Sujet Précédent Sujet Suivant

Hacked by Godzilla

Résolu/Fermé
snips Messages postés 1 Date d'inscription samedi 2 mai 2009 Statut Membre Dernière intervention 2 mai 2009 - 2 mai 2009 à 17:02
 Utilisateur anonyme - 6 juin 2009 à 13:03
Bonjour,
Ma config: wd XP Familial COMPAQ, IE7
en ouverture d' exploreur sur le bandeau bleu en haut s' affiche -Hacked by Godzilla,j ai dejas lancé mon anti virus il ne reconais pas de probleme, Que dois-je faire merci par avance
A voir également:

4 réponses

Réponse 1 / 4
toto666 Messages postés 325 Date d'inscription jeudi 20 novembre 2008 Statut Membre Dernière intervention 27 mai 2009 14
2 mai 2009 à 17:11
salut snips,
on va voir ce qu'il se passe sur ton pc.

I)Telecharger random's system information tool: (RSIT)

http://images.malwareremoval.com/random/RSIT.exe

1)Double clique sur l’icône RSIT.exe
2)Clique sur continue.
3)L’analyse terminée, deux fichiers s’ouvriront, poste moi les 2 rapports stp.
Si les 2 fichiers ne s’ouvrent pas va dans C:\rsit , tu y trouvera les 2 fichiers info.txt et log.txt
0
snips
6 mai 2009 à 12:57
slt ,le hic c'est que le probleme ''hacked'' se trouve sur ma session Invité et que je n' ai pas le droit aux instalations de Logiciel.
par contre, ma session Administrateur et OK,je vais tout de même essayé ta solution
0
snips
7 mai 2009 à 21:50
slt voici le fichier Log.txt-bloc notes
Logfile of random's system information tool 1.06 (written by random/random)
Run by Compaq_Propriétaire at 2009-05-07 21:37:32
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 83 GB (45%) free of 185 GB
Total RAM: 1022 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:37:52, on 07/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\windows\system32\mmiisic.exe
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\GN6WAARK\RSIT[1].exe
C:\Program Files\trend micro\Compaq_Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?rls=ig&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi

x_dp_id=18&x_format=redirect
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0

\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program

Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search &

Destroy\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program

Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat

7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - (no file)
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0

\Personal\IEPlugIn.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [mmiisic] "c:\windows\system32\mmiisic.exe" mmiisic
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application

Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Policies\Explorer\Run: [New Application] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: RapidTyping
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp

Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1

\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} -

C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} -

C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) -

http://picasaweb.google.com/s/v/47.12/uploader2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} (Google Gadget Control) -

http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://www.update.microsoft.com/...
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) -

http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -

https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - http://lili8ad4.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} - http://securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - https://www.f-secure.com/en/home/support
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -

http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program

Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
0
snips
7 mai 2009 à 21:58
re voici le 2°fichier info.txt-bloc-notes
info.txt logfile of random's system information tool 1.06 2009-05-07 21:37:59

======Uninstall list======

-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-

Spyware Scanner"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-

Spyware"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-

Virus Client Security Installer"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-

Virus"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Automatic Update Agent"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Diagnostics"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail

Scanning"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

GateKeeper Interface"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Gemini"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Internet Shield"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Localization API"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Management Agent"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Pegasus Engine"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Protocol Scanner"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam

Control"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam

Scanner"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Uninstall"
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
-->msiexec /i {46548E80-0409-0000-7E8A-45000F855001}
-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
-->msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132

C:\WINDOWS\INF\PCHealth.inf
7 Wonders Treasures of Seven Deluxe-->"C:\Program Files\Zylom Games\7 Wonders Treasures

of Seven Deluxe\GameInstlr.exe" --uninstall UnInstall.log
7-Zip 4.44 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Creative Suite 2-->C:\PROGRA~1\INSTAL~1\{0134A~1\setup.exe

/relaunched/rootloc=e:\photoshop et compagnie\adobe creative suite 2.0/lang=0409
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE

C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0

\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0

\Uninstall\Install.log
Ancient Secrets Deluxe-->"C:\Program Files\Zylom Games\Ancient Secrets

Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-

23FED836E9F2}
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program

Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Bluesoleil2.6.0.8 Release 070517-->MsiExec.exe /X{438BB9B4-65FE-4626-91D9-A8F57B18001D}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701

\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation

Information\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}\Setup.exe" -l0x40c

Brunin03.dllBrunin03.dll
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1

\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683

$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-

IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287

$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118

$\spuninst\spuninst.exe"
Courses-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Courses\ST6UNST.LOG"
DivxToDVD 0.5.2-->"C:\Program Files\vso\DivxToDVD\unins000.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Exstora 2.4-->C:\Program Files\Exstora\Uninstall.exe
Favorit-->"c:\windows\system32\mmiisic.exe" -uninstall
Fishdom Deluxe-->"C:\Program Files\Zylom Games\Fishdom Deluxe\GameInstlr.exe" --uninstall

UnInstall.log
FlySuite v.1.1-->C:\Documents and Settings\Compaq_Propriétaire\Application

Data\FlySuite\uninstall.exe
Glary Utilities 2.10.0.622-->"C:\Program Files\Glary Utilities\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -

uninstall
Google Talk Plugin-->MsiExec.exe /I{5012BC0C-7E1A-329A-8F02-B6846070C5F8}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-

81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program

files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe

/package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe

/package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-

7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399

$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4

$\spuninst\spuninst.exe"
HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

/uninstall
HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1

\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9

-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital

Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital

Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe"

/Uninstall
MaxTV-->"C:\WINDOWS\MaxTV\uninstall_maxtv.exe" "/U:C:\Program Files\DMV\MaxTV4

\Uninstall\MaxTV\uninstall_maxtv.xml"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-

6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-

B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E

-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET

Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP--

>"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs--

>"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs--

>"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-

1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)--

>"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)--

>"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373

$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra--

>c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 -

fra\setup.exe
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe"

-uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-

9A093F35A238}
Pack Securite Plus-->"C:\Program Files\Pack Securite\FSGUI\PostInstall.exe" /tUnInstall
PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1

\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation

Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RapidTyping-->"F:\RapidTyping\Uninstall.exe"
Scribus 1.3.3.12-->C:\Program Files\Scribus 1.3.3.12\uninst.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-

038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-

038BD3F1FB2A}
SFR - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Suite Specific-->MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
SYSTRAN Web Translator 5.0-->MsiExec.exe /I{26092005-1129-0001-3530-01706572736F}
The Nightshift Code Deluxe-->"C:\Program Files\Zylom Games\The Nightshift Code

Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356

$\spuninst\spuninst.exe"
UseNeXT-->"C:\Program Files\UseNeXT\unins001.exe"
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe"

/UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11

$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0--

>"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Pack Securite Plus 7.00
FW: Pack Securite Plus 7.00

======System event log======

Computer Name: JOLIECOEUR
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 50859
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.

Record Number: 50858
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: Informations
User:

Computer Name: JOLIECOEUR
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion

d'applications.

Record Number: 50857
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: Informations
User: JOLIECOEUR\Compaq_Propriétaire

Computer Name: JOLIECOEUR
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 50856
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.

Record Number: 50855
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237363
Source Name: nview_info
Time Written: 20090403225451.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237362
Source Name: nview_info
Time Written: 20090403225451.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237361
Source Name: nview_info
Time Written: 20090403225445.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237360
Source Name: nview_info
Time Written: 20090403225445.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237359
Source Name: nview_info
Time Written: 20090403225438.000000+120
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program

Files\Fichiers communs\Adobe\AGL;C:\VIRUSfighter\Npm\BinC:\Program Files\DMV\MaxTV4

\plugins;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"NpmLib"=C:\VIRUSfighter\Npm\Bin
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
snips
7 mai 2009 à 22:19
info.txt logfile of random's system information tool 1.06 2009-05-07 21:37:59

======Uninstall list======

-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-

Spyware Scanner"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-

Spyware"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-

Virus Client Security Installer"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-

Virus"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Automatic Update Agent"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Diagnostics"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail

Scanning"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

GateKeeper Interface"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Gemini"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Internet Shield"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Localization API"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Management Agent"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Pegasus Engine"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Protocol Scanner"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam

Control"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam

Scanner"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure

Uninstall"
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
-->msiexec /i {46548E80-0409-0000-7E8A-45000F855001}
-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
-->msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132

C:\WINDOWS\INF\PCHealth.inf
7 Wonders Treasures of Seven Deluxe-->"C:\Program Files\Zylom Games\7 Wonders Treasures

of Seven Deluxe\GameInstlr.exe" --uninstall UnInstall.log
7-Zip 4.44 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Creative Suite 2-->C:\PROGRA~1\INSTAL~1\{0134A~1\setup.exe

/relaunched/rootloc=e:\photoshop et compagnie\adobe creative suite 2.0/lang=0409
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE

C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0

\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0

\Uninstall\Install.log
Ancient Secrets Deluxe-->"C:\Program Files\Zylom Games\Ancient Secrets

Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-

23FED836E9F2}
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program

Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Bluesoleil2.6.0.8 Release 070517-->MsiExec.exe /X{438BB9B4-65FE-4626-91D9-A8F57B18001D}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701

\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation

Information\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}\Setup.exe" -l0x40c

