Probleme antivirus

Fermé
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010 - 29 juin 2009 à 18:40
 Utilisateur anonyme - 7 juil. 2009 à 10:36
Bonjour,


j'ai un ordinateur portable Toshiba assez ancien et mon antivirus norton est périmé.

Je pense avoir été infecté par un virus et quand j'essai d'installé un antivirus l'insatalation disparais apres quelque seconde.

Que dois-je faire?
A voir également:

32 réponses

foxie13 Messages postés 14 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 30 juin 2009 13
29 juin 2009 à 18:43
Quel est l'antivirus que tu essaye d'installé ? As tu desinstallé norton avant d'installer un nouvel antivirus ?
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
29 juin 2009 à 18:45
oui j'ai essayé avast et antivir et sa disparais a chaque fois!!
0
foxie13 Messages postés 14 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 30 juin 2009 13
29 juin 2009 à 18:47
Peut etre a tous hasard, vas voir si windows defender ne te bloque pas l'installation de ton programme. A part ça je vois pas ! Désolé et bon courage !
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
29 juin 2009 à 18:49
non aparement pas!! et je suis sur windows xp!! merci quand meme
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
29 juin 2009 à 18:49
D'autre avis?
0
Utilisateur anonyme
29 juin 2009 à 18:49
Bonjour teeyo,
*Commences par desinstaller Norton avec l'outil de desinstallation, le premier lien de cette page: https://www.google.fr/search?q=desinstaller+norton&sourceid=navclient-ff&ie=UTF-8&rlz=1B3GGGL_frFR314FR314&gws_rd=ssl
*Telecharges Hijackthis sur le bureau.
*Tu le lances, clic sur " do a scann system and save log "
*A la fin, le bloc notes doit s'ouvrir, fais un copier/coller de ce rapport dans un prochain message ci dessous.
A+
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
29 juin 2009 à 18:54
j'avais déjà désinstallé norton et tout ses composant!!

voilà le rapport je pense etre infecté par plusieur virus

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:51:50, on 29/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\LTSMMSG.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\VM305_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Ares\Ares.exe
C:\documents and settings\yohann\local settings\application data\oiuowqo.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\TEMP\winaylppw.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\Yohann\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\Minitel\Watch.exe
O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\Deaf media.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [ONCEDALE] C:\DOCUME~1\Yohann\APPLIC~1\DUPEFA~1\Size Grid Amok.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKCU\..\Run: [oiuowqo] "c:\documents and settings\yohann\local settings\application data\oiuowqo.exe" oiuowqo
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file:///C:\Program Files\TOSHIBA\Free Update Service\splash.html
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095245312088
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
0
Utilisateur anonyme
29 juin 2009 à 19:07
RE
*Telecharges Malwarebytes' sur le bureau
*Tu le lances, fais la mise a jour et un examen complet.
*A la fin, clic sur afficher les resultats, verifies que tout soit coche, et clic sur supprimer la selection. Redemarres si c'est demande.
*Poste moi le rapport. Si il ne s'affiche pas tout seul, il est dans l'onglet Rapport/log
A+
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
29 juin 2009 à 23:27
j'avais une cinquantaine de virus!!!!!!!!

voilà le rapport

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2297
Windows 5.1.2600 Service Pack 3

29/06/2009 09:26:17
mbam-log-2009-06-29 (09-26-17).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 227748
Temps écoulé: 1 hour(s), 47 minute(s), 34 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 7
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 42

Processus mémoire infecté(s):
C:\documents and settings\Yohann\local settings\application data\oiuowqo.exe (Adware.Navipromo.H) -> Unloaded process successfully.
C:\WINDOWS\Temp\winonquo.exe (Trojan.Downloader) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\oiuowqo (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Boob Idle Software Acid (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\documents and settings\Yohann\local settings\application data\oiuowqo_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\Yohann\local settings\application data\oiuowqo_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\Yohann\local settings\application data\oiuowqo.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\Yohann\local settings\application data\oiuowqo.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\winonquo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\eyt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\hkn6k.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\icxpa.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\jm3cx96.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\nu.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\ysep1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\documents and settings\Yohann\local settings\Temp\elxlob.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0264190.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0265008.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\nmdfgds1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\knsbg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
d:\ysep1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\jm3cx96.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\eyt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\icxpa.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\nu.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\hkn6k.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\Live-Player_setup.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0264167.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0264194.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0264200.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0266013.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0266064.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0266071.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0266083.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP628\A0266130.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP629\A0266138.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP629\A0267084.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP629\A0267133.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{77d31d08-ab81-4832-821e-78584b486ddd}\RP629\A0267139.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\Deaf media.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\olhrwef.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\ukvr.bat (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\nmdfgds0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\autorun.inf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\2a.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\fbak.exe (Trojan.Agent) -> Quarantined and deleted successfully.
0
Utilisateur anonyme
29 juin 2009 à 23:39
RE
# Télécharges ComboFix (par sUBs) sur le Bureau.
# Désactives tes logiciels de protection avant de lancer Combofix.Antivirus et adware
# Double-cliques sur ComboFix.exe pour le lancer
# A l'apparition du message d'alerte, acceptez les conditions d'utilisation puis suivez les instructions.
# Il est vivement recommandé d'installer la Console de récupération ! (Sous XP)
# Le rapport sera créé dans : C:/Combofix.txt. Tu me fais un Copier/Coller de ce rapport dans un prochain message ci dessous.
# Réactives tes logiciels de protection.
---------------------------------------
Un Tuto a lire
A+
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
30 juin 2009 à 02:40
voilà le rapport de combofix

