Virus MS Antispyware 2009
Résolu
Hoky Mhine
-
Hoky Mhine Messages postés 13 Statut Membre -
Hoky Mhine Messages postés 13 Statut Membre -
Bonjour,
je viens sur ce forum pour solociter votre aide qui sera j'espere, précieuse. Depuis hier j'ai un virus qui s'est installé. Avec les nombreuses pubs pour ce (faux) antivirus et les descriptions qui ont été donné sur internet j'en ai deduis que c'est celui-ci qui a infecté mon ordinateur.
Je ne sais pas vraiment quoi, j'y connais pas grand chose en informatique c'est pour quoi je viens ici. Auriez vous l'amabilité de m'aider s'il vous plait.
Merci de m'avoir lu.
Hoky Mhine
je viens sur ce forum pour solociter votre aide qui sera j'espere, précieuse. Depuis hier j'ai un virus qui s'est installé. Avec les nombreuses pubs pour ce (faux) antivirus et les descriptions qui ont été donné sur internet j'en ai deduis que c'est celui-ci qui a infecté mon ordinateur.
Je ne sais pas vraiment quoi, j'y connais pas grand chose en informatique c'est pour quoi je viens ici. Auriez vous l'amabilité de m'aider s'il vous plait.
Merci de m'avoir lu.
Hoky Mhine
Configuration: Windows XP Internet Explorer 7.0
43 réponses
- 1
- 2
- 3
Suivant
Résumé de la discussion
Une infection virale est signalée sur un PC sous Windows XP, avec des publicités trompeuses et des faux antivirus, suscitant des conseils d’outils et de procédures de nettoyage. Des solutions clés sont proposées : déconnecter les périphériques externes infectés, lancer UsbFix en mode Recherche ou Suppression, et publier le rapport UsbFix.txt, OTMoveIt est ensuite utilisé pour déplacer les éléments malveillants. D'autres réponses évoquent ComboFix et l'interférence de Norton 360, avec des avertissements sur Process.exe et la nécessité d'évaluer l'étendue de l'infection. Pour éviter les faux positifs et assurer une suppression complète, il faut vérifier les rapports générés et répéter le balayage avec un autre outil.
-
Slt,
lance rogue remover (et colle le rapport)
pour info :
http://www.libellules.ch/dotclear/index.php?2006/11/29/1518-rogue-remover
pour telecharger :
https://www.01net.com/telecharger/
_______________________
scan avec malwarebyte , fais un scan rapide et colle le rapport obtenu et vire ce qui est trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
______________________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit -
bonjour.
1)passe cet antimalware, fait comme indique
Telecharges malwaresbytes antimalwares(MBAM) : egalement tres util sur pb de pub mais pas tous malheureusement
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
fais comme indique,mise a jour , scan complet en mode sans echec et les rapports.
COLLE LE RAPPORT APRES SUPPRESSION MERCI.
garde le et lance un scan tout les mois comme indique.
si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.
2)telecharge cela:util pour voir ce que peut etre l infection et agir ensuite.
http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
installe le normallement comme tout autre programme dans c/programme/...............
clique sur do a scan and save a logfile, tu obtiens un rapport que tu colles.
-
Pour RogueRemover:
Loading database...
Expanding environmental variables...
Scanning files ... [100%]
Scanning folders... [100%]
Scanning registry keys... [100%]
Scanning registry values... [100%]
COngratulations, RogueRemover did not detect any items
Pour Malwarebytes log :
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrateur at 2009-04-06 16:31:57
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 152 GB (66%) free of 231 GB
Total RAM: 1022 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:32:31, on 06/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\umiweoa.exe
C:\WINDOWS\system32\userload.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
c:\WINDOWS\promo.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\RogueRemover FREE\RogueRemover.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\HP_Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\HP_Administrateur.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantecstore.com/promo=44985
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: offersfortoday - {ef2d1b49-42bf-7f75-70ae-03c38cc83f2b} - C:\WINDOWS\system32\nse107.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE WEBSHOT II USB CAM 300K
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [umiweoa] "c:\windows\system32\umiweoa.exe" umiweoa
O4 - HKLM\..\Run: [restor] C:\WINDOWS\system32\userload.exe -a
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
-
le rapport malwarebyte??????,,
______________
Pour fusionner:
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
_______________
telecharge combofix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
_________________
Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)
Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
File::
J:\RECYCLED\INFO.exe
J:\start.exe
C:\WINDOWS\system32\nse107.dll
c:\windows\system32\umiweoa.exe
C:\WINDOWS\system32\userload.exe
C:\WINDOWS\tasks\B30DE584914E9318.job
Registry::[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ef2d1b49-42bf-7f75-70ae-03c38cc83f2b}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"umiweoa"=-
"restor"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2796dd2e-aa44-11dc-acf7-0060b356876d}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56262878-3a72-11da-8d13-806d6172696f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6af13a88-8270-11dd-afcd-0013d4f83606}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3fa9a50-0fc8-11de-b12b-0019700a9dcc}]
Enregistre ce fichier sous le nom CFscript
Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe
Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
___________________
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
a plus -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
j'ai vu qu'il manquait des morceaux donc je les rajoute :
info.txt logfile of random's system information tool 1.06 2009-04-06 16:32:38
======Uninstall list======
-->"C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W /L:FRN
-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B20EB9BE-3795-47BA-BDD6-889593E8FD55}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B20EB9BE-3795-47BA-BDD6-889593E8FD55}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ATI Catalyst Control Center-->MsiExec.exe /I{9A945BB0-FB9C-4DAA-9C72-789E4B97C595}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AV Voice Changer Software 6.0-->C:\PROGRA~1\AVVCS6~1.0\UNWISE.EXE C:\PROGRA~1\AVVCS6~1.0\INSTALL.LOG
