Probleme de cheval de troie Win32

Résolu
asgorns -  
moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour, j ai un soucis avec le cheval de troie win32.spyware gen qui c est fourré apperement d apres avast dans mon dossier c:\WINDOWS\CREATOR et le nom du fichier infecté est ToolsCDLauncher.exe j ai lu d autres postes et j ai vu qu il fallait faire un scan ac hijacthis que j ai fais le voici

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:54:22, on 22/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\svchost.exe
C:\program files\ncsoft\launcher\NCLauncher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\HiJackThis.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\OTM.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.youtube.com/c/MyWebs
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.youtube.com/c/MyWebs
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O3 - Toolbar: Deenero - {5F1C03FD-025E-4786-AF80-C2EF5C979115} - C:\Program Files\Deenero\Deenero.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [iycgeec] "c:\documents and settings\hp_administrateur.nom-fb9b15d2723\local settings\application data\iycgeec.exe" iycgeec
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [NCsoft Launcher] C:\program files\ncsoft\launcher\NCLauncher.exe /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: WorldTime.lnk = C:\Program Files\PawPrint.net\WorldTime\worldtime.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice133.exe

--
End of file - 14518 bytes

maintenant que dois je faire svp?
Configuration: Windows XP
Firefox 3.5.7

28 réponses

  • 1
  • 2
  1. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    bonjour

    plusieurs infections...

    Infection Navipromo….Pour info :

    Il s'installe via certains programmes, dont ceux-ci qu'il faut éviter à tout prix:
    * Funky Emoticons
    * go-astro
    * Games Attack
    * GoRecord
    * HotTVPlayer / HotTVPlayer & Paris Hilton
    * Live-Player
    * MailSkinner
    * Messenger Skinner
    * Instant Access
    * InternetGameBox
    * Officiale Emule (Version d'Emule modifiée)
    * Original Solitaire
    * SuperSexPlayer
    * Speed Downloading
    * Sudoplanet
    * Webmediaplayer

    il faudrait télécharge navilog1 sur le bureau :
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Certaines infections bloquent les téléchargements d' outils de désinfection utilisez ce lien alternatif:
    http://ww38.toofiles.com/fr/oip/documents/exe/yop3.html

    1°Double-clique sur navilog1.exe présent sur ton bureau
    2°Sélectionnez la langue désirée dans le menu puis valide le choix par la touche « entrer »
    3°Petit message d’avertissement, appuyez sur une touche pour passe à la suite
    4°un nouveau avertissement, appuie sur une touche pour suivre
    5°Vérification de l’installation de Navilog1 : si tout est bon, appuyez sur une touche pour continuer
    6°Choisir option 1 : recherche/désinfection automatique
    7°La recherche va se lancer automatiquement et peut durée quelques minutes, patientez
    8°Une fois l’analyse terminé, fermez et enregistrez votre travail en cours, puis appuiez sur une touche pour que votre pc puisse démarrer
    9°Au redémarrage du pc, Navilog va supprimer ce qu’il a trouvé, patientez quelques instants.

    Un rapport est gèneré par l'outil. Il se trouve à cette emplacement :
    XP : demarrer/poste de travail/c:/cleannavi.txt
    Vista : logo « demarrer »/ordinateur/c:/ cleannavi.txt

    0
  2. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    ben en fait ton premier lien mets page introuvable et le deuxieme files not found as tu un autre lien stp?

    en tout cas merci de ta réponse super rapide
    0
  3. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    ah non c est bon sa a fonctionné donc je suis tes consignes
    0
  4. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    je viens de voir que tu possède spybot