ComboFix 09-06-29.02 - Yohann 29/06/2009 9:52.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.495.169 [GMT -12:00]
Lancé depuis: c:\documents and settings\Yohann\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\lad.bat
C:\mt.bat
c:\recycler\NPROTECT\00027019.
c:\recycler\NPROTECT\00027020.
c:\recycler\NPROTECT\00027021.
c:\recycler\NPROTECT\00027022.
c:\recycler\NPROTECT\00027023.
c:\recycler\NPROTECT\00027025.
c:\recycler\NPROTECT\00027026.
c:\recycler\NPROTECT\00027027.
c:\recycler\NPROTECT\00027028.
c:\recycler\NPROTECT\00027029.
c:\recycler\NPROTECT\00027030.
c:\recycler\NPROTECT\00028669.
c:\recycler\NPROTECT\00028734.
c:\recycler\NPROTECT\00028773.
c:\recycler\NPROTECT\00028774.
c:\recycler\NPROTECT\00028775.
c:\recycler\NPROTECT\00028776.
c:\recycler\NPROTECT\00028777.
c:\recycler\NPROTECT\00028779.
c:\recycler\NPROTECT\00028780.
c:\recycler\NPROTECT\00028781.
c:\recycler\NPROTECT\00028782.
c:\recycler\NPROTECT\00028783.
c:\recycler\NPROTECT\00028784.
c:\recycler\NPROTECT\00047351.
c:\recycler\NPROTECT\00047452.
c:\recycler\NPROTECT\00047548.
c:\recycler\NPROTECT\00047549.
c:\recycler\NPROTECT\00047550.
c:\recycler\NPROTECT\00047551.
c:\recycler\NPROTECT\00047552.
c:\recycler\NPROTECT\00047554.
c:\recycler\NPROTECT\00047555.
c:\recycler\NPROTECT\00047556.
c:\recycler\NPROTECT\00047557.
c:\recycler\NPROTECT\00047558.
c:\recycler\NPROTECT\00047559.
c:\recycler\NPROTECT\00047694.
c:\recycler\NPROTECT\00057450.
c:\recycler\NPROTECT\00057451.
c:\recycler\NPROTECT\00057453.
D:\2a.exe
D:\Autorun.inf
D:\desktop.ini
D:\fbak.exe
D:\lad.bat
D:\mt.bat
D:\ukvr.bat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DAC970NT
-------\Service_AVPsys
-------\Service_dac970nt


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-28 au 2009-06-29 ))))))))))))))))))))))))))))))))))))
.

2009-06-29 17:14 . 2009-06-29 17:14 -------- d-----w- c:\documents and settings\Yohann\Application Data\Malwarebytes
2009-06-29 17:14 . 2009-06-17 23:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-29 17:13 . 2009-06-29 17:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-29 17:13 . 2009-06-17 23:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-29 17:13 . 2009-06-29 17:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-24 23:55 . 2009-06-24 23:55 -------- d-----w- c:\documents and settings\Samuel\Local Settings\Application Data\Google
2009-06-11 20:57 . 2009-04-30 21:16 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-11 20:57 . 2009-04-30 21:16 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-09 14:02 . 2009-06-09 14:02 -------- d-sh--w- c:\documents and settings\KARINE\PrivacIE
2009-06-09 14:00 . 2009-06-27 03:34 -------- d-----w- c:\documents and settings\KARINE\Local Settings\Application Data\Google
2009-06-06 01:14 . 2009-06-21 20:17 -------- d-----w- c:\program files\Google
2009-06-05 13:09 . 2007-10-23 21:27 184320 ----a-w- c:\documents and settings\Samuel\Application Data\U3\temp\cleanup.exe
2009-06-05 13:00 . 2008-05-02 22:41 3563520 ---ha-w- c:\documents and settings\Samuel\Application Data\U3\temp\Launchpad Removal.exe
2009-06-05 13:00 . 2009-06-05 13:09 -------- d-----w- c:\documents and settings\Samuel\Application Data\U3
2009-06-05 02:01 . 2009-06-05 02:01 372736 ----a-w- c:\documents and settings\Yohann\Local Settings\Application Data\saism.exe
2009-06-03 23:47 . 2009-06-03 23:47 -------- d-----w- c:\documents and settings\KARINE\Application Data\Samsung
2009-06-03 23:28 . 2006-05-04 10:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2009-06-03 23:28 . 2009-06-03 23:28 -------- d-----w- c:\program files\DIFX
2009-06-03 23:27 . 2009-06-03 23:28 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-06-03 23:27 . 2009-06-03 23:45 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-06-03 23:26 . 2009-06-03 23:26 -------- d-----w- c:\program files\Samsung
2009-06-03 10:49 . 2009-06-03 10:49 -------- d-sh--w- c:\documents and settings\Samuel\IECompatCache
2009-06-03 10:49 . 2009-06-03 10:49 -------- d-sh--w- c:\documents and settings\Samuel\PrivacIE
2009-06-03 00:19 . 2009-06-03 00:19 -------- d-sh--w- c:\documents and settings\Samuel\IETldCache
2009-06-02 22:57 . 2009-06-02 22:57 -------- d-sh--w- c:\documents and settings\Yohann\IECompatCache
2009-06-02 22:56 . 2009-06-02 22:56 -------- d-sh--w- c:\documents and settings\Yohann\PrivacIE
2009-06-02 17:20 . 2009-06-02 17:20 -------- d-sh--w- c:\documents and settings\KARINE\IETldCache
2009-06-02 10:56 . 2009-06-02 10:56 -------- d-sh--w- c:\documents and settings\Yohann\IETldCache
2009-06-02 10:41 . 2009-06-02 10:41 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-06-02 00:08 . 2009-06-02 00:09 -------- d--h--w- c:\windows\msdownld.tmp
2009-06-02 00:06 . 2009-06-13 16:53 -------- d-----w- c:\windows\ie8updates
2009-06-01 23:39 . 2009-06-01 23:55 -------- dc-h--w- c:\windows\ie8
2009-06-01 23:27 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-29 16:25 . 2004-09-15 18:23 -------- d-----w- c:\program files\Symantec
2009-06-29 16:25 . 2004-09-15 18:23 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-06-29 16:20 . 2004-09-15 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-06-27 18:05 . 2009-05-22 21:49 -------- d-----w- c:\program files\EasyScan
2009-06-21 19:22 . 2007-01-24 20:54 -------- d-----w- c:\documents and settings\Yohann\Application Data\Screenshot Sender
2009-06-21 19:21 . 2004-04-27 06:06 77864 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-21 19:21 . 2004-04-27 06:06 473182 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-18 05:10 . 2008-04-22 17:35 -------- d-----w- c:\program files\XviD
2009-06-15 03:53 . 2008-10-29 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-09 14:24 . 2009-03-24 20:09 -------- d-----w- c:\documents and settings\KARINE\Application Data\AdobeUM
2009-06-09 01:20 . 2006-12-30 02:10 -------- d-----w- c:\documents and settings\Yohann\Application Data\AdobeUM
2009-06-04 12:38 . 2004-04-27 06:05 250368 ----a-w- c:\windows\system32\mshta.exe
2009-06-03 23:26 . 2004-04-27 09:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-30 03:02 . 2009-05-30 03:00 -------- d-----w- c:\program files\LimeWire
2009-05-24 00:04 . 2009-05-24 00:04 -------- d-----w- c:\documents and settings\KARINE\Application Data\dupefacedebug
2009-05-23 14:14 . 2009-05-23 14:14 -------- d-----w- c:\documents and settings\Yohann\Application Data\live-player
2009-05-23 14:13 . 2009-05-23 14:11 -------- d-----w- c:\program files\Live-Player
2009-05-23 13:24 . 2007-01-24 20:57 -------- d-----w- c:\documents and settings\Yohann\Application Data\dupefacedebug
2009-05-23 13:24 . 2007-01-24 21:15 344576 ----a-w- c:\documents and settings\Yohann\Application Data\dupefacedebug\bagsatomloud.exe
2009-05-23 13:23 . 2007-01-24 21:11 425984 -c--a-w- c:\documents and settings\Yohann\Application Data\dupefacedebug\View Beep Wave Htm.exe
2009-05-23 13:23 . 2000-01-01 13:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Part Long Boob Idle
2009-05-23 13:23 . 2009-05-23 13:23 786432 ----a-w- c:\documents and settings\Yohann\Application Data\dupefacedebug\cvucovlw.exe
2009-05-23 13:23 . 2007-01-24 21:03 -------- d-----w- c:\documents and settings\All Users\Application Data\batchicflagpoke
2009-05-23 13:22 . 2009-05-23 13:22 -------- d-----w- c:\program files\dupefacedebug
2009-05-23 13:21 . 2007-01-24 20:57 569344 ----a-w- c:\documents and settings\Yohann\Application Data\dupefacedebug\Size Grid Amok.exe
2009-05-23 13:20 . 2007-01-24 20:51 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-23 00:04 . 2009-05-23 00:04 -------- d-----w- c:\documents and settings\KARINE\Application Data\ACD Systems
2009-05-21 19:14 . 2001-06-09 06:00 174562 ----a-w- C:\unins000.exe
2009-05-21 17:37 . 2009-02-15 06:36 1007616 ----a-w- c:\documents and settings\All Users\Application Data\Part Long Boob Idle\proc sect.exe
2009-05-13 05:04 . 2004-04-27 06:06 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-10 17:09 . 2004-04-27 09:10 -------- d-----w- c:\program files\Java
2009-05-10 17:03 . 2009-05-10 17:03 152576 ----a-w- c:\documents and settings\Yohann\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-07 15:33 . 2004-04-27 06:05 348672 ----a-w- c:\windows\system32\localspl.dll
2009-04-19 19:50 . 2004-04-27 06:06 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:53 . 2004-09-15 12:18 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-07 12:23 . 2004-04-27 06:16 241664 ----a-w- c:\windows\system32\sndvol32.exe
.