Brunin03.dllBrunin03.dll
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1

\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683

$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-

IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287

$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118

$\spuninst\spuninst.exe"
Courses-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Courses\ST6UNST.LOG"
DivxToDVD 0.5.2-->"C:\Program Files\vso\DivxToDVD\unins000.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Exstora 2.4-->C:\Program Files\Exstora\Uninstall.exe
Favorit-->"c:\windows\system32\mmiisic.exe" -uninstall
Fishdom Deluxe-->"C:\Program Files\Zylom Games\Fishdom Deluxe\GameInstlr.exe" --uninstall

UnInstall.log
FlySuite v.1.1-->C:\Documents and Settings\Compaq_Propriétaire\Application

Data\FlySuite\uninstall.exe
Glary Utilities 2.10.0.622-->"C:\Program Files\Glary Utilities\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -

uninstall
Google Talk Plugin-->MsiExec.exe /I{5012BC0C-7E1A-329A-8F02-B6846070C5F8}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-

81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program

files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe

/package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe

/package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-

7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399

$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4

$\spuninst\spuninst.exe"
HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

/uninstall
HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1

\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9

-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital

Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital

Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe"

/Uninstall
MaxTV-->"C:\WINDOWS\MaxTV\uninstall_maxtv.exe" "/U:C:\Program Files\DMV\MaxTV4

\Uninstall\MaxTV\uninstall_maxtv.xml"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-

6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-

B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E

-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET

Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP--

>"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs--

>"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs--

>"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-

1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)--

>"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)--

>"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225

$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373

$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra--

>c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 -

fra\setup.exe
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe"

-uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-

9A093F35A238}
Pack Securite Plus-->"C:\Program Files\Pack Securite\FSGUI\PostInstall.exe" /tUnInstall
PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1

\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation

Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RapidTyping-->"F:\RapidTyping\Uninstall.exe"
Scribus 1.3.3.12-->C:\Program Files\Scribus 1.3.3.12\uninst.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-

038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-

038BD3F1FB2A}
SFR - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Suite Specific-->MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
SYSTRAN Web Translator 5.0-->MsiExec.exe /I{26092005-1129-0001-3530-01706572736F}
The Nightshift Code Deluxe-->"C:\Program Files\Zylom Games\The Nightshift Code

Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356

$\spuninst\spuninst.exe"
UseNeXT-->"C:\Program Files\UseNeXT\unins001.exe"
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe"

/UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11

$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0--

>"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Pack Securite Plus 7.00
FW: Pack Securite Plus 7.00

======System event log======

Computer Name: JOLIECOEUR
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 50859
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.

Record Number: 50858
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: Informations
User:

Computer Name: JOLIECOEUR
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion

d'applications.

Record Number: 50857
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: Informations
User: JOLIECOEUR\Compaq_Propriétaire

Computer Name: JOLIECOEUR
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 50856
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.

Record Number: 50855
Source Name: Service Control Manager
Time Written: 20090403165004.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237363
Source Name: nview_info
Time Written: 20090403225451.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237362
Source Name: nview_info
Time Written: 20090403225451.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237361
Source Name: nview_info
Time Written: 20090403225445.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237360
Source Name: nview_info
Time Written: 20090403225445.000000+120
Event Type: erreur
User:

Computer Name: JOLIECOEUR
Event Code: 1
Message:
Record Number: 237359
Source Name: nview_info
Time Written: 20090403225438.000000+120
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program

Files\Fichiers communs\Adobe\AGL;C:\VIRUSfighter\Npm\BinC:\Program Files\DMV\MaxTV4

\plugins;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"NpmLib"=C:\VIRUSfighter\Npm\Bin
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
Réponse 2 / 4
toto666 Messages postés 325 Date d'inscription jeudi 20 novembre 2008 Statut Membre Dernière intervention 27 mai 2009 14
7 mai 2009 à 21:59
Salut ,

tu as une infection qui se propage par clés usb, nous allons nous en occuper.

▶ Télécharge et install UsbFix : http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
• Double clic sur le raccourci UsbFix présent sur ton bureau .
• Choisis l' option 1 ( Recherche )
• Laisse travailler l'outil.
• Ensuite post le rapport UsbFix.txt qui apparaitra.
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
snips
21 mai 2009 à 08:07
------- LOGFILE OF AD-REMOVER 1.1.4.1 | ONLY XP/VISTA -------

Updated by C_XX on 19/05/2009 at 18:40
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

Start at: 7:52:54, 21/05/2009 | Boot mode: Normal Boot
Option: Scan | Executed from: C:\Program Files\Ad-remover\
Operating System: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Computer Name: JOLIECOEUR
Current User: Compaq_Propri‚taire - Administrator


============ Known Adwares Found ============

.
HKLM\Software\Conduit
.
C:\Program Files\Conduit

+-----------------| Eorezo Elements Found:

HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\EoRezo
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\Eorezo

+-----------------| It's TV Elements Found:

.
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\ItsLabel
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\ItsLabel

+-----------------| Sweetim Elements Found:

.

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: g5k6tg8o.default (Compaq_Propri‚taire)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Google");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/ig?hl=fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
.

---- Internet Explorer Version 7.0.5730.13 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page: hxxp://fr.msn.com/?ocid=iehp

[HKEY_USERS\S-1-5-21-3120031456-1439613422-1287894374-1008\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page: hxxp://fr.msn.com/?ocid=iehp

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://recherche.neuf.fr/
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

=========== Suspicious ==========


+---------------------------------------------------------------------------+

3107 Byte(s) - C:\Ad-Report-Scan-21.05.2009.log

0 File(s) - C:\Program Files\Ad-remover\BACKUP
0 File(s) - C:\Program Files\Ad-remover\QUARANTINE

End at: 7:59:00 | 21/05/2009
.
+-----------------| E.O.F
.
0
Réponse 3 / 4
snips
20 mai 2009 à 20:45
salut!
voici le rapport :
############################## [ UsbFix V3.023 # Scan ]

# User : Compaq_Propriétaire (Administrateurs) # JOLIECOEUR
# Update on 20/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 20:31:31 | 20/05/2009

# AMD Athlon(tm) 64 Processor 3200+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# AV : Pack Securite Plus 7.00 7.00 [ Enabled | Updated ]
# FW : Pack Securite Plus 7.00[ Enabled ]7.00

# C:\ # Disque fixe local # 181,12 Go (95,48 Go free) [PRESARIO] # NTFS
# D:\ # Disque fixe local # 5,17 Go (649,4 Mo free) [PRESARIO_RP] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM # 0,23 Mo (0 Mo free) [reunica] # CDFS
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# K:\ # Disque amovible
# L:\ # Disque amovible # 252,2 Mo (172,66 Mo free) [USB] # FAT
# M:\ # Disque amovible

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application

Data\Google\Update\GoogleUpdate.exe
C:\windows\system32\kyycgqo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Registre # Startup ]

HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="https://www.google.fr/webhp?rls=ig&gws_rd=ssl"
HKCU_Main: "Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
HKCU_Main: "Start Page Redirect Cache_TIMESTAMP"=hex:1c,1b,e9,88,e7,b2,c9,01
HKCU_Main: "Start Page Redirect Cache AcceptLangs"="fr,ja;q=0.5"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Compaq_Propri‚taire"
HKLM_logon: "AltDefaultUserName"="Compaq_Propri‚taire"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: nwiz=nwiz.exe /install
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"

-osboot
HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM_Run:

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU_Run: Google Update="C:\Documents and Settings\Compaq_Propriétaire\Local

Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
HKCU_Run: kyycgqo="c:\windows\system32\kyycgqo.exe" kyycgqo

################## [ Fichiers # Dossiers infectieux ]

Found ! F:\autorun.inf
L:\autorun.inf # -> fichier appelé : "L:\ie.exe" ( absent ! )
Found ! L:\autorun.inf

################## [ Registre # Clés Run infectieuses ]


################## [ Registre # Mountpoints2 ]

HKCU\...\Explorer\MountPoints2\{647da2a4-3bac-11de-a8f1-001167ac85db}

\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{647da2a4-3bac-11de-a8f1-001167ac85db}

\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{647da2a4-3bac-11de-a8f1-001167ac85db}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{9aa3d602-abf4-11dd-a81e-0013d3ffe189}

\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{9bda0926-9204-11db-a66b-0013d3ffe189}

\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{9bda0926-9204-11db-a66b-0013d3ffe189}

\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{9bda0926-9204-11db-a66b-0013d3ffe189}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{a5bc1088-6455-11db-a65f-0013d3ffe189}

\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{a5bc1088-6455-11db-a65f-0013d3ffe189}

\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{a5bc1088-6455-11db-a65f-0013d3ffe189}\Shell\open\Command

################## [ ! Fin du rapport # UsbFix V3.023 ! ]
0
Utilisateur anonyme
20 mai 2009 à 21:06
Bonsoir

Pour avancer toto666,que tu as oublié depuis presque 2 semaines.


1)Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau

# choisi l option 2 (Suppression)

# Ton bureau disparaîtra et le pc redémarrera.

# Au redémarrage, UsbFix scannera ton pc, laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

2)Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau ;ici :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\

● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
● Au menu principal, choisis l'option A.
● Poste le rapport généré (C:\Ad-report(date).log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.