Backup-->MsiExec.exe /I{24DF7221-644B-4C3A-A478-459502D40522}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Combined Community Codec Pack 2007-02-22-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{17E57E89-DDB3-4f76-9AF1-A8E01CC633E4}
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Contextual Tool Offersfortoday-->C:\WINDOWS\system32\cont_offersfortoday-remove.exe
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB888795)-->"C:\WINDOWS\$NtUninstallKB888795$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB902841)-->"C:\WINDOWS\$NtUninstallKB902841$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB892050-->"C:\WINDOWS\$NtUninstallKB892050$\spuninst\spuninst.exe"
Correctif Windows XP - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Creative MediaSource-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\setup.exe" -l0x40c /remove
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dongle Sagem 760N-->C:\PROGRA~1\FICHIE~1\France Telecom\LIVEBOX_SAGEM_760N\2\uninstHardComponent.exe Uninstall.ini
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Favorit-->"c:\windows\system32\umiweoa.exe" -uninstall
FileZilla Client 3.1.3.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
FinePixViewer Resource-->C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE -runfromtemp -l0x040c -removeonly
FinePixViewer Ver.5.5-->C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE -runfromtemp -l0x040c -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GUILD WARS-->"C:\Program Files\GUILD WARS\Gw.exe" -uninstall
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HPTunesAddIn-->MsiExec.exe /I{69CF01AD-9E35-4BD7-9036-7B8478BEB839}
IncrediMail Xe-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 5.0.11-->"C:\Program Files\LimeWire\uninstall.exe"
Live-Player-->C:\Program Files\Live-Player\uninst.exe
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{9950CE72-AE0E-4288-AC34-ACF4691F6FCB}
Malwarebytes' RogueRemover-->"C:\Program Files\RogueRemover FREE\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.0 Hotfix (KB887998)-->"C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.0 Hotfix (KB930494)-->"C:\WINDOWS\$NtUninstallKB930494$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Age of Empires-->C:\Program Files\Microsoft Games\Age of Empires\Desinstallation.exe /uninstall
Microsoft AutoRoute 2005-->MsiExec.exe /I{67E4EE98-59F4-4220-89A6-A20AF5BEC689}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money-->c:\program files\microsoft money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Photo Premium 10-->"C:\Program Files\Fichiers communs\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
muvee autoProducer 4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C3D719A-92C7-4323-89CC-C937D0267B84}\setup.exe" -l0x40c
muvee autoProducer unPlugged 1.1 - HPD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B1931B3A-29E9-4F91-9B61-BE2CF05E84F1}\setup.exe" -l0x40c
Norton 360 (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_2_0_2\Setup.exe" /X
Norton 360 HTMLHelp-->MsiExec.exe /I{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}
Norton 360-->MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360-->MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360-->MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton Confidential Core-->MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
Norton Security Scan-->MsiExec.exe /I{1A8A214F-6BAC-4E01-A27D-25C19A484908}
OneStopSoft Youtube Video File Downloader 1.0.0.7-->"C:\Program Files\OneStopSoft.com\Youtube Video File Downloader\unins000.exe"
OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14}
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PC-Doctor 5 for Windows-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{AB61A692-5543-4C48-979B-8CEA1C52FE9C} /l1036
PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Sagem XG703 USB 802.11g-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7421E270-0140-4F62-AE39-ECB9F1C81B35}\Setup.exe" -l0x40c
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem ^^-->C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung Samples Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Seekmo Toolbar-->"C:\Program Files\SeekmoToolbar\Bin\SkUninst.exe" Web
Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP E:\
SereneScreen Marine Aquarium 2.6-->"C:\Program Files\SereneScreen\Marine Aquarium 2.6\unins000.exe"
Shareaza version 2.2.5.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sound Blaster X-Fi-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\setup.exe" -l0x40c /remove
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Super macro-->C:\Program Files\Super macro\uninstall.exe
Symantec Technical Support Controls-->MsiExec.exe /I{45690715-80A6-4445-B61D-ADEC5888E8CD}
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Teamspeak 3-->"C:\Program Files\Teamspeak2_RC2\unins001.exe"
TeVeo VIDiO Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79922699-7614-4033-884B-B40E3807B3B3}\setup.exe"
TI-Black Link-->C:\PROGRA~1\TIEDUC~1\BLACKL~1\Unwise.exe /U /Z C:\PROGRA~1\TIEDUC~1\BLACKL~1\Install.log
TI-Graph Link 82 - Français-->C:\PROGRA~1\TIEDUC~1\TI-GRA~1\UNWISE.EXE /U /Z C:\PROGRA~1\TIEDUC~1\TI-GRA~1\Install.log
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Tsunami-Filter-Pack Mini-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B947EFD7-D033-49E2-B837-F43C9D73AD4A}\Setup.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Anti-Spy-->C:\PROGRA~1\Yahoo!\Common\unypsr.exe
YouTUBE (TM) movie downloader-->MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}
Zylom Games Player Plugin-->"C:\Program Files\Zylom Games\UninstallPlugin.exe" --uninstall
======Security center information======
AV: Norton 360
FW: Norton 360
======System event log======
Computer Name: NOM-6223BA19ADD
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Application système COM+.
Record Number: 2193
Source Name: Service Control Manager
Time Written: 20090325221207.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: NOM-6223BA19ADD
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.
Record Number: 2192
Source Name: Service Control Manager
Time Written: 20090325221207.000000+060
Event Type: Informations
User:
Computer Name: NOM-6223BA19ADD
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.
Record Number: 2191
Source Name: Service Control Manager
Time Written: 20090325221207.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: NOM-6223BA19ADD
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.