------- Sigcheck -------

[7] 2004-08-19 23:10 14336 2979B03D5382A602623C0535B16AB9C0 c:\windows\$NtServicePackUninstall$\svchost.exe
[7] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\system32\svchost.exe

[-] 2005-03-02 18:20 578048 C34920EB988CE98910BD6B0417F334EB c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2007-03-08 15:50 579072 4D88AAF39ADABFE45958EA1384E2C4FF c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 15:37 578560 753354F594809A9B96F73999B435A533 c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2002-11-22 19:29 529920 !HASH: ERROR_LOCK_VIOLATION ! c:\windows\$NtUninstallKB824141$\user32.dll
[-] 2003-04-24 11:00 561152 !HASH: ERROR_LOCK_VIOLATION ! c:\windows\$NtUninstallKB826939$\user32.dll
[7] 2004-08-19 23:09 578048 61C8C283AD063BB697AE61A155C64A5A c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2005-03-02 18:10 578048 0DF75FB73F705B011630159A43D7C354 c:\windows\$NtUninstallKB925902$\user32.dll
[7] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\system32\user32.dll

[7] 2004-08-19 23:09 82944 EED74B969B2CA1ACC558FF60FB420E28 c:\windows\$NtServicePackUninstall$\ws2_32.dll
[7] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\system32\ws2_32.dll