0
Utilisateur anonyme > Utilisateur anonyme
21 mai 2009 à 08:34
Bonjour

1)Postes bien à la suite,sinon on ne si retrouvera pas;merci

2)J'attends toujours le rapport UsbFix option 2

3)Relances Ad remover
Au menu principal choisis B
Ensuite sélectionnes A puis [entrée]
Ensuite sélectionnes S puis [entrée]; le travail va commencé
Postes le rapport qui apparait à la fin.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Cliques en haut à gauche sur Fichier et choisis "Exécuter..."
Tapes explorer puis valide.
(le rapport est sauvegardé sous C:\Ad-report(date).log )

4)Repostes un RSIT stp merci
0
snips > Utilisateur anonyme
23 mai 2009 à 01:55
salut, je fais pour le mieux pas facile de s'y retrouver avec tout c post ^^
merci encore pour votres aides c tres sympas !!!
j espere que je repond au moins à la bonne personne ?!




------- LOGFILE OF AD-REMOVER 1.1.4.1 | ONLY XP/VISTA -------

Updated by C_XX on 19/05/2009 at 18:40
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

Start at: 7:52:54, 21/05/2009 | Boot mode: Normal Boot
Option: Scan | Executed from: C:\Program Files\Ad-remover\
Operating System: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Computer Name: JOLIECOEUR
Current User: Compaq_Propri‚taire - Administrator


============ Known Adwares Found ============

.
HKLM\Software\Conduit
.
C:\Program Files\Conduit

+-----------------| Eorezo Elements Found:

HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\EoRezo
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\Eorezo

+-----------------| It's TV Elements Found:

.
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\ItsLabel
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\ItsLabel

+-----------------| Sweetim Elements Found:

.

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: g5k6tg8o.default (Compaq_Propri‚taire)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Google");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/ig?hl=fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
.

---- Internet Explorer Version 7.0.5730.13 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page: hxxp://fr.msn.com/?ocid=iehp

[HKEY_USERS\S-1-5-21-3120031456-1439613422-1287894374-1008\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page: hxxp://fr.msn.com/?ocid=iehp

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://recherche.neuf.fr/
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

=========== Suspicious ==========


+---------------------------------------------------------------------------+

3107 Byte(s) - C:\Ad-Report-Scan-21.05.2009.log

0 File(s) - C:\Program Files\Ad-remover\BACKUP
0 File(s) - C:\Program Files\Ad-remover\QUARANTINE

End at: 7:59:00 | 21/05/2009
.
+-----------------| E.O.F
.
0
snips > Utilisateur anonyme
23 mai 2009 à 02:10
RE:voici le rapport UsbFix option 2 (te l'avais dejas posté)
############################## [ UsbFix V3.023 # Cleaning ]

# User : Compaq_Propriétaire (Administrateurs) # JOLIECOEUR
# Update on 20/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 02:01:25 | 23/05/2009

# AMD Athlon(tm) 64 Processor 3200+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : Pack Securite Plus 7.00 7.00 [ Enabled | Updated ]
# FW : Pack Securite Plus 7.00[ Enabled ]7.00

# C:\ # Disque fixe local # 181,12 Go (107,05 Go free) [PRESARIO] # NTFS
# D:\ # Disque fixe local # 5,17 Go (649,37 Mo free) [PRESARIO_RP] # FAT32
# E:\ # Disque CD-ROM
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# K:\ # Disque amovible
# L:\ # Disque CD-ROM # 0,23 Mo (0 Mo free) [reunica] # CDFS
# M:\ # Disque amovible
# N:\ # Disque amovible

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers # Dossiers infectieux ]

(!) Not Deleted ! L:\autorun.inf

################## [ Registre # Clés Run infectieuses ]


################## [ Registre # Mountpoints2 ]


################## [ Listing des fichiers présent ]