Record Number: 2190
Source Name: Service Control Manager
Time Written: 20090325221207.000000+060
Event Type: Informations
User:
Computer Name: NOM-6223BA19ADD
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).
Record Number: 2189
Source Name: Service Control Manager
Time Written: 20090325221207.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: NOM-6223BA19ADD
Event Code: 2002
Message:
Record Number: 15443
Source Name: EAPOL
Time Written: 20090326162048.000000+060
Event Type: Informations
User:
Computer Name: NOM-6223BA19ADD
Event Code: 2003
Message:
Record Number: 15442
Source Name: EAPOL
Time Written: 20090326162048.000000+060
Event Type: Informations
User:
Computer Name: NOM-6223BA19ADD
Event Code: 2002
Message:
Record Number: 15441
Source Name: EAPOL
Time Written: 20090326162043.000000+060
Event Type: Informations
User:
Computer Name: NOM-6223BA19ADD
Event Code: 2003
Message:
Record Number: 15440
Source Name: EAPOL
Time Written: 20090326162043.000000+060
Event Type: Informations
User:
Computer Name: NOM-6223BA19ADD
Event Code: 302
Message: MsnMsgr (2852) \\.\C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\jerem95490@hotmail.fr\SharingMetadata\Working\database_AE40_46DA_4046_A943\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.
Record Number: 15439
Source Name: ESENT
Time Written: 20090326162028.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0404
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_04\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_04\lib\ext\QTJava.zip
-----------------EOF----------------- -
-
Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:27:57, on 06/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\umiweoa.exe
C:\WINDOWS\system32\userload.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
c:\WINDOWS\promo.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\RogueRemover FREE\RogueRemover.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantecstore.com/promo=44985
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: offersfortoday - {ef2d1b49-42bf-7f75-70ae-03c38cc83f2b} - C:\WINDOWS\system32\nse107.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE WEBSHOT II USB CAM 300K
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [umiweoa] "c:\windows\system32\umiweoa.exe" umiweoa
O4 - HKLM\..\Run: [restor] C:\WINDOWS\system32\userload.exe -a
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
-
??????????????????,,
tu as lu le message 4 -
tu lance norton et dedans tu désactive la protection en temps réel
-
Pour LopSD :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : Norton 360 2007 (Activated)
Firewall : Norton 360 2007 (Activated)
C:\ (Local Disk) - NTFS - Total:225 Go (Free:148 Go)
D:\ (Local Disk) - FAT32 - Total:7 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 06/04/2009|19:25 )
--------------------\\ Listing des dossiers dans APPLIC~1
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[15/01/2009|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[18/07/2007|05:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/08/2007|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[21/06/2007|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[23/02/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/04/2009|22:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[07/08/2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[07/08/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/02/2007|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/03/2009|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/08/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[08/03/2009|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[29/11/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/08/2008|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[30/11/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[01/03/2007|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/06/2007|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[26/03/2009|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[24/02/2007|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Creative
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[13/10/2008|20:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
[18/04/2007|11:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
[18/07/2007|06:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Apple Computer
[16/02/2007|21:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ATI
[03/07/2007|10:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Corel
[16/02/2007|21:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Creative
[15/10/2008|14:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Desktopicon
[09/03/2007|11:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DivX
[03/02/2009|14:09] C:\DOCUME~1\HP_ADM~1\APPLIC~1\dvdcss
[03/11/2008|17:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FUJIFILM
[23/02/2007|20:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
[15/03/2007|18:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
[28/03/2007|18:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
[16/02/2007|21:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
[03/11/2008|16:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InstallShield
[16/02/2007|14:29] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InterVideo
[24/08/2007|23:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\iso scr owns
[27/02/2007|19:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ivivo
[01/04/2007|08:57] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
[01/03/2009|18:14] C:\DOCUME~1\HP_ADM~1\APPLIC~1\live-player
[17/03/2007|11:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
[26/09/2008|20:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
[05/02/2009|23:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla
[06/04/2009|19:15] C:\DOCUME~1\HP_ADM~1\APPLIC~1\OpenOffice.org2
[11/10/2008|21:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
[16/02/2007|21:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SampleView
[02/03/2009|20:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung
[06/04/2009|19:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Skype
[06/04/2009|16:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\skypePM
[01/04/2007|11:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