    Désactiver le TeaTimer de Spybot (Merci à Nico et nathandre):
    Pour désactiver le TeaTimer :
    => Ouvrir Spybot S&D
    => Dans le menu "Mode", séléctionner le mode avancé.
    => Une fenêtre demande confirmation cliquer sur "oui".
    => Une fois le mode avancé actif, ouvrir l'onglet "Outils".
    => Cliquer sur Résident.
    => La partie Résident comporte deux lignes qui sont normalement cochées :
    *Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.
    * Résident "TeaTimer" (Protection des réglages système fondamentaux) actif
    => Décocher la ligne TeaTimer.
    => Redémarrer Spybot (le fermer et le réouvrir)
    => Retourner dans le menu Résident et vérifier qu'il soit bien désactivé

    Spybot va géner les outils

    en attente du rapport navilog...
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    Fix Navipromo version 4.0.6 commencé le 22/01/2010 10:52:24,87

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.20GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : HP_Administrateur ( Administrator )
    BOOT : Normal boot

    Antivirus : Microsoft Security Essentials 2.0.6212.0 (Activated)

    C:\ (Local Disk) - NTFS - Total:270 Go (Free:16 Go)
    D:\ (Local Disk) - FAT32 - Total:8 Go (Free:3 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - NTFS - Total:149 Go (Free:0 Go)

    Recherche executée en mode normal

    [b]Aucune Infection Navipromo/Egdaccess trouvée/b

    *** Scan terminé 22/01/2010 10:52:45,31 ***

    il semblerait que se soit bon
    0
  7. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    sinon j ai un autre soucis peut etre peux tu m aider j ai une fenetre qui s ouvre tres souvent sorte de fenetre de logiciel qui veut se mettre a jour c est windows installer et c est grave emmerdant car sa insiste régulierement surtt au démarage
    0
  8. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ok c'est noté pour ton soucis

    je suis surpris par ton rapport navilog !

    l'as tu fais une seule fois ou plusieurs ?

    Téléchargez Toolbar-S&D ( Merci à Eric_71, Angel Dark, Sham_Rock et XmichouX ) sur le Bureau

    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

    Lancez l'installation du programme en exécutant le fichier téléchargé.
    Double-cliquez maintenant sur le raccourci de Toolbar-S&D.
    Sélectionnez la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
    Choisir maintenant l'option 2 suppression
    Patientez jusqu'à la fin de la recherche.
    Postez le rapport généré. (C:\TB.txt)

    Tuto: https://sites.google.com/site/toolbarsd/aideenimages
    0
  9. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.20GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : HP_Administrateur ( Administrator )
    BOOT : Normal boot
    Antivirus : Microsoft Security Essentials 2.0.6212.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:270 Go (Free:15 Go)
    D:\ (Local Disk) - FAT32 - Total:8 Go (Free:3 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - NTFS - Total:149 Go (Free:0 Go)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [2] ( 22/01/2010|11:23 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\AskBarDis\bar
    Supprime! - C:\Program Files\AskBarDis\PopSwatter
    Supprime! - C:\Program Files\AskBarDis\unins000.dat
    Supprime! - C:\Program Files\AskBarDis\unins000.exe
    Supprime! - C:\Program Files\Kiwee Toolbar\2.9.201
    Supprime! - C:\Program Files\AskBarDis
    Supprime! - C:\Program Files\Kiwee Toolbar

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ Extensions

    (HP_Administrateur.NOM-FB9B15D2723) - {1280606b-2510-4fe0-97ef-9b5a22eafe41} => fission
    (HP_Administrateur.NOM-FB9B15D2723) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
    (HP_Administrateur.NOM-FB9B15D2723) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
    (HP_Administrateur.NOM-FB9B15D2723) - {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904} => tinymenu
    (HP_Administrateur.NOM-FB9B15D2723) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.youtube.com/c/MyWebs"
    "Search Page"="https://www.youtube.com/c/MyWebs"
    "Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.youtube.com/c/MyWebs"
    "Default_Search_URL"="https://www.youtube.com/c/MyWebs"
    "Search Page"="https://www.youtube.com/c/MyWebs"
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.msn.com/fr-fr/"

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    1 - "C:\ToolBar SD\TB_1.txt" - 22/01/2010|11:30 - Option : [2]