[21/05/2009 08:10|--a--c---|3324] - C:\Ad-Report-Scan-21.05.2009.log
[23/11/2004 16:21|--a------|0] - C:\AUTOEXEC.BAT
[16/10/2006 23:35|-rahs----|218] - C:\BOOT.BAK
[22/01/2009 13:58|-rahs----|296] - C:\boot.ini
[04/08/2004 23:00|-rahs----|4952] - C:\Bootfont.bin
[04/08/2004 23:00|-r-hs----|263488] - C:\cmldr
[23/11/2004 16:21|--a------|0] - C:\CONFIG.SYS
[?|?|?] - C:\hiberfil.sys
[23/11/2004 16:21|-rahs----|0] - C:\IO.SYS
[23/11/2004 16:21|-rahs----|0] - C:\MSDOS.SYS
[04/08/2004 23:00|-rahs----|47564] - C:\NTDETECT.COM
[28/12/2008 03:45|-rahs----|252240] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[23/05/2009 02:03|--a--c---|2965] - C:\UsbFix.txt
[27/07/2001 15:07|---hs----|0] - D:\AUTOEXEC.BAT
[05/03/2009 13:43|--a------|122951] - D:\CDVDR.yti
[09/01/2002 18:52|---hs----|244] - D:\BOOT.INI
[16/08/2001 18:26|---hs----|237728] - D:\CMLDR
[28/07/2001 06:07|---hs----|0] - D:\CONFIG.SYS
[25/05/2005 03:48|---hs----|102] - D:\Desktop.ini
[10/09/2002 09:21|---hs----|7850] - D:\Folder.htt
[30/11/2004 04:01|---hs----|73728] - D:\Info.exe
[28/07/2001 06:07|---hs----|0] - D:\IO.SYS
[28/07/2001 06:07|---hs----|0] - D:\MSDOS.SYS
[25/07/2001 22:00|---hs----|45124] - D:\NTDETECT.COM
[25/07/2001 22:00|---hs----|222880] - D:\NTLDR
[03/03/2003 05:46|---hs----|111377] - D:\protect.ed
[01/01/2005 12:58|---hs----|36] - D:\SAVEFILE.DIR
[03/03/2003 05:41|---hs----|88038] - D:\Warning.bmp
[18/11/2006 23:40|---hs----|978] - D:\MASTER.LOG
[18/08/2001 07:00|---hs----|10] - D:\WIN51
[25/07/2001 12:47|---hs----|11] - D:\WIN51.RC2
[18/08/2001 07:00|---hs----|10] - D:\WIN51IC
[05/03/2009 13:43|--a------|134656] - D:\libdvdread_plugin.dll
[25/07/2001 12:47|---hs----|11] - D:\WIN51IP.RC2
[17/08/2001 05:17|---hs----|184] - D:\WINBOM.INI
[01/01/2005 13:20|---hs----|6] - D:\BLOCK.RIN
[29/04/2004 08:37|---hs----|4096] - D:\Thumbs.db
[01/01/2005 13:20|--ahs----|938] - D:\USER
[01/02/2006 01:11|--ahs----|1552] - D:\BATCH.LOG
[18/11/2006 23:41|-r-hs----|26] - D:\RCBoot.sys
[06/02/2009 10:05|--a------|23105] - F:\Photo 0308.jpg
[06/02/2009 10:05|--a------|25709] - F:\Photo 0309.jpg
[06/02/2009 10:06|--a------|19933] - F:\Photo 0310.jpg
[06/02/2009 10:06|--a------|11621] - F:\Photo 0311.jpg
[06/02/2009 10:06|--a------|18773] - F:\Photo 0312.jpg
[06/02/2009 10:07|--a------|23069] - F:\Photo 0313.jpg
[06/02/2009 10:07|--a------|20673] - F:\Photo 0314.jpg
[06/02/2009 10:08|--a------|30305] - F:\Photo 0315.jpg
[06/02/2009 12:41|--a------|34961] - F:\Photo 0316.jpg
[06/02/2009 12:42|--a------|32413] - F:\Photo 0318.jpg
[06/02/2009 12:43|--a------|37237] - F:\Photo 0319.jpg
[06/02/2009 12:43|--a------|34457] - F:\Photo 0320.jpg
[09/02/2009 09:38|--a------|22241] - F:\Photo 0321.jpg
[09/02/2009 09:38|--a------|23493] - F:\Photo 0322.jpg
[09/02/2009 09:38|--a------|22237] - F:\Photo 0323.jpg
[09/02/2009 09:41|--a------|28785] - F:\Photo 0324.jpg
[09/02/2009 09:42|--a------|17317] - F:\Photo 0325.jpg
[09/02/2009 09:43|--a------|10989] - F:\Photo 0326.jpg
[09/02/2009 09:57|--a------|20121] - F:\Photo 0327.jpg
[09/02/2009 09:58|--a------|28325] - F:\Photo 0328.jpg
[09/02/2009 09:58|--a------|23561] - F:\Photo 0329.jpg
[09/02/2009 11:38|--a------|30437] - F:\Photo 0330.jpg
[09/02/2009 12:11|--a------|27505] - F:\Photo 0332.jpg
[10/02/2009 09:00|--a------|16761] - F:\Photo 0333.jpg
[10/02/2009 09:00|--a------|23865] - F:\Photo 0334.jpg
[10/02/2009 11:32|--a------|18297] - F:\Photo 0335.jpg
[10/02/2009 12:25|--a------|24389] - F:\Photo 0336.jpg
[14/01/2009 15:30|--a------|22109] - F:\Photo 0234.jpg
[14/01/2009 15:31|--a------|20013] - F:\Photo 0235.jpg
[15/01/2009 11:34|--a------|27741] - F:\Photo 0236.jpg
[15/01/2009 11:35|--a------|32965] - F:\Photo 0237.jpg
[15/01/2009 11:35|--a------|28573] - F:\Photo 0238.jpg
[15/01/2009 11:35|--a------|29805] - F:\Photo 0239.jpg
[15/01/2009 11:36|--a------|29941] - F:\Photo 0240.jpg
[15/01/2009 11:36|--a------|14213] - F:\Photo 0241.jpg
[15/01/2009 11:36|--a------|29389] - F:\Photo 0242.jpg
[15/01/2009 11:36|--a------|27505] - F:\Photo 0243.jpg
[15/01/2009 11:37|--a------|30365] - F:\Photo 0244.jpg
[15/01/2009 11:41|--a------|16721] - F:\Photo 0245.jpg
[15/01/2009 11:42|--a------|15621] - F:\Photo 0246.jpg
[15/01/2009 11:42|--a------|18553] - F:\Photo 0247.jpg
[15/01/2009 11:42|--a------|23733] - F:\Photo 0248.jpg
[15/01/2009 11:43|--a------|22537] - F:\Photo 0249.jpg
[15/01/2009 11:43|--a------|19957] - F:\Photo 0250.jpg
[15/01/2009 11:43|--a------|22961] - F:\Photo 0251.jpg
[15/01/2009 11:43|--a------|18877] - F:\Photo 0252.jpg
[15/01/2009 11:44|--a------|17773] - F:\Photo 0253.jpg
[23/01/2009 23:39|--a------|24625] - F:\Photo 0254.jpg
[25/01/2009 13:45|--a------|21185] - F:\Photo 0255.jpg
[25/01/2009 13:50|--a------|20173] - F:\Photo 0258.jpg
[25/01/2009 13:50|--a------|19673] - F:\Photo 0259.jpg
[25/01/2009 13:53|--a------|19325] - F:\Photo 0262.jpg
[25/01/2009 13:57|--a------|21461] - F:\Photo 0265.jpg
[27/01/2009 09:12|--a------|15733] - F:\Photo 0271.jpg
[04/02/2009 01:54|--a------|16269] - F:\Photo 0273.jpg
[12/12/2008 19:16|--a------|46276] - F:\EUROPE~1.JPG
[05/02/2009 10:51|--a------|11037] - F:\Photo 0274.jpg
[05/02/2009 10:51|--a------|10385] - F:\Photo 0275.jpg
[05/02/2009 10:52|--a------|9773] - F:\Photo 0276.jpg
[05/02/2009 10:53|--a------|10113] - F:\Photo 0277.jpg
[05/02/2009 10:53|--a------|10909] - F:\Photo 0278.jpg
[05/02/2009 10:53|--a------|11829] - F:\Photo 0279.jpg
[05/02/2009 10:54|--a------|10909] - F:\Photo 0280.jpg
[05/02/2009 10:54|--a------|10497] - F:\Photo 0281.jpg
[05/02/2009 10:54|--a------|19329] - F:\Photo 0282.jpg
[05/02/2009 10:54|--a------|8833] - F:\Photo 0283.jpg
[05/02/2009 10:56|--a------|32157] - F:\Photo 0284.jpg
[05/02/2009 10:57|--a------|10913] - F:\Photo 0285.jpg
[05/02/2009 10:59|--a------|10889] - F:\Photo 0286.jpg
[05/02/2009 11:05|--a------|24473] - F:\Photo 0287.jpg
[05/02/2009 11:06|--a------|27601] - F:\Photo 0288.jpg
[05/02/2009 11:06|--a------|12693] - F:\Photo 0289.jpg
[05/02/2009 11:09|--a------|25365] - F:\Photo 0290.jpg
[05/02/2009 11:10|--a------|24577] - F:\Photo 0291.jpg
[05/02/2009 11:10|--a------|22345] - F:\Photo 0292.jpg
[05/02/2009 11:10|--a------|35217] - F:\Photo 0293.jpg
[05/02/2009 11:10|--a------|24621] - F:\Photo 0294.jpg
[05/02/2009 11:11|--a------|25017] - F:\Photo 0295.jpg
[05/02/2009 11:11|--a------|26861] - F:\Photo 0296.jpg
[05/02/2009 11:11|--a------|29945] - F:\Photo 0297.jpg
[05/02/2009 11:12|--a------|22093] - F:\Photo 0298.jpg
[05/02/2009 11:12|--a------|22577] - F:\Photo 0299.jpg
[05/02/2009 11:13|--a------|24917] - F:\Photo 0300.jpg
[05/02/2009 11:13|--a------|30717] - F:\Photo 0301.jpg
[05/02/2009 11:13|--a------|19949] - F:\Photo 0302.jpg
[05/02/2009 11:13|--a------|20033] - F:\Photo 0303.jpg
[06/02/2009 10:03|--a------|23101] - F:\Photo 0304.jpg
[06/02/2009 10:04|--a------|23865] - F:\Photo 0305.jpg
[06/02/2009 10:04|--a------|23921] - F:\Photo 0306.jpg
[06/02/2009 10:05|--a------|23489] - F:\Photo 0307.jpg
[18/12/2007 17:41|--a------|846735] - F:\ricola_wallpaper3_1024x768.jpg
[28/02/2009 09:30|--a------|16924] - F:\Jerry_Damer_US.gif
[10/02/2009 12:25|--a------|23333] - F:\Photo 0337.jpg
[09/02/2009 05:31|--a------|28490] - F:\France_carte.gif
[22/01/2009 15:09|--a------|20785] - F:\photo du jour23.jpg
[17/07/2008 14:45|--a------|184837] - F:\Snapshot of me 2(1).png
[05/05/2008 18:27|--a------|56444] - F:\image00666666.jpg
[12/05/2008 16:06|--a------|21171] - F:\imstp_chubbi_by_im_fr_233.gif
[12/05/2008 16:06|--a------|38961] - F:\imstp_pets_cat1_fr_2.gif
[12/05/2008 16:08|--a------|12457] - F:\stampa_france_country_3.gif
[28/04/2008 20:50|--a------|6797] - F:\GROWIN~1.GIF
[28/04/2008 20:50|--a------|21085] - F:\header.jpg
[27/03/2008 20:46|--a------|360448] - F:\sarko.doc
[24/09/2007 01:02|--a------|372] - F:\spider.sav
[21/04/2008 21:05|--a------|236295] - F:\image001sarko a Londre.gif
[21/04/2008 21:17|--a------|20707] - F:\image002.Sa londre BISgif.gif
[21/03/2008 20:35|--a------|2771456] - F:\R‚flexion...pps
[05/05/2008 17:06|--a------|1519616] - F:\retouche-digitale.pps
[16/07/2008 11:29|--a------|1497088] - F:\rire_et_sourire_ddc.pps
[10/03/2008 22:18|--a------|2216960] - F:\SainteThrseWalter-Claire-.pps
[20/04/2008 23:19|--a------|2569216] - F:\sale gosse .pps
[27/03/2008 20:11|--a------|1348608] - F:\sarkoLe_magicien.pps
[23/11/2008 17:29|--a------|1698304] - F:\Seigneurdel_Antarctique.pps
[05/05/2008 17:15|--a------|5946861] - F:\Skeleton.wmv
[21/04/2008 21:57|--a------|931328] - F:\Souriez.ppt
[14/04/2008 21:21|--a------|286208] - F:\spectaculaire2.roch‚pps.pps
[16/04/2008 12:55|--a------|1484288] - F:\strange.pps
[21/06/2008 00:12|--a------|168448] - F:\StripperMasculino.pps
[27/04/2008 15:21|--a------|1570304] - F:\Sympa.pps
[29/12/2005 17:29|--a------|494592] - F:\Tanga.pps
[05/05/2008 18:21|--a------|1886414] - F:\tapa-l_heure.wmv
[26/03/2008 21:58|--a------|4789] - F:\tapette_…...pps
[13/01/2006 09:28|--a------|8060928] - F:\Test Inteligencia Emocional.pps
[16/07/2008 11:29|--a------|103424] - F:\Test_Devinettes_de_logique_ddc_.pps
[31/03/2008 16:52|--a------|150016] - F:\Test_du_pecheur...pps
[31/03/2008 16:53|--a------|57856] - F:\testconduite.pps
[07/04/2008 11:20|--a------|3809792] - F:\Thesimplelife_mb.pps
[21/04/2008 21:56|--a------|6888] - F:\ton_aquarium_Mo_M_.pps
[29/12/2005 16:42|--a------|174080] - F:\Tour De Magie Interactif (Siegfried Et Roy, David Copperfield, G‚rard Majax) Belfiore.pps
[12/05/2008 16:09|--a------|2401792] - F:\tranches_de_vie-1-.pps
[14/04/2008 21:42|--a------|1126400] - F:\TrouSecurit_Sociale1.pps
[05/05/2008 18:16|--a------|1727488] - F:\tr-sors_de_l-hiver_jo.pps
[27/03/2008 20:51|--a------|2009600] - F:\Un_r-gal_pour_les_yeux_rm.pps
[16/04/2008 13:05|--a------|171520] - F:\USA20dollars[1]B0.doc
[29/12/2005 18:43|--a------|1751552] - F:\Viaduc De Millau - Diaporama De Construction(1).pps
[01/05/2008 23:41|--a------|1972224] - F:\VoituresSales.pps
[07/04/2008 11:38|--a------|957440] - F:\voyage_sur_mars.ppt
[25/05/2008 09:19|--a------|17640] - F:\WAVING~11.GIF
[07/10/2007 22:14|--a------|4263326] - F:\Wifi Power.wmv
[29/12/2005 08:18|--a------|676352] - F:\Xxx - Fitness.pps
[07/04/2008 11:40|--a------|123392] - F:\Y_adecesjours.pps
[27/03/2008 20:45|--a------|566784] - F:\_Gueuledebois1.pps
[20/06/2008 22:48|--a------|46592] - F:\3_HOMMES._.A_MEDITER.PPS
[14/04/2008 22:32|--a------|141824] - F:\09-Le_couple_parfait.pps
[07/04/2008 11:30|--a------|642560] - F:\69TRESCOCHON.pps
[17/04/2008 20:36|--a------|62976] - F:\99a._Une_photo_compromettante_-ed-.doc
[22/06/2008 11:57|--a------|2553856] - F:\136_Vivre_en_harmonie.pps
[10/07/2008 14:35|--a------|1345536] - F:\793_Aimer.pps
[07/04/2008 21:21|--a------|217088] - F:\1269_-_CEINTURE_SECURITE____-v-.pps
[30/05/2008 18:02|--a------|1746432] - F:\A-_08_05____Royal_Air_Farce_JPLX.pps
[28/04/2008 07:00|--a------|126269] - F:\A_vue_de_nez.jpg
[20/02/2008 19:41|--a------|317952] - F:\accidentsjamaique.pps
[05/05/2008 17:43|--a------|470016] - F:\AdorableMamie+.pps
[21/06/2008 00:00|--a------|1334272] - F:\Africa_desde_el_cielo.pps
[29/12/2005 17:13|--a------|1024512] - F:\Alessia Fabiani.pps
[05/05/2008 18:03|--a------|1407488] - F:\amie(e)1.pps
[23/11/2008 17:29|--a------|1407488] - F:\amie-e-1.pps
[29/12/2005 17:58|--a------|1444352] - F:\Amigas.pps
[22/06/2008 12:00|--a------|63488] - F:\Amis_de_passage_(GW).pps
[16/04/2008 13:50|--a------|1908224] - F:\Amiti‚ vraie.pps
[27/03/2008 19:57|--a------|385024] - F:\analyse_sperme.pps
[29/12/2005 17:23|--a------|810496] - F:\Anti-Stress.pps
[20/06/2008 23:47|--a------|1576960] - F:\Apero_a_la_montagne-JJ.pps
[27/03/2008 20:03|--a------|323072] - F:\As-tu_remarqu‚e...pps
[12/05/2008 16:13|--a------|28462] - F:\ATT5327681.jpg
[12/05/2008 16:14|--a------|28852] - F:\ATT5327807.jpg
[12/05/2008 16:05|--a------|77668] - F:\ATT00846235212222.jpg
[22/06/2008 11:17|--a------|967168] - F:\BD_adultes.pps
[05/05/2008 15:39|--a------|1233920] - F:\Belles_Photos.pps
[22/12/2006 10:47|--ah-----|40960] - F:\CV~WRL0003.tmp
[14/08/2007 05:19|-r-------|153] - L:\autorun.inf
[28/03/2007 05:07|-r-------|180224] - L:\laucher.exe