[07/08/2008|13:46] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Static IncrediMail Backup
[03/03/2007|11:25] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
[23/10/2008|12:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Symantec
[08/03/2009|21:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\teamspeak2
[27/02/2007|19:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\WinRAR
[06/03/2007|18:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\DivX
[23/02/2007|21:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/02/2007|21:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/04/2009 16:20][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{598DF8B1-327D-48A6-8F79-F9B5BCDADB20}.job
[30/03/2009 11:42][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/04/2009 19:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[16/02/2007|21:20] C:\Program Files\Adobe
[11/08/2008|19:18] C:\Program Files\Apple Software Update
[16/02/2007|21:18] C:\Program Files\ATI Technologies
[14/05/2008|19:27] C:\Program Files\AV Vcs 6.0
[18/08/2007|15:30] C:\Program Files\BitDownload
[15/01/2009|23:03] C:\Program Files\Bonjour
[24/01/2009|16:43] C:\Program Files\CCleaner
[27/02/2007|19:17] C:\Program Files\Combined Community Codec Pack
[09/03/2007|11:14] C:\Program Files\Common
[13/05/2008|19:40] C:\Program Files\Common Files
[16/02/2007|21:20] C:\Program Files\ComPlus Applications
[22/04/2008|00:09] C:\Program Files\Copie de GUILD WARS
[16/02/2007|21:20] C:\Program Files\Creative
[22/03/2009|14:52] C:\Program Files\DivX
[26/03/2009|19:10] C:\Program Files\Dofus
[12/03/2008|19:21] C:\Program Files\Easy Internet signup
[26/03/2009|19:11] C:\Program Files\eMule
[06/04/2009|19:09] C:\Program Files\Fichiers communs
[12/10/2008|20:08] C:\Program Files\FileZilla FTP Client
[04/11/2008|17:19] C:\Program Files\FinePixViewer
[25/02/2008|12:55] C:\Program Files\FLV Player
[16/02/2007|21:23] C:\Program Files\FrenchOtto
[21/07/2007|09:23] C:\Program Files\Game Cam v1.4
[16/02/2007|21:23] C:\Program Files\GemMasterFrench
[28/08/2008|19:00] C:\Program Files\Google
[01/12/2008|21:12] C:\Program Files\GUILD WARS
[10/11/2008|11:42] C:\Program Files\HP
[07/08/2008|17:38] C:\Program Files\IncrediMail
[03/11/2008|16:56] C:\Program Files\InstallShield Installation Information
[30/03/2009|19:03] C:\Program Files\Internet Explorer
[16/02/2007|21:26] C:\Program Files\InterVideo
[15/01/2009|23:01] C:\Program Files\iPod
[18/08/2007|15:35] C:\Program Files\iso scr owns
[15/01/2009|23:01] C:\Program Files\iTunes
[27/02/2007|19:57] C:\Program Files\iViVo
[29/01/2009|11:54] C:\Program Files\Java
[28/02/2009|00:19] C:\Program Files\LimeWire
[01/03/2009|18:14] C:\Program Files\Live-Player
[16/02/2007|21:26] C:\Program Files\MainConcept
[08/06/2007|19:55] C:\Program Files\Messenger
[28/03/2009|12:59] C:\Program Files\Messenger Plus! Live
[26/03/2009|18:27] C:\Program Files\Microsoft
[23/02/2007|18:57] C:\Program Files\Microsoft AutoRoute
[13/11/2007|14:27] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/02/2007|21:26] C:\Program Files\microsoft frontpage
[04/08/2007|17:58] C:\Program Files\Microsoft Games
[23/02/2007|18:50] C:\Program Files\microsoft money 2005
[22/03/2007|11:45] C:\Program Files\Microsoft Office
[29/03/2009|11:37] C:\Program Files\Microsoft Silverlight
[13/11/2007|12:24] C:\Program Files\Microsoft SQL Server Compact Edition
[23/02/2007|18:46] C:\Program Files\Microsoft Works
[23/02/2007|18:40] C:\Program Files\Microsoft Works Suite 2005
[05/02/2008|13:20] C:\Program Files\Movie Maker
[05/02/2009|23:49] C:\Program Files\Mozilla Firefox
[05/02/2009|21:18] C:\Program Files\MSECache
[10/03/2007|20:20] C:\Program Files\MSN
[16/02/2007|21:26] C:\Program Files\MSN Gaming Zone
[06/09/2008|22:11] C:\Program Files\MSN Messenger
[16/02/2007|21:27] C:\Program Files\muvee Technologies
[16/02/2007|21:27] C:\Program Files\NetMeeting
[04/11/2008|12:40] C:\Program Files\Norton 360
[16/10/2008|09:31] C:\Program Files\Norton Security Scan
[07/10/2008|20:12] C:\Program Files\OneStopSoft.com
[16/02/2007|21:27] C:\Program Files\Online Services
[06/10/2008|19:30] C:\Program Files\OpenOffice.org 2.4
[16/01/2009|19:50] C:\Program Files\OrangeHSS
[12/06/2007|23:03] C:\Program Files\Outlook Express
[16/02/2007|21:27] C:\Program Files\PC-Doctor 5 for Windows
[09/04/2007|19:29] C:\Program Files\PhotoFiltre Studio
[23/02/2007|18:54] C:\Program Files\Picture It! Premium 10
[15/01/2009|22:58] C:\Program Files\QuickTime
[11/10/2008|21:38] C:\Program Files\Real
[06/04/2009|16:26] C:\Program Files\RogueRemover FREE
[23/03/2009|13:03] C:\Program Files\Safari
[30/03/2007|20:22] C:\Program Files\Samsung
[26/09/2008|20:22] C:\Program Files\Securitoo
[24/03/2007|20:02] C:\Program Files\SeekmoToolbar
[28/05/2008|20:09] C:\Program Files\SereneScreen
[16/02/2007|21:27] C:\Program Files\Services en ligne
[24/07/2008|11:33] C:\Program Files\Shareaza
[08/03/2009|21:44] C:\Program Files\Skype
[16/02/2007|21:28] C:\Program Files\Sonic
[15/05/2008|14:22] C:\Program Files\Sports Interactive
[29/04/2008|00:13] C:\Program Files\Super macro
[06/01/2009|11:30] C:\Program Files\Symantec
[19/08/2008|19:11] C:\Program Files\Teamspeak2_RC2
[19/07/2007|10:58] C:\Program Files\TeVeo
[14/01/2009|18:50] C:\Program Files\TI Education
[28/09/2008|00:58] C:\Program Files\TmNationsForever
[06/04/2009|17:27] C:\Program Files\trend micro
[26/02/2007|17:41] C:\Program Files\Tsunami_Filter_Pack_Mini
[16/02/2007|21:28] C:\Program Files\Uninstall Information
[18/11/2008|22:58] C:\Program Files\VDOWNLOADER
[26/01/2009|16:34] C:\Program Files\VideoLAN
[04/02/2009|15:43] C:\Program Files\Wakfu
[23/04/2007|18:23] C:\Program Files\Windows Journal Viewer
[28/03/2009|12:57] C:\Program Files\Windows Live
[26/03/2009|18:15] C:\Program Files\Windows Live SkyDrive
[01/03/2007|17:56] C:\Program Files\Windows Media Connect 2
[02/02/2008|21:00] C:\Program Files\Windows Media Player
[16/02/2007|21:28] C:\Program Files\Windows NT
[16/02/2007|21:28] C:\Program Files\Windows Plus
[22/10/2008|23:17] C:\Program Files\Windows Sidebar
[16/02/2007|21:29] C:\Program Files\WindowsUpdate
[18/11/2007|12:23] C:\Program Files\WinRAR
[20/06/2007|16:46] C:\Program Files\WinZip
[16/02/2007|21:29] C:\Program Files\xerox
[27/04/2007|16:36] C:\Program Files\Xvid
[20/03/2007|18:55] C:\Program Files\Yahoo!