[-] 2004-09-29 18:47 660992 61CDCAB341ADE3482101DA90FCC793AC c:\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll
[-] 2005-01-27 17:12 662016 66A10B98F18FD804236AB2D90301DE04 c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
[-] 2005-05-02 20:58 663040 0996B57CC2ABCB271872296E98A18DB2 c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll
[-] 2005-03-10 07:48 662016 06AD0B0F43286CD50AF283762EB56763 c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll
[-] 2005-07-03 02:10 663552 39846B1AC2B99349272EE6E075C3B8AF c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[-] 2005-10-21 03:39 665600 D327378CEEF9A141C7352691FC30A0DA c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2006-03-04 04:00 667648 241DBC4C2714B2F39AFDED49459ED420 c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-05-10 05:26 667648 44FCC339191ADB8892520DFA473C455F c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll
[-] 2006-06-23 11:25 668672 582953780721AC5D38F98CAB229EC7B9 c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
[-] 2006-09-14 08:38 668672 B8B6F05885A6F42724E8D6BFEDE6BD3F c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll
[7] 2007-03-23 09:29 823296 375B58A68A016546535A84060092325C c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[7] 2007-04-25 08:26 823808 47DDAD237F60729DEA2B9E0E2382B58F c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[7] 2007-10-10 23:22 825344 871AE10D6AE8877E9636AE5017953D52 c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[7] 2008-03-01 12:34 827392 5A0093F59B505C008ED0CEE615563C72 c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[7] 2008-06-23 15:40 827904 52589BAE67DD9859724287372668690B c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 09:10 827904 4B0E70D44297877A313045BD059770E1 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-10-16 19:33 827904 37D1A1BFE3D9904F2C3D11592456F9C0 c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 23:47 827904 4E192082A5FCE9EF19198A24CDEA3442 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2009-03-03 00:15 828416 39F71B559A97ED722F939A0EA7235323 c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2009-05-13 05:08 915456 722E8ABB39238BAD1B1E13D97C49DB4D c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2004-08-19 23:09 660480 4E958B97EFC3D801F49283D1820F48B7 c:\windows\$NtServicePackUninstall$\wininet.dll
[7] 2004-08-19 23:09 660480 4E958B97EFC3D801F49283D1820F48B7 c:\windows\$NtUninstallKB834707$\wininet.dll
[-] 2004-09-29 18:49 660992 A1F5B2FC31EF3986BCA19F72DDE0B922 c:\windows\$NtUninstallKB867282$\wininet.dll
[-] 2005-03-10 08:04 660992 BA7CDA9917332A6E1FAA1B46BC3AB5FD c:\windows\$NtUninstallKB883939$\wininet.dll
[-] 2005-01-27 17:14 660992 B16B02F3C804F057DAB099CC15ED0206 c:\windows\$NtUninstallKB890923$\wininet.dll
[-] 2005-05-02 20:57 662016 FFE3E6FB8D52955A2DE4C6CC765B02BC c:\windows\$NtUninstallKB896727$\wininet.dll
[-] 2005-07-03 02:16 662528 E994E704303F07F331B03EE9ED6D9E2D c:\windows\$NtUninstallKB905915$\wininet.dll
[-] 2005-10-21 03:41 662528 E41E8FDF62CF20F2E2B16D800D96EB51 c:\windows\$NtUninstallKB912812$\wininet.dll
[-] 2006-03-04 03:35 662528 19E1A21F21BC938A92EE8BE630994493 c:\windows\$NtUninstallKB916281$\wininet.dll
[-] 2006-05-10 05:24 662528 343FABBF09312842816E92947AACF73A c:\windows\$NtUninstallKB918899$\wininet.dll
[-] 2006-06-23 11:11 663040 4F343F414F05E81CF61B1001634FC6B7 c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2006-09-14 08:40 663040 B1E994472F3574DB141266F1AA905433 c:\windows\ie7\wininet.dll
[7] 2006-11-08 01:03 818688 92995334F993E6E49C25C6D02EC04401 c:\windows\ie7updates\KB928090-IE7\wininet.dll
[7] 2007-01-12 13:27 822784 BE43D00D802C92F01C8CC952C6F483F8 c:\windows\ie7updates\KB931768-IE7\wininet.dll
[7] 2007-02-27 13:26 822784 75DE73E328E300CAED5965FAEA2F5D3F c:\windows\ie7updates\KB933566-IE7\wininet.dll
[7] 2007-04-25 07:40 822784 2C138AB59E2FFA06E8952AE656E443C5 c:\windows\ie7updates\KB942615-IE7\wininet.dll
[7] 2007-10-10 23:49 824832 BC5119C53BDD48DABC628D448A3BDCCB c:\windows\ie7updates\KB947864-IE7\wininet.dll
[7] 2008-03-01 12:58 826368 8E027981DDFFA690D456FE18B37415A0 c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2008-06-23 16:28 826368 AC0BD61DC2C64906FBFE50E005FEFA2C c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-08-26 08:11 826368 E30CACD98479B36A3DBFA3267BF62DD0 c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-10-16 20:18 826368 CFBFA47415E85018E2CDC509E5E3D011 c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-12-20 22:47 826368 0551C946E305CEE0A79BA744DC141BFC c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2009-03-03 00:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\ie8\wininet.dll
[7] 2009-03-08 16:34 914944 6CE32F7778061CCC5814D5E0F282D369 c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2008-04-14 02:33 670208 4A6E04EA20F48D750D9BFED8600D516B c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2007-04-25 07:40 822784 2C138AB59E2FFA06E8952AE656E443C5 c:\windows\SoftwareDistribution\Download\ebbcebc699908c8a5fbb5bd6e9eb2f5b\backup\sp2gdr\wininet.dll
[7] 2007-04-25 07:40 822784 2C138AB59E2FFA06E8952AE656E443C5 c:\windows\SoftwareDistribution\Download\ebbcebc699908c8a5fbb5bd6e9eb2f5b\backup\sp2qfe\wininet.dll
[7] 2009-05-13 05:04 915456 FEADC209186574B0471D694FF5634F70 c:\windows\system32\wininet.dll
[7] 2009-05-13 05:04 915456 FEADC209186574B0471D694FF5634F70 c:\windows\system32\dllcache\wininet.dll

[-] 2005-05-25 19:07 359936 63FDFEA54EB53DE2D863EE454937CE1E c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2006-01-13 17:07 360448 5562CC0A47B2AEF06D3417B733F3C195 c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2004-08-04 06:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB893066$\tcpip.sys
[-] 2005-05-25 19:04 359808 88763A98A4C26C409741B4AA162720C9 c:\windows\$NtUninstallKB913446$\tcpip.sys
[-] 2006-01-13 02:28 359808 583E063FDC888CA30D05C2724B0D7EF4 c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys

[7] 2004-08-19 23:10 506368 123EEA158F74D0F67A51DCDF065D1091 c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\system32\winlogon.exe

[7] 2004-08-04 06:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys

[7] 2004-08-04 06:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys

[-] 2005-03-02 18:13 2059008 5311776074B6C13F983DC75BAEAC9C0C c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 16:08 2061440 7A56A64EB50399613587E90292DD2AAB c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 11:17 2068224 ED5E20AE4AC5A63A4FF43FFE704A5153 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 13:39 2065024 DCBC1A6D150B5EE1BD6257186157B0F3 c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
[7] 2008-08-14 13:23 2068096 8DA71F1900721E1E4FCB5B02D55FB771 c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[7] 2008-08-15 07:26 2068096 755B50949D0DBC0F0136B0DB58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 13:44 2059776 F9720D61DF1E3E47614C4FC891F3FE44 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2003-04-24 11:00 1951488 !HASH: ERROR_LOCK_VIOLATION ! c:\windows\$NtUninstallKB826939$\ntkrnlpa.exe
[-] 2003-04-24 17:16 1953024 !HASH: ERROR_LOCK_VIOLATION ! c:\windows\$NtUninstallKB831905$\ntkrnlpa.exe
[7] 2004-08-19 23:04 2058880 F252FAE094C54572ECE38A039F2103C4 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
[-] 2005-03-02 18:07 2058880 73FA9C95D235844A36968C7852C7DBDD c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[7] 2008-08-14 13:23 2068096 8DA71F1900721E1E4FCB5B02D55FB771 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2008-04-14 02:07 2067968 B71A8F101CEFAF82FC5EC16130A54A3F c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2007-02-28 16:02 2059648 A1D5231403329478AE4FE2778C55C77F c:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe
[7] 2009-02-11 07:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2008-04-14 02:07 2067968 B71A8F101CEFAF82FC5EC16130A54A3F c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[7] 2009-02-11 07:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\ntkrnlpa.exe
[7] 2009-02-11 07:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\dllcache\ntkrnlpa.exe