################## [ Vaccination ]

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

################## [ Cracks / Keygens / Serials ]

# -> Nothing found !

################## [ ! Fin du rapport # UsbFix V3.023 ! ]
0
snips > Utilisateur anonyme
23 mai 2009 à 02:35
REre!!! y a un hic! POUR la manip demandé si après:

3)Relances Ad remover
Au menu principal choisis B
Ensuite sélectionnes A puis [entrée]
Ensuite sélectionnes S puis [entrée]; le travail va commencé
Postes le rapport

j' ai pas le menu "A"sur Ad Remover,y a "L" "D" ou "Q" (lancer,désinstaller,quitter) ???,,,^^
0
Réponse 4 / 4
snips
21 mai 2009 à 07:45
############################## [ UsbFix V3.023 # Cleaning ]

# User : Compaq_Propriétaire (Administrateurs) # JOLIECOEUR
# Update on 20/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 07:30:34 | 21/05/2009

# AMD Athlon(tm) 64 Processor 3200+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# AV : Pack Securite Plus 7.00 7.00 [ Enabled | Updated ]
# FW : Pack Securite Plus 7.00[ Enabled ]7.00

# C:\ # Disque fixe local # 181,12 Go (92,48 Go free) [PRESARIO] # NTFS
# D:\ # Disque fixe local # 5,17 Go (649,4 Mo free) [PRESARIO_RP] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque fixe local # 465,65 Go (431,85 Go free) [VERBATIM] # FAT32
# G:\ # Disque amovible # 252,2 Mo (172,66 Mo free) [USB] # FAT
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# K:\ # Disque amovible
# L:\ # Disque CD-ROM # 0,23 Mo (0 Mo free) [reunica] # CDFS
# M:\ # Disque amovible
# N:\ # Disque amovible

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers # Dossiers infectieux ]

G:\autorun.inf # -> fichier appelé : "G:\ie.exe" ( absent ! )
Deleted ! G:\autorun.inf
(!) Not Deleted ! L:\autorun.inf

################## [ Registre # Clés Run infectieuses ]


################## [ Registre # Mountpoints2 ]

Deleted ! HKCU\...\Explorer\MountPoints2\{9bda0926-9204-11db-a66b-0013d3ffe189}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{9bda092c-9204-11db-a66b-0013d3ffe189}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{a5bc1088-6455-11db-a65f-0013d3ffe189}\Shell\AutoRun\Command

################## [ Listing des fichiers présent ]