    -----------\\ Fin du rapport a 11:30:36,26

    voilla
    0
  10. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    Téléchargez MalwareByte's Anti-Malware

    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    . Enregistres le sur le bureau
    . Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
    . Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
    . Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
    . Une fois la mise à jour terminé
    . Rend-toi dans l'onglet, Recherche
    . Sélectionnes Exécuter un examen complet
    . Cliques sur Rechercher
    . Le scan démarre.
    . A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    . Cliques sur Ok pour poursuivre.
    . Si des malwares ont été détectés, clique sur Afficher les résultats
    . Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
    . Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
    . Rends toi dans l'onglet rapport/log
    . Tu cliques dessus pour l'afficher, une fois affiché
    . Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
    . Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
    . tu cliques droit dans le cadre de la reponse et coller

    Si tu as besoin d'aide regarde ces tutoriels :
    Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
    0
  11. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3614
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    23/01/2010 10:43:43
    mbam-log-2010-01-23 (10-43-43).txt

    Type de recherche: Examen complet (C:\|D:\|J:\|)
    Eléments examinés: 266916
    Temps écoulé: 2 hour(s), 8 minute(s), 41 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 3
    Clé(s) du Registre infectée(s): 34
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 3
    Dossier(s) infecté(s): 31
    Fichier(s) infecté(s): 159

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\questservice (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QuestService Service (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.1.0.1190 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840 (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840\Data (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\components (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630 (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
    C:\Documents and Settings\All Users\Application Data\QuestService\questservice133.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\QuestService\questservice.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\QuestService\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\ExtractZipFile.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_RSS.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.1.0.1190\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.1.0.1190\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.1.0.1190\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.1.0.1190\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.1.0.1190\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.1.0.1190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.1.0.1190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPACommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870\config.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870\data.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.1.0.1870\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091104-171241.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091104-214710.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091105-003015.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091105-094128.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091105-174852.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091106-180002.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091107-112700.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091107-215200.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091108-194914.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091109-195016.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091111-145750.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091111-161326.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091112-121903.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091112-143746.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091113-125910.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-212550.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-212610.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-212944.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-221353.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-230542.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-020645.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-032928.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-033333.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-040430.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-171832.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-171834.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-175729.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-190623.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-204229.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-115637.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-173026.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-231522.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-231525.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-011329.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-011331.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-092217.336.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-184658.586.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091220-164701.863.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091220-174622.193.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091220-175728.115.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091222-215002.378.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091224-023048.929.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091224-163720.242.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091224-221739.384.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-015537.826.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-113607.556.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091228-192631.040.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091229-201109.243.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091230-000631.837.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091231-051611.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091231-051813.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091231-081032.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091231-203549.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20100101-214000.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20100102-195035.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20100103-212223.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Mozilla Firefox\searchPlugins\questservice127.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Mozilla Firefox\searchPlugins\questservice133.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
    0
  12. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    redemarres le pc pour que les suppressions soient effectives

    ensuite tu peux vider la quarantaine

    ................

    • Télécharge Random's System Information Tool (RSIT) de Random/Random.

    http://images.malwareremoval.com/random/RSIT.exe

    • Enregistre le sur ton Bureau.

    • Double clique sur RSIT.exe pour lancer l'outil.

    • Clique sur "Continue" à l'écran Disclaimer.

    • Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)

    et tu devras accepter la licence.

    • Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp

    Les rapports se trouvent à cet endroit:
    C:\rsit\info.txt
    C:\rsit\log.txt
    0
  13. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    RSIT?
    0
  14. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    (sourire)

    tu ne l'avais pas

    et j'ai modifie mon post précédent du coup
    0
  15. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by HP_Administrateur at 2010-01-23 11:15:40
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 2 GB (1%) free of 277 GB
    Total RAM: 3582 MB (71% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:15:58, on 23/01/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Microsoft Security Essentials\msseces.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\NCsoft\Launcher\NCLauncher.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\RSIT.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\trend micro\HP_Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.youtube.com/c/MyWebs
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.youtube.com/c/MyWebs
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.youtube.com/c/MyWebs
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.youtube.com/c/MyWebs
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.youtube.com/c/MyWebs
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
    O3 - Toolbar: Deenero - {5F1C03FD-025E-4786-AF80-C2EF5C979115} - C:\Program Files\Deenero\Deenero.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [NCsoft Launcher] C:\Program Files\NCsoft\Launcher\NCLauncher.exe /Minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
    O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Startup: WorldTime.lnk = C:\Program Files\PawPrint.net\WorldTime\worldtime.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    0
  16. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    info.txt logfile of random's system information tool 1.06 2010-01-23 11:16:03

    ======Uninstall list======

    -->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
    -->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
    Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Aion-->"C:\Program Files\InstallShield Installation Information\{50844825-7F6A-4419-8545-756CAA2BF2CF}\setup.exe" -runfromtemp -l0x0009 -removeonly
    Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
    Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
    avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{D9DAF1AF-D9B7-4397-A3B6-AFA27D329DAB}
    Condition Zero Deleted Scenes-->"C:\Program Files\Steam\steam.exe" steam://uninstall/100
    Condition Zero-->"C:\Program Files\Steam\steam.exe" steam://uninstall/80
    Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
    CoreVorbis Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
    Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
    Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
    Dark Messiah Might and Magic Multi-Player-->"C:\Program Files\Steam\steam.exe" steam://uninstall/2130
    Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30
    Décompression des fichiers-->C:\UNWISE.EXE C:\INSTALL.LOG
    Deenero-->"C:\Program Files\Deenero\uninstall.exe"
    Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
    Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
    Divinity II - Ego Draconis-->"C:\Program Files\Divinity II - Ego Draconis\unins000.exe"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
    Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
    Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
    getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220
    High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
    HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
    HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
    HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
    HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
    HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
    HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
    HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
    HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
    HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
    HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
    HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
    HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
    HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86}
    Huffyuv AVI lossless video codec (Remove Only)-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
    Impulse-->"C:\Documents and Settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe" REMOVE=TRUE MODIFY=FALSE
    Impulse-->C:\Documents and Settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe
    Install(Fr)-->C:\Program Files\InstallShield Installation Information\{E32B0931-C97B-48E1-A466-27D4088060EF}\setup.exe -runfromtemp -l0x040c -removeonly
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Intel(R) Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe
    Intel(R) Network Connections Drivers-->Prounstl.exe
    Intel(R) Quick Resume Technology Drivers-->MsiExec.exe /I{8C22F265-DE76-44D1-8A79-A71D819137DA}
    Intel(R) Quick Resume Technology Drivers-->MsiExec.exe /X{8C22F265-DE76-44D1-8A79-A71D819137DA} /qb!
    J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
    Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    Le logiciel Intel® Viiv™-->MsiExec.exe /X{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
    LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
    Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    MediaBar-->C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
    Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
    Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
    Microsoft AutoRoute 2006-->MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Money-->c:\program files\microsoft money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
    Microsoft Photo 2006 Standard Edition-->"C:\Program Files\Fichiers communs\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM VERSION=11
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
    Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Multimedia Keyboard Driver-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{31C63A8A-D9AB-4300-828B-86B41F59FAE1}
    muvee autoProducer 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E073D315-3C54-44BF-A1B2-B5583AEA618C}\setup.exe" -l0x40c
    muvee autoProducer unPlugged 1.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}\setup.exe" -l0x40c
    NCsoft Launcher-->"C:\Program Files\InstallShield Installation Information\{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}\setup.exe" -runfromtemp -l0x0009 -removeonly
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
    NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
    OpenOffice.org 2.2-->MsiExec.exe /I{BF516A44-48E3-4319-BBF6-B4B66E9F76FA}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
    QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sélecteur d'installation de Microsoft Works 2006-->C:\Program Files\Microsoft Works Suite 2006\Setup\Launcher.exe /ARP E:\
    Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
    Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
    Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    Sony Ericsson PC Suite 1.20.224-->MsiExec.exe /I{7689CA7A-1270-425A-9959-EB4CB25EA29A}
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Warcraft III-->C:\Program Files\Fichiers communs\Blizzard Entertainment\Warcraft III\Uninstall.exe
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
    Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
    Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
    Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: avast! Antivirus
    AV: Microsoft Security Essentials