[-] 2005-03-02 18:13 2181632 3E2A0A4A0C0B19FC113618A9562A3B2A c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 16:08 2184192 8E244108562E0E452EB68DFF64CB08A9 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[7] 2009-02-11 07:16 2191232 BEF458B8424553279E95E250D1E0CE7E c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 13:39 2188032 C6649255E51F145B6E15C505AB68E459 c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[7] 2008-08-14 13:23 2191232 C8D4D5974F9671DA0A37175650912960 c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[7] 2008-08-15 07:26 2191232 D79210549BBF09B7638E860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 13:44 2182400 449566D74B5C261A3A54AA216F0C532B c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2003-04-24 11:00 2045824 !HASH: ERROR_LOCK_VIOLATION ! c:\windows\$NtUninstallKB826939$\ntoskrnl.exe
[-] 2003-04-24 17:16 1929344 !HASH: ERROR_LOCK_VIOLATION ! c:\windows\$NtUninstallKB831905$\ntoskrnl.exe
[7] 2004-08-19 23:04 2183040 7D38CE4398E6AA6339B4644FEADCC0D8 c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
[-] 2005-03-02 18:08 2181376 63729DD0F2AAE36CC52B89C05505146C c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[7] 2008-08-14 13:23 2191232 C8D4D5974F9671DA0A37175650912960 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2008-04-14 02:08 2191104 099D639DA1EF6968D4E41795BB507E6B c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2007-02-28 16:02 2182400 7D6D19AAC51A4325F6039F083C22303C c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe
[7] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2008-04-14 02:08 2191104 099D639DA1EF6968D4E41795BB507E6B c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[7] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\ntoskrnl.exe
[7] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\dllcache\ntoskrnl.exe

[7] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\explorer.exe
[-] 2007-06-13 13:10 1037312 B795475444D6D57A572C14B9E1A29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 13:22 1037312 D0288319660EDCFED07C7E74C4EA38A5 c:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2004-08-19 23:09 1036288 2A7BD330924252A2FD80344FC949BB72 c:\windows\$NtUninstallKB938828$\explorer.exe
[7] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\ServicePackFiles\i386\explorer.exe

[7] 2009-02-09 11:16 111104 62789101F9C2401ED598AA2CDE7450C0 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2004-08-19 23:10 108544 63DCDE1A0D86EEB8924D6738FF616EAD c:\windows\$NtServicePackUninstall$\services.exe
[7] 2008-04-14 02:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\$NtUninstallKB956572$\services.exe
[-] 2003-04-24 11:00 101888 FC0691097471EE374907E1024EDCBD43 c:\windows\$NtUninstallq817434$\services.exe
[7] 2008-04-14 02:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\ServicePackFiles\i386\services.exe
[7] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\services.exe
[7] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\dllcache\services.exe

[7] 2004-08-19 23:09 13312 259AF82A0932EEA4F316F92DB94707B6 c:\windows\$NtServicePackUninstall$\lsass.exe
[7] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\ServicePackFiles\i386\lsass.exe
[7] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\system32\lsass.exe

[7] 2004-08-19 23:09 15360 64E41E8FEE655B03E3F19DED21BA5118 c:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\system32\ctfmon.exe

[-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2004-08-19 23:10 57856 DF9FC62AD51CB082B0AE371919A232CB c:\windows\$NtUninstallKB896423$\spoolsv.exe
[7] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\ServicePackFiles\i386\spoolsv.exe
[7] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\system32\spoolsv.exe

[7] 2004-08-19 23:10 112640 FC21787F32E3793A4C7C02D2BFAA5AE0 c:\windows\$NtServicePackUninstall$\wuauclt.exe
[7] 2008-04-14 02:34 112640 7E3DEFE771CB451B0FF630BFA435417E c:\windows\ServicePackFiles\i386\wuauclt.exe
[7] 2008-10-17 02:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe
[7] 2008-10-17 02:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe

[7] 2004-08-19 23:10 25088 84717891F0734C611721F56C60B5FBC3 c:\windows\$NtServicePackUninstall$\userinit.exe
[7] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\ServicePackFiles\i386\userinit.exe
[7] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\userinit.exe

[7] 2004-08-19 23:09 297984 78F90C3E230AD122BCB116ABAD5FEFE9 c:\windows\$NtServicePackUninstall$\termsrv.dll
[7] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\system32\termsrv.dll

[-] 2006-07-05 10:58 1050112 FB85EF2A6713E3A58A497E093626B93C c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2007-04-16 16:11 1051136 62E3F0E9ABFCBCEE62C51546F622C455 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[7] 2009-03-21 14:00 1056768 C3AF0EEE26B59484E674673E3016AAB7 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2007-04-16 15:53 1049600 6F1FE2AE7B22EB9CED1BFF533C9455EA c:\windows\$NtServicePackUninstall$\kernel32.dll
[7] 2004-08-19 23:09 1048576 C88F74591579DBDE273C61312B2D3886 c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2006-07-05 10:56 1049088 CE4AF1FA47A29ADF97CB107775CE395C c:\windows\$NtUninstallKB935839$\kernel32.dll
[7] 2008-04-14 02:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 02:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\ServicePackFiles\i386\kernel32.dll
[7] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\kernel32.dll
[7] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\dllcache\kernel32.dll

[7] 2004-08-19 23:09 17408 29D5E58FB089C41898A81BD4C8970F22 c:\windows\$NtServicePackUninstall$\powrprof.dll
[7] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\system32\powrprof.dll

[7] 2004-08-19 23:09 110080 E55DAFA1A354BD5CB69151563DC9748A c:\windows\$NtServicePackUninstall$\imm32.dll
[7] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\system32\imm32.dll