[23/11/2004 16:21|--a------|0] - C:\AUTOEXEC.BAT
[16/10/2006 23:35|-rahs----|218] - C:\BOOT.BAK
[22/01/2009 13:58|-rahs----|296] - C:\boot.ini
[04/08/2004 23:00|-rahs----|4952] - C:\Bootfont.bin
[04/08/2004 23:00|-r-hs----|263488] - C:\cmldr
[23/11/2004 16:21|--a------|0] - C:\CONFIG.SYS
[?|?|?] - C:\hiberfil.sys
[23/11/2004 16:21|-rahs----|0] - C:\IO.SYS
[23/11/2004 16:21|-rahs----|0] - C:\MSDOS.SYS
[04/08/2004 23:00|-rahs----|47564] - C:\NTDETECT.COM
[28/12/2008 03:45|-rahs----|252240] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[21/05/2009 07:33|--a--c---|3504] - C:\UsbFix.txt
[27/07/2001 15:07|---hs----|0] - D:\AUTOEXEC.BAT
[05/03/2009 13:43|--a------|122951] - D:\CDVDR.yti
[09/01/2002 18:52|---hs----|244] - D:\BOOT.INI
[16/08/2001 18:26|---hs----|237728] - D:\CMLDR
[28/07/2001 06:07|---hs----|0] - D:\CONFIG.SYS
[25/05/2005 03:48|---hs----|102] - D:\Desktop.ini
[10/09/2002 09:21|---hs----|7850] - D:\Folder.htt
[30/11/2004 04:01|---hs----|73728] - D:\Info.exe
[28/07/2001 06:07|---hs----|0] - D:\IO.SYS
[28/07/2001 06:07|---hs----|0] - D:\MSDOS.SYS
[25/07/2001 22:00|---hs----|45124] - D:\NTDETECT.COM
[25/07/2001 22:00|---hs----|222880] - D:\NTLDR
[03/03/2003 05:46|---hs----|111377] - D:\protect.ed
[01/01/2005 12:58|---hs----|36] - D:\SAVEFILE.DIR
[03/03/2003 05:41|---hs----|88038] - D:\Warning.bmp
[18/11/2006 23:40|---hs----|978] - D:\MASTER.LOG
[18/08/2001 07:00|---hs----|10] - D:\WIN51
[25/07/2001 12:47|---hs----|11] - D:\WIN51.RC2
[18/08/2001 07:00|---hs----|10] - D:\WIN51IC
[05/03/2009 13:43|--a------|134656] - D:\libdvdread_plugin.dll
[25/07/2001 12:47|---hs----|11] - D:\WIN51IP.RC2
[17/08/2001 05:17|---hs----|184] - D:\WINBOM.INI
[01/01/2005 13:20|---hs----|6] - D:\BLOCK.RIN
[29/04/2004 08:37|---hs----|4096] - D:\Thumbs.db
[01/01/2005 13:20|--ahs----|938] - D:\USER
[01/02/2006 01:11|--ahs----|1552] - D:\BATCH.LOG
[18/11/2006 23:41|-r-hs----|26] - D:\RCBoot.sys
[01/04/2009 17:43|--a------|3749510] - F:\Harry Belafonte - Don't Worry Be Happy.mp3
[12/05/2009 23:19|--a------|2230776] - F:\Jeanne Moreau - J'ai m‚moire qui flanche.mp3
[26/04/2009 17:10|--a------|1366980] - F:\Julien Dor‚ - La groupie du pianiste.mp3
[26/04/2009 16:52|--a------|5502477] - F:\Julien Dor‚ - Les Limites.mp3
[26/04/2009 16:51|--a------|4111046] - F:\Julien Dore - Moi Lolita ( VERSION SINGLE).MP3
[26/04/2009 13:59|--a------|7484036] - F:\Matisyahu - 10 - Late Night In Zion.mp3
[26/04/2009 13:58|--a------|7521300] - F:\Matisyahu - Youth - 04 - Dispatch The Troops - Reggae.mp3
[26/04/2009 13:57|--a------|7007550] - F:\Matisyahu - Youth - King Without A Crown.mp3
[26/04/2009 13:55|--a------|6142943] - F:\Matisyahu -Jerusalem.mp3
[26/04/2009 13:59|--a------|5750712] - F:\Matisyahu-Don't Know.mp3
[24/04/2009 19:20|--a------|5761419] - F:\Matisyahu-jerusalem.mp3
[26/04/2009 15:04|--a------|86039130] - F:\Matisyahu-Oi Iohoo Ioi.mp3
[26/04/2009 13:59|--a------|7707346] - F:\Matisyahu-Unique Is My Dove.mp3
[13/05/2009 20:51|--a------|4943964] - F:\Mike Brant - Laisse moi t'aimer.mp3
[13/05/2009 21:02|--a------|4489480] - F:\Mike Brant - Qui Saura.mp3
[01/04/2009 17:49|--a------|2742563] - F:\Patrick Fiori - Les Choses de la Vie - 04 - Les Parapluies De Cherbourg.mp3
[24/04/2009 19:20|--a------|7521527] - F:\sinsemilia-Alpha Blondie- Jerusalem.mp3
[26/04/2009 13:49|--a------|5924881] - F:\Sliimy - Alright.mp3
[26/04/2009 13:49|--a------|3923426] - F:\Sliimy - Close & Open.mp3
[26/04/2009 13:59|--a------|7898856] - F:\Sliimy - Do You Really Want To Hurt Me (Culture Club Cover)(1).mp3
[26/04/2009 13:50|--a------|7898654] - F:\Sliimy - Do You Really Want To Hurt Me (Culture Club Cover).mp3
[26/04/2009 13:49|--a------|1290375] - F:\Sliimy - Little Sister.mp3
[26/04/2009 13:49|--a------|3332875] - F:\Sliimy - Over our rainbow.mp3
[26/04/2009 13:59|--a------|4266377] - F:\Sliimy - Paint your face - 03 - Our Generation.mp3
[26/04/2009 13:57|--a------|4436700] - F:\Sliimy - Paint your face - 07 - Trust Me.mp3
[26/04/2009 14:02|--a------|3393892] - F:\Sliimy - Paint your face - 10 - Tic Tac.mp3
[26/04/2009 13:59|--a------|7729377] - F:\Sliimy - Paint your face - 11 - My God.mp3
[26/04/2009 13:59|--a------|4093952] - F:\Sliimy - Shake Your Tailfeather(1).mp3
[26/04/2009 13:51|--a------|4093952] - F:\Sliimy - Shake Your Tailfeather.mp3
[26/04/2009 13:52|--a------|2653960] - F:\Sliimy - Trust Me.mp3
[26/04/2009 13:49|--a------|4560647] - F:\Sliimy - Wake Up.mp3
[26/04/2009 13:48|--a------|3976820] - F:\Sliimy - Womanizer (Britney cover).mp3
[26/04/2009 14:28|--a------|1967378] - F:\Sliimy--When_life-composition.mp3
[10/05/2009 00:53|--a------|50838845] - F:\Soundtrack - 2008 Wanted (128) Danny Elfman - OST BSO BOF - Mr. Yusseply.zip
[10/04/2009 02:58|--a------|143851520] - F:\system of a down - every other week.mp3
[09/04/2009 23:31|--a------|5654918] - F:\System of a Down - Goodbye Blue Sky (Pink Floyd Cover) and War (Live).mp3
[09/04/2009 23:42|--a------|3416064] - F:\System of a Down - Hit me baby one more time(acustic live) (Britney Spears Bitch cover).mp3
[10/04/2009 00:43|--a------|53883548] - F:\System Of A Down - Hypnotize (2005)-Ind Sharevirus Clip Atack.mp3
[09/04/2009 23:35|--a------|4644489] - F:\System Of A Down - Innervision.mp3
[09/04/2009 23:32|--a------|977024] - F:\System Of A Down - Legend Of Zelda.mp3
[10/04/2009 00:05|--a------|6720828] - F:\System Of A Down - Lonely Day.mp3
[10/04/2009 02:35|--a------|732566400] - F:\System Of A Down - Mezmerize - Byob (Bring Your Own Bombs).mp3
[09/04/2009 23:44|--a------|6025635] - F:\System of a Down - When i'm gone.mp3
[09/04/2009 23:40|--a------|12263444] - F:\System Of A Down & Metallica - Mastertarium (Live).mp3
[24/04/2009 19:07|--a------|9450133] - F:\Tales Of The Forgotten Melodies - 14 - Wax Tailor - Walk The Line (Feat The Others).mp3
[24/04/2009 19:15|--a------|115385501] - F:\Wax Tailor - Discographie.mp3
[24/04/2009 18:51|--a------|5193487] - F:\Wax Tailor - Hope And Sorrow - 05 - The Man With No Soul (Feat Charlotte Savary).mp3
[24/04/2009 19:13|--a------|5323273] - F:\Wax Tailor - Positively Inclined.mp3
[13/05/2009 21:02|--a------|4489480] - F:\Copie de Mike Brant - Qui Saura.mp3
[24/04/2009 19:20|--a------|7521527] - F:\Copie de sinsemilia-Alpha Blondie- Jerusalem.mp3
[26/04/2009 13:49|--a------|5924881] - F:\Copie de Sliimy - Alright.mp3
[26/04/2009 13:49|--a------|3923426] - F:\Copie de Sliimy - Close & Open.mp3
[26/04/2009 16:51|--a------|4111046] - F:\Copie de Julien Dore - Moi Lolita ( VERSION SINGLE).MP3
[26/04/2009 13:59|--a------|7484036] - F:\Copie de Matisyahu - 10 - Late Night In Zion.mp3
[26/04/2009 13:58|--a------|7521300] - F:\Copie de Matisyahu - Youth - 04 - Dispatch The Troops - Reggae.mp3
[26/04/2009 13:57|--a------|7007550] - F:\Copie de Matisyahu - Youth - King Without A Crown.mp3
[01/04/2009 17:46|--a------|11463424] - F:\Copie de Chuck Berry - Don't worry Be happy.mp3
[09/04/2009 23:28|--a------|3181140] - F:\Copie de 311, Incubus, Korn, Red Hot Chili Peppers, Tool,Limp Bizkit, System Of A Down - Feel So Good.mp3
[01/04/2009 17:34|--a------|3749511] - F:\Copie de Bob Marley - Don't Worry, Be Happy.mp3
[01/04/2009 17:34|--a------|5334791] - F:\Copie de Bobby McFerrin - Don't Worry Be Happy.mp3
[01/04/2009 19:06|--a------|9488512] - F:\Copie de Bobby McFerrin- Don't Worry Be Happy.mp3
[08/05/2009 17:42|--a------|4172196] - F:\Copie de bonobo - Scuba (Amon Tobin remix).mp3
[13/05/2009 20:49|--a------|4175217] - F:\Copie de BRANT - Mike Brant - Rien qu'une larme - karaok‚ (194).mp3