[06/01/2009|11:43] C:\Program Files\YesMessenger
[25/02/2008|13:43] C:\Program Files\YouTUBE (TM) movie downloader
[15/05/2008|14:24] C:\Program Files\Zero G Registry
[24/02/2007|14:23] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[16/02/2007|21:22] C:\Program Files\Fichiers communs\Adobe
[15/01/2009|23:01] C:\Program Files\Fichiers communs\Apple
[23/02/2007|18:46] C:\Program Files\Fichiers communs\Designer
[22/03/2009|14:52] C:\Program Files\Fichiers communs\DivX Shared
[03/11/2008|13:45] C:\Program Files\Fichiers communs\France Telecom
[16/02/2007|21:22] C:\Program Files\Fichiers communs\Hewlett-Packard
[16/02/2007|21:22] C:\Program Files\Fichiers communs\HP
[16/02/2007|21:22] C:\Program Files\Fichiers communs\InstallShield
[16/02/2007|21:22] C:\Program Files\Fichiers communs\InterVideo
[16/02/2007|21:22] C:\Program Files\Fichiers communs\Java
[16/02/2007|21:22] C:\Program Files\Fichiers communs\LightScribe
[06/03/2009|13:42] C:\Program Files\Fichiers communs\Microsoft Shared
[16/02/2007|21:22] C:\Program Files\Fichiers communs\MSSoap
[16/02/2007|21:22] C:\Program Files\Fichiers communs\muvee Technologies
[16/02/2007|21:22] C:\Program Files\Fichiers communs\ODBC
[11/10/2008|21:38] C:\Program Files\Fichiers communs\Real
[16/02/2007|21:23] C:\Program Files\Fichiers communs\Services
[08/03/2009|21:44] C:\Program Files\Fichiers communs\Skype
[16/02/2007|21:22] C:\Program Files\Fichiers communs\Sonic Shared
[16/02/2007|21:22] C:\Program Files\Fichiers communs\SpeechEngines
[16/02/2007|21:22] C:\Program Files\Fichiers communs\SureThing Shared
[06/04/2009|19:15] C:\Program Files\Fichiers communs\Symantec Shared
[12/06/2007|23:03] C:\Program Files\Fichiers communs\System
[16/02/2007|21:23] C:\Program Files\Fichiers communs\TiVo Shared
[26/03/2009|18:07] C:\Program Files\Fichiers communs\Windows Live
[13/11/2007|12:15] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/10/2008|21:38] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 76 Processes )
iexplore.exe ~ [PID:3572]
iexplore.exe ~ [PID:4360]
iexplore.exe ~ [PID:4756]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload Setup Components
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertstream[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@d2.advertserve[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertising[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@bigpoint[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.darkorbit.bigpoint[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.xblaster.bigpoint[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.cotedazurpalace[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cotedazurpalace[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.cotedazurpalace[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@32vegas[2].txt
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.32vegas[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-06 19:27:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 105
--------------------\\ Recherche d'autres infections
C:\Program Files\Live-Player
C:\Program Files\Live-Player\data
C:\Program Files\Live-Player\live-player.exe
C:\Program Files\Live-Player\SkinCrafterDll.dll
C:\Program Files\Live-Player\skins
C:\Program Files\Live-Player\sqlite3.dll
C:\Program Files\Live-Player\uninst.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\live-player
C:\DOCUME~1\HP_ADM~1\APPLIC~1\live-player\flv.swf
C:\DOCUME~1\HP_ADM~1\APPLIC~1\live-player\liveplayer.s3db
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Conditions générales.url
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Confidentialité.url
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Désinstaller.lnk
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Live-Player.lnk
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Website.url
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\HP_ADM~1\Shared\Eminem Feat Dr. Dre & 50 Cent - Crack A Bottle.mp3
[F:337][D:6]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies
[F:74][D:4]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/04/2009|19:28 - Option : [1]
--------------------\\ Fin du rapport a 19:28:53 -
vire ce crack
C:\DOCUME~1\HP_ADM~1\Shared\Eminem Feat Dr. Dre & 50 Cent - Crack A Bottle.mp3
_______________
fais lop sd option 2 et mets le rapport
_________________
ne fais pas combofix on va tester autre chose -
-
on va faire ceci:
Vire ce crack
C:\DOCUME~1\HP_ADM~1\Shared\Eminem Feat Dr. Dre & 50 Cent - Crack A Bottle.mp3
_______________
fais lop sd option 2 et mets le rapport
_________________
-
ComboFix je l'ai fait mais quand je veux ajouter le rapport ici et mettre le message en ligne ça fonctionne pas, ils me disent que le message a deja été envoyé
Sinon pour le "crack" c'est une musique mais je dois quand meme suprimer ? -
essaye de recuperer combofix ici C:\ComboFix.txt
poste de travail puis C puis combofix
puis colle lopsd option 2
puis remets un rapport rsit -
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1022.565 [GMT 2:00]
Lancé depuis: c:\documents and settings\HP_Administrateur\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\HP_Administrateur\Bureau\CFscript.txt
AV: Norton 360 *On-access scanning enabled* (Updated)
FW: Norton 360 *enabled*
* Un nouveau point de restauration a été créé
FILE ::
c:\windows\system32\nse107.dll
c:\windows\system32\umiweoa.exe
c:\windows\system32\userload.exe
c:\windows\tasks\B30DE584914E9318.job
j:\recycled\INFO.exe
J:\start.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1175443936.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1175586749.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1175671219.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1175801707.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1176104991.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1176217523.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1176450062.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1176729377.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1176895610.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1177063824.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1177259881.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1177441996.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1177763553.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1178029276.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1178299587.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1178458541.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1178738857.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1178915748.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1179007038.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1179418392.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1179688244.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1180025410.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1180181433.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1180342040.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1180535535.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1180686189.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1180892932.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1181149574.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1181330618.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1181427185.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1181682061.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1181850511.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1182090853.