[7] 2004-08-19 23:09 1548288 6D8F3AC555E3F8A569AA9B2A817698C1 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[7] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\system32\sfcfiles.dll

[7] 2004-08-19 23:09 176640 7E9D138DC991BCCE6E6026CD74E69CC4 c:\windows\$NtServicePackUninstall$\appmgmts.dll
[7] 2008-04-14 02:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\ServicePackFiles\i386\appmgmts.dll
[7] 2008-04-14 02:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\system32\appmgmts.dll

[7] 2004-08-19 23:00 25216 E798705E8DC7FAB596EF6BFDF167E007 c:\windows\$NtServicePackUninstall$\kbdclass.sys
[7] 2008-04-14 02:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\ServicePackFiles\i386\kbdclass.sys
[7] 2008-04-14 02:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\system32\drivers\kbdclass.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-15 143360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-07 3963232]
"ares"="c:\program files\Ares\Ares.exe" [2008-08-21 888832]
"ONCEDALE"="c:\docume~1\Yohann\APPLIC~1\DUPEFA~1\Size Grid Amok.exe" [2009-05-23 569344]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-21 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2004-01-26 335872]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2004-01-26 188416]
"00THotkey"="c:\windows\System32\00THotkey.exe" [2004-03-29 327680]
"SmoothView"="c:\program files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2004-03-30 200704]
"SigmaTel StacMon"="c:\program files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe" [2003-08-03 167993]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2003-10-30 266240]
"TouchED"="c:\program files\TOSHIBA\TouchED\TouchED.Exe" [2003-03-11 122880]
"TMESRV.EXE"="c:\program files\TOSHIBA\TME3\TMESRV31.EXE" [2004-04-13 204800]
"TMERzCtl.EXE"="c:\program files\TOSHIBA\TME3\TMERzCtl.EXE" [2003-10-29 151552]
"PRONoMgr.exe"="c:\program files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2003-12-10 258048]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 323584]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 262144]
"DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 303165]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-17 122880]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-04-08 237568]
"Watch"="c:\progra~1\Minitel\Watch.exe" [2009-06-29 532480]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-02-09 263696]
"BigDog305"="c:\windows\VM305_STI.EXE" [2007-01-05 135168]
"000StTHK"="000StTHK.exe" - c:\windows\system32\000StTHK.exe [2001-06-23 307200]
"TFNF5"="TFNF5.exe" - c:\windows\system32\TFNF5.exe [2003-12-02 151552]
"LTSMMSG"="LTSMMSG.exe" - c:\windows\ltsmmsg.exe [2003-04-18 110592]
"TPSMain"="TPSMain.exe" - c:\windows\system32\TPSMain.exe [2004-04-01 344064]
"TFncKy"="TFncKy.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2003-9-15 307200]
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 372064]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2003-12-16 20:49 110592 ----a-w- c:\windows\system32\LgNotify.dll

[COLOR=RED] Les clés de Registre SafeBoot doivent être réparées. Cette machine ne peut pas utiliser le Mode Sans Échec. /COLOR

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\jdk1.2.2\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\System32\\hkcmd.exe"=
"c:\\Program Files\\Intel\\PROSetWireless\\NCS\\PROSet\\PRONoMgr.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Part Long Boob Idle\\Dvd Noun.exe"=
"c:\\WINDOWS\\system32\\ZCfgSvc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Apoint2K\\Apntex.exe"=
"c:\\Program Files\\TOSHIBA\\TME3\\TMERzCtl.EXE"=
"c:\\WINDOWS\\system32\\TFNF5.exe"=
"c:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe"=
"c:\\WINDOWS\\System32\\00THotkey.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpotdd01.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\docume~1\\yohann\\applic~1\\dupefa~1\\bagsatomloud.exe"=
"c:\\DOCUME~1\\ALLUSE~1\\APPLIC~1\\PARTLO~1\\DVDNOU~1.EXE"=
"c:\\Program Files\\Fichiers communs\\Microsoft Shared\\Source Engine\\OSE.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\WINDOWS\\system32\\WISPTIS.EXE"=
"c:\\Program Files\\TOSHIBA\\Utilitaire de zoom TOSHIBA\\SmoothView.exe"=
"c:\\WINDOWS\\System32\\igfxtray.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe"=
"c:\\Program Files\\TOSHIBA\\TME3\\TMEEJME.EXE"=
"c:\\Program Files\\HP\\hpcoretech\\comp\\hptskmgr.exe"=
"c:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe"=
"c:\\Program Files\\Fichiers communs\\Real\\Update_OB\\RealOneMessageCenter.exe"=
"c:\\Program Files\\QuickTime\\qttask.exe"=
"c:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe"=
"c:\\WINDOWS\\LTSMMSG.exe"=
"c:\\Program Files\\TOSHIBA\\TME3\\Tmesrv31.exe"=
"c:\\WINDOWS\\VM305_STI.EXE"=
"c:\\Program Files\\TOSHIBA\\Commandes TOSHIBA\\TFncKy.exe"=
"c:\\WINDOWS\\system32\\DrvMon.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb09.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jucheck.exe"=
"c:\\Program Files\\Apoint2K\\Apoint.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe"=
"c:\\WINDOWS\\system32\\TPSMain.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\TOSHIBA\\TouchED\\TouchED.Exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\ComboFix\\NirCmd.cfexe"=
"c:\\DOCUME~1\\Yohann\\LOCALS~1\\Temp\\windcfo.exe"=

R1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.SYS [26/04/2004 21:52 5760]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [29/03/2009 16:05 55152]
R2 Tmesrv;Tmesrv3;c:\program files\Toshiba\TME3\TMESRV31.EXE [26/04/2004 21:52 204800]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 611184]
S3 vvftav;vvftav;c:\windows\system32\drivers\vvftav.sys [12/03/2009 13:08 474368]
S3 ZSMC0305;USB PC Camera VC305;c:\windows\system32\drivers\usbVM305.sys [12/03/2009 13:08 1466624]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - DAC970NT
.
Contenu du dossier 'Tâches planifiées'

2009-06-29 c:\windows\Tasks\B399000D938EB60D.job
- c:\docume~1\yohann\applic~1\dupefa~1\bagsatomloud.exe [2007-01-24 13:24]