[26/04/2009 17:09|--a------|2568372] - F:\Copie de 01 - Julien Dor‚ - Like A Virgin.mp3
[26/04/2009 14:16|--a------|6756861] - F:\Copie de 01-P.O.D._Feat._Matisyahu-Roots_In_Stereo.mp3
[13/05/2009 20:48|--a------|3279979] - F:\Copie de [0] Serge Nelson - Je Voudrais Dormir Pres De Toi (Les Ann‚es Claude Fran‡ois, Frederic Fran‡ois, C Jerome, Mike Brant).mp3
[17/03/2009 21:31|--a------|732844032] - F:\Walt Disney - Le Magicien D Oz - (Fr) Ok - Seed37.avi
[08/05/2009 13:32|--a------|733569024] - F:\Terminator 1 French Dvdrip Xvid.avi
[08/05/2009 20:06|--a------|736481280] - F:\Terminator 2 French Le Jugement Dernier French Dvdrip.avi
[08/05/2009 13:12|--a------|731830272] - F:\Terminator.3.(DivX.FR.DVDRip).Repack.STPB.par.[emule-island.com].avi
[04/04/2009 08:41|--a------|735000576] - F:\GHOST.RIDER.(2007).Vraie.VF.Divx6.French.DVDRip.ARLBOUFFIARD-UnitY.avi
[27/04/2009 12:50|--a------|726482944] - F:\Dans.La.Peau.De.John.Malkovich.Fr.Divx.[emule-island.com].avi
[10/05/2009 12:47|--a------|734222336] - F:\Dirty Dancing 2 - Les Nuits De La Havane - Fr Dvdrip.avi
[10/05/2009 22:17|--a------|735277056] - F:\Kiss Kiss,Bang Bang Dvdrip Fr Ripped By Dmc (2006) Version Fr Non Canadienne.avi
[05/04/2009 04:29|--a------|692202970] - F:\OUTLANDER.2008.FRENCH.DVDRiP.XViD-OLi82.FUCK.avi
[10/05/2009 23:39|--a------|728532992] - F:\Southland.Tales.2008.TrueFrench.DVDrip.REPACK.1CD.XViD-RLD.By.Agecanonix.[emule-island.com].avi
[05/04/2009 06:42|--a------|734693376] - F:\le royaume interdit.french.dvdrip.master.avi
[08/05/2009 20:15|--a------|735627264] - F:\WANTED.DVDRIP.FR.VVF.COOLI.[emule-island.com].avi
[04/05/2009 20:48|--a------|735791104] - F:\TONNERRE.SOUS.LES.TROPIQUES.DVDRIP.FR.VVF.COOLI.[emule-island.com].avi
[01/04/2009 16:49|--a------|725759050] - F:\The.Breakfast.Club.FRENCH.DiVX5.02.by.SpcK.[emule-island.com].avi
[09/04/2009 23:33|--a------|11701857] - F:\ Godsmack, Disturbed, Deftones, ICP, Korn, Limp Bizkit, System of a down, Rage against the machine, Scatman John.mp3
[26/04/2009 16:53|--a------|2519983] - F:\[0] Julien Dor‚ - Comme D'habitude (Live · La Nouvelle Star 2007 - Prime 04).mp3
[13/05/2009 20:48|--a------|3279979] - F:\[0] Serge Nelson - Je Voudrais Dormir Pres De Toi (Les Ann‚es Claude Fran‡ois, Frederic Fran‡ois, C Jerome, Mike Brant).mp3
[26/04/2009 17:09|--a------|2568372] - F:\01 - Julien Dor‚ - Like A Virgin.mp3
[26/04/2009 14:16|--a------|6756861] - F:\01-P.O.D._Feat._Matisyahu-Roots_In_Stereo.mp3
[26/04/2009 13:57|--a------|7059473] - F:\02-matisyahu-youth(1).mp3
[26/04/2009 14:01|--a------|4166307] - F:\03 - matisyahu - time of your song(1).mp3
[24/04/2009 19:12|--a------|6029288] - F:\06 - Alphaville - Jerusalem.mp3
[26/04/2009 17:00|--a------|2661888] - F:\06 - Julien Dor‚ - Le Mal Aim‚.mp3
[24/04/2009 18:58|--a------|5290236] - F:\08 - wax tailor - sometimes.mp3
[26/04/2009 16:54|--a------|4948489] - F:\11 - Julien Dor‚ - First Lady.mp3
[09/04/2009 23:57|--a------|8815315] - F:\12. System of a Down - Soldier Side.mp3
[24/04/2009 18:56|--a------|5348099] - F:\14-fergie-get_your_hands_up_(feat_the_black_eyed_peas)_(bonus_track).mp3
[01/04/2009 17:34|--a------|3749511] - F:\Bob Marley - Don't Worry, Be Happy.mp3
[01/04/2009 17:34|--a------|5334791] - F:\Bobby McFerrin - Don't Worry Be Happy.mp3
[01/04/2009 19:06|--a------|9488512] - F:\Bobby McFerrin- Don't Worry Be Happy.mp3
[08/05/2009 17:42|--a------|4172196] - F:\bonobo - Scuba (Amon Tobin remix).mp3
[13/05/2009 20:49|--a------|4175217] - F:\BRANT - Mike Brant - Rien qu'une larme - karaok‚ (194).mp3
[24/04/2009 20:19|--a------|100663296] - F:\Elektroniktou [Elektrons] - J'entends La Taule Vibrer [hardkor- tek - hardtek - hardcore - hardcor - free - son - teuf - teknival].mp3
[24/04/2009 18:57|--a------|6266321] - F:\elektrons - dirty basement ft. eska (sinden remix).mp3
[24/04/2009 20:10|--a------|8732042] - F:\elektrons-get_up_feat._pete_simpson_and_soup_(herve_gets_down_remix).mp3
[10/04/2009 03:54|--a------|613707255] - F:\Fonts Metal Band (Niravana, Deftones, System Of A Down, Metallica, Korn, Linking Park, Iron Maiden,)(1).zip.mp3
[26/04/2009 16:51|--a------|4324979] - F:\Julien Dor‚ - Le coup de soleil.mp3
[06/02/2009 10:05|--a------|23105] - G:\Photo 0308.jpg
[06/02/2009 10:05|--a------|25709] - G:\Photo 0309.jpg
[06/02/2009 10:06|--a------|19933] - G:\Photo 0310.jpg
[06/02/2009 10:06|--a------|11621] - G:\Photo 0311.jpg
[06/02/2009 10:06|--a------|18773] - G:\Photo 0312.jpg
[06/02/2009 10:07|--a------|23069] - G:\Photo 0313.jpg
[06/02/2009 10:07|--a------|20673] - G:\Photo 0314.jpg
[06/02/2009 10:08|--a------|30305] - G:\Photo 0315.jpg
[06/02/2009 12:41|--a------|34961] - G:\Photo 0316.jpg
[06/02/2009 12:42|--a------|32413] - G:\Photo 0318.jpg
[06/02/2009 12:43|--a------|37237] - G:\Photo 0319.jpg
[06/02/2009 12:43|--a------|34457] - G:\Photo 0320.jpg
[09/02/2009 09:38|--a------|22241] - G:\Photo 0321.jpg
[09/02/2009 09:38|--a------|23493] - G:\Photo 0322.jpg
[09/02/2009 09:38|--a------|22237] - G:\Photo 0323.jpg
[09/02/2009 09:41|--a------|28785] - G:\Photo 0324.jpg
[09/02/2009 09:42|--a------|17317] - G:\Photo 0325.jpg
[09/02/2009 09:43|--a------|10989] - G:\Photo 0326.jpg
[09/02/2009 09:57|--a------|20121] - G:\Photo 0327.jpg
[09/02/2009 09:58|--a------|28325] - G:\Photo 0328.jpg
[09/02/2009 09:58|--a------|23561] - G:\Photo 0329.jpg
[09/02/2009 11:38|--a------|30437] - G:\Photo 0330.jpg
[09/02/2009 12:11|--a------|27505] - G:\Photo 0332.jpg
[10/02/2009 09:00|--a------|16761] - G:\Photo 0333.jpg
[10/02/2009 09:00|--a------|23865] - G:\Photo 0334.jpg
[10/02/2009 11:32|--a------|18297] - G:\Photo 0335.jpg
[10/02/2009 12:25|--a------|24389] - G:\Photo 0336.jpg
[14/01/2009 15:30|--a------|22109] - G:\Photo 0234.jpg
[14/01/2009 15:31|--a------|20013] - G:\Photo 0235.jpg
[15/01/2009 11:34|--a------|27741] - G:\Photo 0236.jpg
[15/01/2009 11:35|--a------|32965] - G:\Photo 0237.jpg
[15/01/2009 11:35|--a------|28573] - G:\Photo 0238.jpg
[15/01/2009 11:35|--a------|29805] - G:\Photo 0239.jpg
[15/01/2009 11:36|--a------|29941] - G:\Photo 0240.jpg
[15/01/2009 11:36|--a------|14213] - G:\Photo 0241.jpg
[15/01/2009 11:36|--a------|29389] - G:\Photo 0242.jpg
[15/01/2009 11:36|--a------|27505] - G:\Photo 0243.jpg
[15/01/2009 11:37|--a------|30365] - G:\Photo 0244.jpg
[15/01/2009 11:41|--a------|16721] - G:\Photo 0245.jpg
[15/01/2009 11:42|--a------|15621] - G:\Photo 0246.jpg
[15/01/2009 11:42|--a------|18553] - G:\Photo 0247.jpg
[15/01/2009 11:42|--a------|23733] - G:\Photo 0248.jpg
[15/01/2009 11:43|--a------|22537] - G:\Photo 0249.jpg
[15/01/2009 11:43|--a------|19957] - G:\Photo 0250.jpg
[15/01/2009 11:43|--a------|22961] - G:\Photo 0251.jpg
[15/01/2009 11:43|--a------|18877] - G:\Photo 0252.jpg
[15/01/2009 11:44|--a------|17773] - G:\Photo 0253.jpg
[23/01/2009 23:39|--a------|24625] - G:\Photo 0254.jpg
[25/01/2009 13:45|--a------|21185] - G:\Photo 0255.jpg
[25/01/2009 13:50|--a------|20173] - G:\Photo 0258.jpg
[25/01/2009 13:50|--a------|19673] - G:\Photo 0259.jpg
[25/01/2009 13:53|--a------|19325] - G:\Photo 0262.jpg
[25/01/2009 13:57|--a------|21461] - G:\Photo 0265.jpg
[27/01/2009 09:12|--a------|15733] - G:\Photo 0271.jpg
[04/02/2009 01:54|--a------|16269] - G:\Photo 0273.jpg
[12/12/2008 19:16|--a------|46276] - G:\EUROPE~1.JPG
[05/02/2009 10:51|--a------|11037] - G:\Photo 0274.jpg
[05/02/2009 10:51|--a------|10385] - G:\Photo 0275.jpg
[05/02/2009 10:52|--a------|9773] - G:\Photo 0276.jpg