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1182440366.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1182638176.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1182966502.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1183115267.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1183314250.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1183438776.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1183617463.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1183798951.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1184005203.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1184269998.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1184587110.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1184926964.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1185000524.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1185189850.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1185282838.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1185450617.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1185630396.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1185771489.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1185870845.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1186028429.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1186167592.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1186253381.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1186406628.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1186677601.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1186868543.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187036555.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187105788.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187256354.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187349159.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187445958.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187601901.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187710884.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187884611.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1187989669.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1188055717.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1188160586.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1188301981.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1188399367.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1188640385.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1188729684.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1188815941.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1188904732.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1189100203.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1189165896.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1189277462.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1189424165.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1189539032.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1189689444.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1189777938.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1189928031.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190030563.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190191817.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190279490.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190366124.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190450281.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190466203.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190542900.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190630679.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190739705.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190749093.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190815427.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190821887.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190905040.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190917262.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190979823.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1190980939.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191011683.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191070764.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191101369.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191145801.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191178543.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191185867.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191324225.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191410964.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191574960.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191707739.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191842367.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1191997458.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192041145.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192220580.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192310171.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192379154.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192613692.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192634064.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192733132.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192827934.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1192910843.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193044384.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193136366.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193223682.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193403147.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193583350.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193682027.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193787840.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193915769.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1193941372.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194078646.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194188843.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194268958.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194301536.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194381056.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194437977.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194544212.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194613639.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194780135.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194803663.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1194905632.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195065833.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195310658.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195341662.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195416384.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195575407.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195675995.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195820386.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195909218.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1195945535.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1196100670.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1196270497.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1196375009.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1196553181.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1196682741.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1196792180.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1196955487.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1197069198.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1197208095.log