2009-06-29 c:\windows\Tasks\User_Feed_Synchronization-{48298ACB-BA62-4A4D-BB50-BDB12478A77D}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 16:31]

2009-06-29 c:\windows\Tasks\User_Feed_Synchronization-{CED57D18-F915-4275-B8B2-E6B1E8825EEC}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 16:31]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-STYLEXP - c:\program files\TGTSoft\StyleXP\StyleXP.exe


.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} - hxxp://minitelweb.minitel.com/imin_data/ocx/MDM.cab
FF - ProfilePath - c:\documents and settings\Yohann\Application Data\Mozilla\Firefox\Profiles\8t92fo6r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-29 10:11
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
BigDog305 = c:\windows\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)???????????????????0?????????@??????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040AC1900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(892)
c:\windows\System32\LgNotify.dll

- - - - - - - > 'explorer.exe'(1296)
c:\windows\system32\eappprxy.dll
c:\program files\TOSHIBA\TME3\TMEEJMD.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\TPwrCfg.DLL
c:\windows\system32\TPwrReg.dll
c:\windows\system32\TPSTrace.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\S24EvMon.exe
c:\windows\system32\ZCfgSvc.exe
c:\program files\Toshiba\ConfigFree\CFSvcs.exe
c:\windows\system32\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Toshiba\TME3\TMEEJME.exe
c:\program files\Toshiba\Commandes TOSHIBA\TFncKy.exe
c:\windows\system32\1XConfig.exe
c:\windows\system32\TPSBattM.exe
c:\program files\Apoint2K\ApntEx.exe
c:\docume~1\Yohann\LOCALS~1\temp\windcfo.exe
.
**************************************************************************
.
Heure de fin: 2009-06-29 10:29 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-29 22:29

Avant-CF: 1 061 457 920 octets libres
Après-CF: 2 277 228 544 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

546 --- E O F --- 2009-06-15 03:54
0
Utilisateur anonyme
30 juin 2009 à 13:09
RE
*Télécharges Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe

*Double-cliques sur RSIT.exe.

*Cliques sur Continue à l'écran Disclaimer.

*Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

*Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

*Les rapports se trouvent également ici: C:\rsit.
A+
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
30 juin 2009 à 15:39
oui ok je le ferai mais là je suis au boulot donc quand je rentre je le fais!!

Mais c'est grave mon probleme?
0
Utilisateur anonyme
30 juin 2009 à 15:47
RE
Non, ce n'est pas specialement grave, il y avait plusieurs infections, on en a deja supprime une bonne partie.
Ce que tu vas faire ce soir, c'est juste des rapports d'analyse de ton PC, ca me permet de voir si il en reste encore.
Donc une fois que tu me les auras poste, ca sera peut etre un peu long, le temps que je regardes tout ca.
A+
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
30 juin 2009 à 16:01
ok!!merci bcp
0
je pense ke tu a le virus baggle ... cherche de ce coté la
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
1 juil. 2009 à 04:36
1er texte

info.txt logfile of random's system information tool 1.06 2009-06-30 14:35:36

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{B5D8CCBF-08D8-46C0-8B04-3BC0CAEDA094}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
ACDSee 6.0 PowerPack-->MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
Adobe Acrobat and Reader 6.0.4 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
Adobe Acrobat and Reader 6.0.5 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
Adobe Acrobat and Reader 6.0.6 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000606}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7646-A00000000001}
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
Ares 2.0.9-->"C:\Program Files\Ares\uninstall.exe"
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
BSPlayer-->"C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Codec Pack - All In 1 6.0.2.6-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Combined Community Codec Pack 2007-07-22-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Commandes TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL
Console TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}\Setup.exe" -l0x40c
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Favorit-->"c:\documents and settings\yohann\local settings\application data\oiuowqo.exe" -uninstall
Finance 2003 version 10.01-->"C:\Program Files\SoftChris\Finance 2003\unins000.exe"
FL Studio 6-->C:\Program Files\Image-Line\FL Studio 6\uninstall.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Gestion d'énergie TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\System32\TPSDel.dll"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Helix YUV Codecs (remove only)-->"C:\WINDOWS\system32\uninstHelixYUV.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Yohann\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp deskjet 5600-->msiexec /x{DB5518BE-F40F-407A-B451-012625D4497B}
HP Deskjet 6500-->msiexec /x{3D50E33F-0DB8-4E3B-B75C-2B872A33D87B}
HP Image Zone 3.5-->C:\Program Files\Hewlett-Packard\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photo and Imaging 2.0 - Deskjet Series-->MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
hp print screen utility-->C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
HP PSC & OfficeJet 3.5-->"C:\Program Files\Hewlett-Packard\Digital Imaging\{18E0918E-1060-48f3-925C-56C82E88551B}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
Huffyuv AVI lossless video codec (Remove Only)-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
Intel(R) PROSet for Wireless-->MsiExec.exe /I{5380063E-2909-4d72-BFA3-625881F2E78B}
InterVideo WinDVD for Toshiba-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jdk1.2.2-->C:\unins000.exe
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 5.1.3-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}\Setup.exe" -l0x40c
MatroskaProp (remove only)-->C:\Program Files\MatroskaProp\MatroskaProp-uninstall.exe
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micromega Software System EasyScan-->"C:\Program Files\EasyScan\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote 2003-->MsiExec.exe /I{91A1040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Visio Standard 2003-->MsiExec.exe /I{9153040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Minitel-->C:\PROGRA~1\Minitel\UNWISE.EXE C:\PROGRA~1\Minitel\INSTALL.LOG
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MRT Codecs Pack-->C:\Program Files\MRT Codecs Pack\Uninstall.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MUSK Codec Pack v5-->"C:\Program Files\MUSK Codec Pack v5\unins000.exe"
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
Outil de diagnostic PC TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf
Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf
Pdf995-->c:\pdf995\setup.exe uninstall
PdfEdit995-->c:\pdf995\res\utilities\thinsetup.exe - uninstall
Pilotes Audio SigmaTel AC97-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7959721D-8268-4565-9E0E-C41A9F4848A9}\setup.exe" -l0x40c -nodialog -uninstall
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083} /l1036
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Signature995-->c:\pdf995\res\utilities\Signature995\thinsetup.exe - uninstall
Steinberg Cubase SX v2.01-->C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL
TOSHIBA Mobile Extension3 pour Windows XP V3.63.00.XP-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\TME3\Uninst.isu"
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Utilities-->tutildel.exe
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81}
USB PC Camera VC305-->C:\Program Files\InstallShield Installation Information\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0305}\setup.exe -runfromtemp -l0x040c -removeonly
Utilitaire Activer/désactiver la tablette tactile TOSHIBA V2.05.00-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\TouchED\Uninst.isu" -c"C:\Program Files\TOSHIBA\TouchED\tpedinst.dll"
Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\setup.exe"
Utilitaire TOSHIBA d'accès direct aux périphériques d’affichage-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TFNF5Wxp.inf,DefaultUninstall,5
Utilitaire TOSHIBA de changement d'écran-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TDspBtn.inf,DefaultUninstall,5
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
VP6 VFW Codec-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A23866A0-738B-4091-9924-0B0DE3988A15}\Setup.exe" -l0x9
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPhone-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" ControlPanel
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"