[05/02/2009 10:53|--a------|10113] - G:\Photo 0277.jpg
[05/02/2009 10:53|--a------|10909] - G:\Photo 0278.jpg
[05/02/2009 10:53|--a------|11829] - G:\Photo 0279.jpg
[05/02/2009 10:54|--a------|10909] - G:\Photo 0280.jpg
[05/02/2009 10:54|--a------|10497] - G:\Photo 0281.jpg
[05/02/2009 10:54|--a------|19329] - G:\Photo 0282.jpg
[05/02/2009 10:54|--a------|8833] - G:\Photo 0283.jpg
[05/02/2009 10:56|--a------|32157] - G:\Photo 0284.jpg
[05/02/2009 10:57|--a------|10913] - G:\Photo 0285.jpg
[05/02/2009 10:59|--a------|10889] - G:\Photo 0286.jpg
[05/02/2009 11:05|--a------|24473] - G:\Photo 0287.jpg
[05/02/2009 11:06|--a------|27601] - G:\Photo 0288.jpg
[05/02/2009 11:06|--a------|12693] - G:\Photo 0289.jpg
[05/02/2009 11:09|--a------|25365] - G:\Photo 0290.jpg
[05/02/2009 11:10|--a------|24577] - G:\Photo 0291.jpg
[05/02/2009 11:10|--a------|22345] - G:\Photo 0292.jpg
[05/02/2009 11:10|--a------|35217] - G:\Photo 0293.jpg
[05/02/2009 11:10|--a------|24621] - G:\Photo 0294.jpg
[05/02/2009 11:11|--a------|25017] - G:\Photo 0295.jpg
[05/02/2009 11:11|--a------|26861] - G:\Photo 0296.jpg
[05/02/2009 11:11|--a------|29945] - G:\Photo 0297.jpg
[05/02/2009 11:12|--a------|22093] - G:\Photo 0298.jpg
[05/02/2009 11:12|--a------|22577] - G:\Photo 0299.jpg
[05/02/2009 11:13|--a------|24917] - G:\Photo 0300.jpg
[05/02/2009 11:13|--a------|30717] - G:\Photo 0301.jpg
[05/02/2009 11:13|--a------|19949] - G:\Photo 0302.jpg
[05/02/2009 11:13|--a------|20033] - G:\Photo 0303.jpg
[06/02/2009 10:03|--a------|23101] - G:\Photo 0304.jpg
[06/02/2009 10:04|--a------|23865] - G:\Photo 0305.jpg
[06/02/2009 10:04|--a------|23921] - G:\Photo 0306.jpg
[06/02/2009 10:05|--a------|23489] - G:\Photo 0307.jpg
[18/12/2007 17:41|--a------|846735] - G:\ricola_wallpaper3_1024x768.jpg
[28/02/2009 09:30|--a------|16924] - G:\Jerry_Damer_US.gif
[10/02/2009 12:25|--a------|23333] - G:\Photo 0337.jpg
[09/02/2009 05:31|--a------|28490] - G:\France_carte.gif
[22/01/2009 15:09|--a------|20785] - G:\photo du jour23.jpg
[17/07/2008 14:45|--a------|184837] - G:\Snapshot of me 2(1).png
[05/05/2008 18:27|--a------|56444] - G:\image00666666.jpg
[12/05/2008 16:06|--a------|21171] - G:\imstp_chubbi_by_im_fr_233.gif
[12/05/2008 16:06|--a------|38961] - G:\imstp_pets_cat1_fr_2.gif
[12/05/2008 16:08|--a------|12457] - G:\stampa_france_country_3.gif
[28/04/2008 20:50|--a------|6797] - G:\GROWIN~1.GIF
[28/04/2008 20:50|--a------|21085] - G:\header.jpg
[27/03/2008 20:46|--a------|360448] - G:\sarko.doc
[24/09/2007 01:02|--a------|372] - G:\spider.sav
[21/04/2008 21:05|--a------|236295] - G:\image001sarko a Londre.gif
[21/04/2008 21:17|--a------|20707] - G:\image002.Sa londre BISgif.gif
[21/03/2008 20:35|--a------|2771456] - G:\R‚flexion...pps
[05/05/2008 17:06|--a------|1519616] - G:\retouche-digitale.pps
[16/07/2008 11:29|--a------|1497088] - G:\rire_et_sourire_ddc.pps
[10/03/2008 22:18|--a------|2216960] - G:\SainteThrseWalter-Claire-.pps
[20/04/2008 23:19|--a------|2569216] - G:\sale gosse .pps
[27/03/2008 20:11|--a------|1348608] - G:\sarkoLe_magicien.pps
[23/11/2008 17:29|--a------|1698304] - G:\Seigneurdel_Antarctique.pps
[05/05/2008 17:15|--a------|5946861] - G:\Skeleton.wmv
[21/04/2008 21:57|--a------|931328] - G:\Souriez.ppt
[14/04/2008 21:21|--a------|286208] - G:\spectaculaire2.roch‚pps.pps
[16/04/2008 12:55|--a------|1484288] - G:\strange.pps
[21/06/2008 00:12|--a------|168448] - G:\StripperMasculino.pps
[27/04/2008 15:21|--a------|1570304] - G:\Sympa.pps
[29/12/2005 17:29|--a------|494592] - G:\Tanga.pps
[05/05/2008 18:21|--a------|1886414] - G:\tapa-l_heure.wmv
[26/03/2008 21:58|--a------|4789] - G:\tapette_…...pps
[13/01/2006 09:28|--a------|8060928] - G:\Test Inteligencia Emocional.pps
[16/07/2008 11:29|--a------|103424] - G:\Test_Devinettes_de_logique_ddc_.pps
[31/03/2008 16:52|--a------|150016] - G:\Test_du_pecheur...pps
[31/03/2008 16:53|--a------|57856] - G:\testconduite.pps
[07/04/2008 11:20|--a------|3809792] - G:\Thesimplelife_mb.pps
[21/04/2008 21:56|--a------|6888] - G:\ton_aquarium_Mo_M_.pps
[29/12/2005 16:42|--a------|174080] - G:\Tour De Magie Interactif (Siegfried Et Roy, David Copperfield, G‚rard Majax) Belfiore.pps
[12/05/2008 16:09|--a------|2401792] - G:\tranches_de_vie-1-.pps
[14/04/2008 21:42|--a------|1126400] - G:\TrouSecurit_Sociale1.pps
[05/05/2008 18:16|--a------|1727488] - G:\tr-sors_de_l-hiver_jo.pps
[27/03/2008 20:51|--a------|2009600] - G:\Un_r-gal_pour_les_yeux_rm.pps
[16/04/2008 13:05|--a------|171520] - G:\USA20dollars[1]B0.doc
[29/12/2005 18:43|--a------|1751552] - G:\Viaduc De Millau - Diaporama De Construction(1).pps
[01/05/2008 23:41|--a------|1972224] - G:\VoituresSales.pps
[07/04/2008 11:38|--a------|957440] - G:\voyage_sur_mars.ppt
[25/05/2008 09:19|--a------|17640] - G:\WAVING~11.GIF
[07/10/2007 22:14|--a------|4263326] - G:\Wifi Power.wmv
[29/12/2005 08:18|--a------|676352] - G:\Xxx - Fitness.pps
[07/04/2008 11:40|--a------|123392] - G:\Y_adecesjours.pps
[27/03/2008 20:45|--a------|566784] - G:\_Gueuledebois1.pps
[20/06/2008 22:48|--a------|46592] - G:\3_HOMMES._.A_MEDITER.PPS
[14/04/2008 22:32|--a------|141824] - G:\09-Le_couple_parfait.pps
[07/04/2008 11:30|--a------|642560] - G:\69TRESCOCHON.pps
[17/04/2008 20:36|--a------|62976] - G:\99a._Une_photo_compromettante_-ed-.doc
[22/06/2008 11:57|--a------|2553856] - G:\136_Vivre_en_harmonie.pps
[10/07/2008 14:35|--a------|1345536] - G:\793_Aimer.pps
[07/04/2008 21:21|--a------|217088] - G:\1269_-_CEINTURE_SECURITE____-v-.pps
[30/05/2008 18:02|--a------|1746432] - G:\A-_08_05____Royal_Air_Farce_JPLX.pps
[28/04/2008 07:00|--a------|126269] - G:\A_vue_de_nez.jpg
[20/02/2008 19:41|--a------|317952] - G:\accidentsjamaique.pps
[05/05/2008 17:43|--a------|470016] - G:\AdorableMamie+.pps
[21/06/2008 00:00|--a------|1334272] - G:\Africa_desde_el_cielo.pps
[29/12/2005 17:13|--a------|1024512] - G:\Alessia Fabiani.pps
[05/05/2008 18:03|--a------|1407488] - G:\amie(e)1.pps
[23/11/2008 17:29|--a------|1407488] - G:\amie-e-1.pps
[29/12/2005 17:58|--a------|1444352] - G:\Amigas.pps
[22/06/2008 12:00|--a------|63488] - G:\Amis_de_passage_(GW).pps
[16/04/2008 13:50|--a------|1908224] - G:\Amiti‚ vraie.pps
[27/03/2008 19:57|--a------|385024] - G:\analyse_sperme.pps
[29/12/2005 17:23|--a------|810496] - G:\Anti-Stress.pps
[20/06/2008 23:47|--a------|1576960] - G:\Apero_a_la_montagne-JJ.pps
[27/03/2008 20:03|--a------|323072] - G:\As-tu_remarqu‚e...pps
[12/05/2008 16:13|--a------|28462] - G:\ATT5327681.jpg
[12/05/2008 16:14|--a------|28852] - G:\ATT5327807.jpg
[12/05/2008 16:05|--a------|77668] - G:\ATT00846235212222.jpg
[22/06/2008 11:17|--a------|967168] - G:\BD_adultes.pps
[05/05/2008 15:39|--a------|1233920] - G:\Belles_Photos.pps
[22/12/2006 10:47|--ah-----|40960] - G:\CV~WRL0003.tmp
[14/08/2007 05:19|-r-------|153] - L:\autorun.inf
[28/03/2007 05:07|-r-------|180224] - L:\laucher.exe

################## [ Vaccination ]

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

################## [ Cracks / Keygens / Serials ]

# -> Nothing found !

################## [ ! Fin du rapport # UsbFix V3.023 ! ]
0

Discussions similaires

SHOESBYIARA est ce une arnaque Svpp????
Anais -
Scarlett -

13 réponses
mail rejeté
biljp -
biljp -

7 réponses
Comment voir les commentaires d'une personne sur Facebook ?
elbarto -
Mounii -

8 réponses
Problème "To Be Filled By O.E.M"
Faker Amine -
lakh_ali -

4 réponses
victime d'une arnaque client mystère
ness77141 -
Colinette -

73 réponses