c:\documents and settings\HP_Administrateur\Application Data\SeekmoToolbar\skbar_1197456384.log -
-
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : Norton 360 2007 (Activated)
Firewall : Norton 360 2007 (Activated)
C:\ (Local Disk) - NTFS - Total:225 Go (Free:148 Go)
D:\ (Local Disk) - FAT32 - Total:7 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/04/2009|20:38 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\BitDownload\BitDownload Setup Components
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertstream[2].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@bigpoint[2].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.thepimps.bigpoint[2].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.xblaster.bigpoint[2].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@32vegas[2].txt
Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.32vegas[2].txt
Supprime! - C:\Program Files\BitDownload
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[16/02/2007|21:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[15/01/2009|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[18/07/2007|05:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/08/2007|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[21/06/2007|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[23/02/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/04/2009|22:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[07/08/2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[07/08/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/02/2007|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/03/2009|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/08/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[08/03/2009|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[16/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[29/11/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/08/2008|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[30/11/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[01/03/2007|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/06/2007|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[26/03/2009|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[24/02/2007|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Creative
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[16/02/2007|21:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[13/10/2008|20:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
[18/04/2007|11:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
[18/07/2007|06:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Apple Computer
[16/02/2007|21:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ATI
[03/07/2007|10:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Corel
[16/02/2007|21:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Creative
[15/10/2008|14:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Desktopicon
[09/03/2007|11:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DivX
[03/02/2009|14:09] C:\DOCUME~1\HP_ADM~1\APPLIC~1\dvdcss
[03/11/2008|17:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FUJIFILM
[23/02/2007|20:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
[15/03/2007|18:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
[28/03/2007|18:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
[16/02/2007|21:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
[03/11/2008|16:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InstallShield
[16/02/2007|14:29] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InterVideo
[24/08/2007|23:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\iso scr owns
[27/02/2007|19:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ivivo
[01/04/2007|08:57] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
[01/03/2009|18:14] C:\DOCUME~1\HP_ADM~1\APPLIC~1\live-player
[17/03/2007|11:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
[26/09/2008|20:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
[05/02/2009|23:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla
[06/04/2009|19:15] C:\DOCUME~1\HP_ADM~1\APPLIC~1\OpenOffice.org2
[11/10/2008|21:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
[16/02/2007|21:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SampleView
[02/03/2009|20:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung
[06/04/2009|19:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Skype
[06/04/2009|16:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\skypePM
[01/04/2007|11:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
[07/08/2008|13:46] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Static IncrediMail Backup
[03/03/2007|11:25] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
[23/10/2008|12:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Symantec
[08/03/2009|21:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\teamspeak2
[27/02/2007|19:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\WinRAR
[06/03/2007|18:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\DivX
[23/02/2007|21:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/02/2007|21:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/04/2009 16:20][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{598DF8B1-327D-48A6-8F79-F9B5BCDADB20}.job
[30/03/2009 11:42][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/04/2009 19:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[16/02/2007|21:20] C:\Program Files\Adobe
[11/08/2008|19:18] C:\Program Files\Apple Software Update
[16/02/2007|21:18] C:\Program Files\ATI Technologies
[14/05/2008|19:27] C:\Program Files\AV Vcs 6.0
[15/01/2009|23:03] C:\Program Files\Bonjour
[24/01/2009|16:43] C:\Program Files\CCleaner
[27/02/2007|19:17] C:\Program Files\Combined Community Codec Pack
[09/03/2007|11:14] C:\Program Files\Common
[13/05/2008|19:40] C:\Program Files\Common Files
[16/02/2007|21:20] C:\Program Files\ComPlus Applications
[22/04/2008|00:09] C:\Program Files\Copie de GUILD WARS
[16/02/2007|21:20] C:\Program Files\Creative
[22/03/2009|14:52] C:\Program Files\DivX
[26/03/2009|19:10] C:\Program Files\Dofus
[12/03/2008|19:21] C:\Program Files\Easy Internet signup
[26/03/2009|19:11] C:\Program Files\eMule
[06/04/2009|19:09] C:\Program Files\Fichiers communs
[12/10/2008|20:08] C:\Program Files\FileZilla FTP Client
[04/11/2008|17:19] C:\Program Files\FinePixViewer
[25/02/2008|12:55] C:\Program Files\FLV Player
[16/02/2007|21:23] C:\Program Files\FrenchOtto
[21/07/2007|09:23] C:\Program Files\Game Cam v1.4
[16/02/2007|21:23] C:\Program Files\GemMasterFrench
[28/08/2008|19:00] C:\Program Files\Google
[01/12/2008|21:12] C:\Program Files\GUILD WARS
[10/11/2008|11:42] C:\Program Files\HP
[07/08/2008|17:38] C:\Program Files\IncrediMail
[03/11/2008|16:56] C:\Program Files\InstallShield Installation Information
[30/03/2009|19:03] C:\Program Files\Internet Explorer
[16/02/2007|21:26] C:\Program Files\InterVideo
[15/01/2009|23:01] C:\Program Files\iPod
[18/08/2007|15:35] C:\Program Files\iso scr owns
[15/01/2009|23:01] C:\Program Files\iTunes
[27/02/2007|19:57] C:\Program Files\iViVo
[29/01/2009|11:54] C:\Program Files\Java
[28/02/2009|00:19] C:\Program Files\LimeWire
[01/03/2009|18:14] C:\Program Files\Live-Player
[16/02/2007|21:26] C:\Program Files\MainConcept
