0x40c -uninst
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x40c Brunin03.dll -removeonly
Browser Address Error Redirector-->regsvr32 /u /s "C:\APPS\BAE\BAE.dll"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CharlyGraal V5-->MsiExec.exe /I{43062EA1-4947-4FB6-BD91-EDC35F6DB3AD}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
eDrawings for SketchUp-->MsiExec.exe /X{1A73872E-287B-4EBB-999B-2A70E2F5036E}
FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"
FindyKill-->C:\FindyKill\Uninstal.exe
Free Buttons.org-->C:\Program Files\Free Buttons.org\uninstall.exe
Géorando - Limousin-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C3D989A-4930-4485-853B-90D1D1F2F0F2}\SETUP.EXE" -l0x40c -removeonly
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
Google SketchUp-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E1423608-F529-40A1-93CA-C7F396F30DF0}\setup.exe" -l0x9
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Moi\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Juice 2.2-->C:\Program Files\Juice\uninst.exe
K-Lite Codec Pack 2.84 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
La boite a couleurs version 1.6.15-->"C:\Program Files\LaBoiteACouleurs\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Macromedia Flash Player 8-->MsiExec.exe /X{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
Manual CanoScan LiDE 50-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2C726E9-C3A0-4850-82C7-5D01FE0E4EB8}\setup.exe" -l0x40c
MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Encarta 2008 - Études-->MsiExec.exe /I{08181881-FCA5-44A7-B863-D66037A16AAF}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (2.0.0.11)-->E:\Apps\PortableFirefox\firefox\uninstall\helper.exe
Mozilla Firefox (3.0.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.21)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
Nokia Multimedia Factory-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{BD72E64C-F0DB-40CB-846B-611C57D8AB0C} /l1036
Nokia PC Connectivity Solution-->MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
Nokia PC Suite-->MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
OmniPage SE-->MsiExec.exe /I{6249C22D-E6A8-407B-BA8B-40298848ED94}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
PaperPort-->MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SketchUp 5 Architecture Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A535CF14-E12F-40B0-B6A3-6E214EA12CD3}\setup.exe" -l0x9 -removeonly
SketchUp 5 Construction Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC842852-5787-441A-90C1-5F315531BCE3}\setup.exe" -l0x9 -removeonly
SketchUp 5 Landscape Architecture Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDAA5D11-FAA6-425A-AF9D-0D7B5FCDCD74}\setup.exe" -l0x9 -removeonly
SketchUp 5 People Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA0951BF-BBC4-407B-A9C4-92A37EAE3AF3}\setup.exe" -l0x9 -removeonly
SketchUp 5 Transportation Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{862E85C6-3A84-444C-A9B8-456E8115C392}\setup.exe" -l0x9 -removeonly
SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
SolidWorks Education Edition-->RunDll32 C:\PROGRA~1\SOLIDW~1\setup\i386\swuninst.dll,UninstInitViaRunDll32 /sw_dt:"SolidWorks" /sw_it:"Individual" /sw_ld:"C:\Program Files\SolidWorks EE 2002-2003" /sw_pg:"{CE6AE703-BDAA-11D5-BDCA-00C04F019809}"
SolidWorks Toolbox Education Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D598F0A5-B6F3-4450-B95A-843AC81CB049}\setup.exe" -uninst
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SYSTRAN Web Translator 5.0-->MsiExec.exe /I{E0B38894-0E4D-4AE1-B17E-CFBC3692E86A}
TopStyle Lite (Version 3.0)-->C:\WINDOWS\unlite3.exe "C:\Program Files\Bradbury\TopStyle3"
Ulead PhotoImpact 10 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x40c
Ulead VideoStudio 9.0 SE DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}\setup.exe" -l0x40c
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
WBEncarta-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files\Learning Essentials\1.0\fr\FR\WBEncarta\Uninstall\Uninstall.inf,Uninstall,,,N
Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_62A340731F8930057B44B8864F236850B0D49D65\nokbtmdm.inf
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
XnView 1.90.2-->"C:\Program Files\XnView\unins000.exe"

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: pascal
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Office Source Engine.

Record Number: 18380
Source Name: Service Control Manager
Time Written: 20090218094134.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: pascal
Event Code: 7036
Message: Le service Windows Installer est entré dans l'état : en cours d'exécution.

Record Number: 18379
Source Name: Service Control Manager
Time Written: 20090218094056.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer.

Record Number: 18378
Source Name: Service Control Manager
Time Written: 20090218094056.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: pascal
Event Code: 18
Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le ?mercredi ?18 ?février ?2009 à 09:40 :
- Mise à jour d'Outlook 2003 (KB943649)
- Mise à jour de sécurité pour Access Snapshot Viewer 2003 (KB955439)
- Mise à jour de sécurité pour Microsoft Office 2003 (KB921598)
- Mise à jour de sécurité pour Microsoft Office PowerPoint 2003 (KB948988)
- Mise à jour de sécurité pour Office 2003 (KB945185)
- Mise à jour de sécurité pour Microsoft Office 2003 (KB951535)
- Mise à jour critique pour Office 2003 (943452)
- Mise à jour de sécurité pour Microsoft Works Suite 2005 (KB943973)
- Mise à jour de sécurité pour Microsoft Office Outlook 2003 (KB945432)
- Mise à jour de sécurité pour Microsoft Office 2003 (KB953404)
- Mise à jour de sécurité pour Microsoft Office Publisher 2003 (KB950213)
- Mise à jour de sécurité pour Microsoft Office Word 2003 (KB956357)
- Mise à jour de sécurité pour Office 2003 (KB954478)
- Mise à jour de sécurité pour Microsoft Office Excel 2003 (KB958436)
- Mise à jour pour Microsoft Office Outlook 2003 (KB953432)

Record Number: 18377
Source Name: Windows Update Agent
Time Written: 20090218094024.000000+060
Event Type: Informations
User:

Computer Name: pascal
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

Record Number: 18376
Source Name: Service Control Manager
Time Written: 20090218093917.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: pascal
Event Code: 1904
Message:
Record Number: 829
Source Name: HHCTRL
Time Written: 20080402223041.000000+120
Event Type: Informations
User:

Computer Name: pascal
Event Code: 1904
Message:
Record Number: 828
Source Name: HHCTRL
Time Written: 20080402223041.000000+120
Event Type: Informations
User:

Computer Name: pascal
Event Code: 1904
Message:
Record Number: 827
Source Name: HHCTRL
Time Written: 20080402223041.000000+120
Event Type: Informations
User:

Computer Name: pascal
Event Code: 1904
Message:
Record Number: 826
Source Name: HHCTRL
Time Written: 20080402223041.000000+120
Event Type: Informations
User:

Computer Name: pascal
Event Code: 1904
Message:
Record Number: 825
Source Name: HHCTRL
Time Written: 20080402223041.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

Merci

Discussions similaires

cheval dans oblivion

expressions francaises

supprimer un cheval de troie

Cheval de Troie- e.tre456.worm.windows

virus: comment supprimer ccxprocess (virus cheval de troie)

Discussions similaires

Newsletters