======System event log======

Computer Name: YOUR-6A8NPIK1EI
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{5C50B0BD-3F95-4299-8C03-FB05DE7EF206} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 5
Source Name: Tcpip
Time Written: 20090624121246.000000-720
Event Type: Informations
User:

Computer Name: YOUR-6A8NPIK1EI
Event Code: 4202
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{EB15ED99-64D8-44DD-8E43-0DC7E1EBD7D5} était déconnectée du réseau,
et la configuration réseau de la carte a été abandonnée. Si la carte
réseau n'était pas déconnectée, ceci peut indiquer un disfonctionnement.
Contactez le fabricant pour des pilotes mis à jour.

Record Number: 4
Source Name: Tcpip
Time Written: 20090624121236.000000-720
Event Type: Informations
User:

Computer Name: YOUR-6A8NPIK1EI
Event Code: 1001
Message: L'ordinateur a redémarré après une vérification d'erreur. La vérification d'erreur était :
0x1000008e (0xc0000005, 0x02f0000c, 0xed0776ac, 0x00000000).
Un vidage a été enregistré dans : C:\WINDOWS\Minidump\Mini062409-01.dmp.

Record Number: 3
Source Name: Save Dump
Time Written: 20090624121233.000000-720
Event Type: Informations
User:

Computer Name: YOUR-6A8NPIK1EI
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20090624121233.000000-720
Event Type: Informations
User:

Computer Name: YOUR-6A8NPIK1EI
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090624121233.000000-720
Event Type: Informations
User:

=====Application event log=====

Computer Name: YOUR-6A8NPIK1EI
Event Code: 101
Message:
Record Number: 31834
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090512134809.000000-720
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: YOUR-6A8NPIK1EI
Event Code: 101
Message:
Record Number: 31833
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090512134254.000000-720
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: YOUR-6A8NPIK1EI
Event Code: 101
Message:
Record Number: 31832
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090512133739.000000-720
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: YOUR-6A8NPIK1EI
Event Code: 101
Message:
Record Number: 31831
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090512133223.000000-720
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: YOUR-6A8NPIK1EI
Event Code: 101
Message:
Record Number: 31830
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090512132708.000000-720
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung\Samsung PC Studio 3
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0d06
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"VERSION"=3.0.4.007
"SESSIONID"=1107634993868htx69311e9eb:1025fafa2bc:-190d
"COLLECTIONID"=COL8143
"ITEMID"=dj-22741-14
"UPDATEDIR"=C:\DOCUME~1\Samuel\LOCALS~1\Temp\rad07642.tmp
"TOOLPATH"=/C:\Program%20Files\Hewlett-Packard\HP%20Software%20Update\install.htm
"HMSERVER"=https://wwss1pro.cce.hp.com/wuss/servlet/WUSSServlet
"SWUTVER"=1.0.18.30716
"OSVER"=winXPP
"LANG"=1036
"TIMEOUT"=0
"CLASSPATH"=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip

-----------------EOF-----------------
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
1 juil. 2009 à 04:37
2e texte


Logfile of random's system information tool 1.06 (written by random/random)
Run by Yohann at 2009-06-30 14:35:13
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 3 GB (17%) free of 19 GB
Total RAM: 495 MB (5% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:35:29, on 30/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\LTSMMSG.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\VM305_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\DOCUME~1\Yohann\LOCALS~1\Temp\winyyau.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\Yohann\Bureau\RSIT.exe
C:\Documents and Settings\Yohann\Bureau\Yohann.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\Minitel\Watch.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [ONCEDALE] C:\DOCUME~1\Yohann\APPLIC~1\DUPEFA~1\Size Grid Amok.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-492032045-3788039796-3834117943-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Samuel')
O4 - HKUS\S-1-5-21-492032045-3788039796-3834117943-1005\..\Run: [toscdspd] C:\Program Files\Toshiba\Toscdspd\TOSCDSPD.EXE (User 'Samuel')
O4 - HKUS\S-1-5-21-492032045-3788039796-3834117943-1005\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe (User 'Samuel')
O4 - HKUS\S-1-5-21-492032045-3788039796-3834117943-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Samuel')
O4 - HKUS\S-1-5-21-492032045-3788039796-3834117943-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Samuel')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file:///C:\Program Files\TOSHIBA\Free Update Service\splash.html
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095245312088
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
0
teeyo Messages postés 32 Date d'inscription lundi 29 juin 2009 Statut Membre Dernière intervention 8 octobre 2010
1 juil. 2009 à 04:38
ok clarisse75!! ;)
0
Utilisateur anonyme
1 juil. 2009 à 10:34
RE
Peut tu me dire ce que c'est:
-Sur le bureau: Yohann.exe ?
-Et ca: Grid Amok.exe? Un jeu? Est ce toi qui l'a utilise, telecharge, desinstalle?
-------------------------------------------------------------
*Telecharges Navilog 1 de Il Mafioso
*Tu le lances et tu fais l'option 1
*A la fin de l'examen, appuyes sur une touche pour faire apparaitre le rapport.
*Tu fais un copier/coller de ce rapport a la suite ci dessous.
Si le rapport n'apparait pas, il est dans C:/ sous le nom de cleannavi.txt
Un Tuto
A+
0