[08/06/2007|19:55] C:\Program Files\Messenger
[28/03/2009|12:59] C:\Program Files\Messenger Plus! Live
[26/03/2009|18:27] C:\Program Files\Microsoft
[23/02/2007|18:57] C:\Program Files\Microsoft AutoRoute
[13/11/2007|14:27] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/02/2007|21:26] C:\Program Files\microsoft frontpage
[04/08/2007|17:58] C:\Program Files\Microsoft Games
[23/02/2007|18:50] C:\Program Files\microsoft money 2005
[22/03/2007|11:45] C:\Program Files\Microsoft Office
[29/03/2009|11:37] C:\Program Files\Microsoft Silverlight
[13/11/2007|12:24] C:\Program Files\Microsoft SQL Server Compact Edition
[23/02/2007|18:46] C:\Program Files\Microsoft Works
[23/02/2007|18:40] C:\Program Files\Microsoft Works Suite 2005
[05/02/2008|13:20] C:\Program Files\Movie Maker
[05/02/2009|23:49] C:\Program Files\Mozilla Firefox
[05/02/2009|21:18] C:\Program Files\MSECache
[10/03/2007|20:20] C:\Program Files\MSN
[16/02/2007|21:26] C:\Program Files\MSN Gaming Zone
[06/09/2008|22:11] C:\Program Files\MSN Messenger
[16/02/2007|21:27] C:\Program Files\muvee Technologies
[16/02/2007|21:27] C:\Program Files\NetMeeting
[04/11/2008|12:40] C:\Program Files\Norton 360
[16/10/2008|09:31] C:\Program Files\Norton Security Scan
[07/10/2008|20:12] C:\Program Files\OneStopSoft.com
[16/02/2007|21:27] C:\Program Files\Online Services
[06/10/2008|19:30] C:\Program Files\OpenOffice.org 2.4
[16/01/2009|19:50] C:\Program Files\OrangeHSS
[12/06/2007|23:03] C:\Program Files\Outlook Express
[16/02/2007|21:27] C:\Program Files\PC-Doctor 5 for Windows
[09/04/2007|19:29] C:\Program Files\PhotoFiltre Studio
[23/02/2007|18:54] C:\Program Files\Picture It! Premium 10
[15/01/2009|22:58] C:\Program Files\QuickTime
[11/10/2008|21:38] C:\Program Files\Real
[06/04/2009|16:26] C:\Program Files\RogueRemover FREE
[23/03/2009|13:03] C:\Program Files\Safari
[30/03/2007|20:22] C:\Program Files\Samsung
[26/09/2008|20:22] C:\Program Files\Securitoo
[24/03/2007|20:02] C:\Program Files\SeekmoToolbar
[28/05/2008|20:09] C:\Program Files\SereneScreen
[16/02/2007|21:27] C:\Program Files\Services en ligne
[24/07/2008|11:33] C:\Program Files\Shareaza
[08/03/2009|21:44] C:\Program Files\Skype
[16/02/2007|21:28] C:\Program Files\Sonic
[15/05/2008|14:22] C:\Program Files\Sports Interactive
[29/04/2008|00:13] C:\Program Files\Super macro
[06/01/2009|11:30] C:\Program Files\Symantec
[19/08/2008|19:11] C:\Program Files\Teamspeak2_RC2
[19/07/2007|10:58] C:\Program Files\TeVeo
[14/01/2009|18:50] C:\Program Files\TI Education
[28/09/2008|00:58] C:\Program Files\TmNationsForever
[06/04/2009|17:27] C:\Program Files\trend micro
[26/02/2007|17:41] C:\Program Files\Tsunami_Filter_Pack_Mini
[16/02/2007|21:28] C:\Program Files\Uninstall Information
[18/11/2008|22:58] C:\Program Files\VDOWNLOADER
[26/01/2009|16:34] C:\Program Files\VideoLAN
[04/02/2009|15:43] C:\Program Files\Wakfu
[23/04/2007|18:23] C:\Program Files\Windows Journal Viewer
[28/03/2009|12:57] C:\Program Files\Windows Live
[26/03/2009|18:15] C:\Program Files\Windows Live SkyDrive
[01/03/2007|17:56] C:\Program Files\Windows Media Connect 2
[02/02/2008|21:00] C:\Program Files\Windows Media Player
[16/02/2007|21:28] C:\Program Files\Windows NT
[16/02/2007|21:28] C:\Program Files\Windows Plus
[22/10/2008|23:17] C:\Program Files\Windows Sidebar
[16/02/2007|21:29] C:\Program Files\WindowsUpdate
[18/11/2007|12:23] C:\Program Files\WinRAR
[20/06/2007|16:46] C:\Program Files\WinZip
[16/02/2007|21:29] C:\Program Files\xerox
[27/04/2007|16:36] C:\Program Files\Xvid
[20/03/2007|18:55] C:\Program Files\Yahoo!
[06/01/2009|11:43] C:\Program Files\YesMessenger
[25/02/2008|13:43] C:\Program Files\YouTUBE (TM) movie downloader
[15/05/2008|14:24] C:\Program Files\Zero G Registry
[24/02/2007|14:23] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[16/02/2007|21:22] C:\Program Files\Fichiers communs\Adobe
[15/01/2009|23:01] C:\Program Files\Fichiers communs\Apple
[23/02/2007|18:46] C:\Program Files\Fichiers communs\Designer
[22/03/2009|14:52] C:\Program Files\Fichiers communs\DivX Shared
[03/11/2008|13:45] C:\Program Files\Fichiers communs\France Telecom
[16/02/2007|21:22] C:\Program Files\Fichiers communs\Hewlett-Packard
[16/02/2007|21:22] C:\Program Files\Fichiers communs\HP
[16/02/2007|21:22] C:\Program Files\Fichiers communs\InstallShield
[16/02/2007|21:22] C:\Program Files\Fichiers communs\InterVideo
[16/02/2007|21:22] C:\Program Files\Fichiers communs\Java
[16/02/2007|21:22] C:\Program Files\Fichiers communs\LightScribe
[06/03/2009|13:42] C:\Program Files\Fichiers communs\Microsoft Shared
[16/02/2007|21:22] C:\Program Files\Fichiers communs\MSSoap
[16/02/2007|21:22] C:\Program Files\Fichiers communs\muvee Technologies
[16/02/2007|21:22] C:\Program Files\Fichiers communs\ODBC
[11/10/2008|21:38] C:\Program Files\Fichiers communs\Real
[16/02/2007|21:23] C:\Program Files\Fichiers communs\Services
[08/03/2009|21:44] C:\Program Files\Fichiers communs\Skype
[16/02/2007|21:22] C:\Program Files\Fichiers communs\Sonic Shared
[16/02/2007|21:22] C:\Program Files\Fichiers communs\SpeechEngines
[16/02/2007|21:22] C:\Program Files\Fichiers communs\SureThing Shared
[06/04/2009|19:15] C:\Program Files\Fichiers communs\Symantec Shared
[12/06/2007|23:03] C:\Program Files\Fichiers communs\System
[16/02/2007|21:23] C:\Program Files\Fichiers communs\TiVo Shared
[26/03/2009|18:07] C:\Program Files\Fichiers communs\Windows Live
[13/11/2007|12:15] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/10/2008|21:38] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 71 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertising[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-06 20:39:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 105
--------------------\\ Recherche d'autres infections
C:\Program Files\Live-Player
C:\Program Files\Live-Player\data
C:\Program Files\Live-Player\live-player.exe
C:\Program Files\Live-Player\SkinCrafterDll.dll
C:\Program Files\Live-Player\skins
C:\Program Files\Live-Player\sqlite3.dll
C:\Program Files\Live-Player\uninst.exe
C:\DOCUME~1\HP_ADM~1\APPLIC~1\live-player
C:\DOCUME~1\HP_ADM~1\APPLIC~1\live-player\flv.swf
C:\DOCUME~1\HP_ADM~1\APPLIC~1\live-player\liveplayer.s3db
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Conditions générales.url
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Confidentialité.url
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Désinstaller.lnk
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Live-Player.lnk
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Live-Player\Website.url
[b]==> EGDACCESS <==/b
[F:333][D:7]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
[F:820][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies
[F:628][D:4]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/04/2009|19:28 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/04/2009|20:41 - Option : [2]
--------------------\\ Fin du rapport a 20:41:26 -
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrateur at 2009-04-06 20:43:55
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 152 GB (66%) free of 231 GB
Total RAM: 1022 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:44:17, on 06/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Administrateur\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\HP_Administrateur.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantecstore.com/promo=44985
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE WEBSHOT II USB CAM 300K
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
-
ok c'est meiux mais il en reste un peu
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
- 1
- 2
- 3
Suivant