    ======System event log======

    Computer Name: ASGORNS
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 12191
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: ASGORNS
    Event Code: 7036
    Message: Le service Windows Installer est entré dans l'état : en cours d'exécution.

    Record Number: 12190
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User:

    Computer Name: ASGORNS
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer.

    Record Number: 12189
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: ASGORNS
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

    Record Number: 12188
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: ASGORNS
    Event Code: 7036
    Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

    Record Number: 12187
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: ASGORNS
    Event Code: 100
    Message:
    Record Number: 8894
    Source Name: SNL HiveManager
    Time Written: 20100111165942.000000+060
    Event Type: Avertissement
    User:

    Computer Name: ASGORNS
    Event Code: 1000
    Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

    Record Number: 8893
    Source Name: Application Error
    Time Written: 20100111043002.000000+060
    Event Type: erreur
    User:

    Computer Name: ASGORNS
    Event Code: 1001
    Message: Détecteur d'erreurs 1594792460.

    Record Number: 8892
    Source Name: Application Error
    Time Written: 20100111042951.000000+060
    Event Type: erreur
    User:

    Computer Name: ASGORNS
    Event Code: 1000
    Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

    Record Number: 8891
    Source Name: Application Error
    Time Written: 20100111042947.000000+060
    Event Type: erreur
    User:

    Computer Name: ASGORNS
    Event Code: 1000
    Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

    Record Number: 8890
    Source Name: Application Error
    Time Written: 20100111031525.000000+060
    Event Type: erreur
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel
    "PROCESSOR_REVISION"=0602
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    0
  17. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    info.txt logfile of random's system information tool 1.06 2010-01-23 11:16:03

    ======Uninstall list======

    -->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
    -->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
    Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Aion-->"C:\Program Files\InstallShield Installation Information\{50844825-7F6A-4419-8545-756CAA2BF2CF}\setup.exe" -runfromtemp -l0x0009 -removeonly
    Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
    Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
    avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{D9DAF1AF-D9B7-4397-A3B6-AFA27D329DAB}
    Condition Zero Deleted Scenes-->"C:\Program Files\Steam\steam.exe" steam://uninstall/100
    Condition Zero-->"C:\Program Files\Steam\steam.exe" steam://uninstall/80
    Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
    CoreVorbis Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
    Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
    Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
    Dark Messiah Might and Magic Multi-Player-->"C:\Program Files\Steam\steam.exe" steam://uninstall/2130
    Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30
    Décompression des fichiers-->C:\UNWISE.EXE C:\INSTALL.LOG
    Deenero-->"C:\Program Files\Deenero\uninstall.exe"
    Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
    Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
    Divinity II - Ego Draconis-->"C:\Program Files\Divinity II - Ego Draconis\unins000.exe"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
    Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
    Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
    getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220
    High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
    HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
    HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
    HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
    HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
    HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
    HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
    HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
    HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
    HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
    HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
    HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
    HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
    HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86}
    Huffyuv AVI lossless video codec (Remove Only)-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
    Impulse-->"C:\Documents and Settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe" REMOVE=TRUE MODIFY=FALSE
    Impulse-->C:\Documents and Settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe
    Install(Fr)-->C:\Program Files\InstallShield Installation Information\{E32B0931-C97B-48E1-A466-27D4088060EF}\setup.exe -runfromtemp -l0x040c -removeonly
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Intel(R) Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe
    Intel(R) Network Connections Drivers-->Prounstl.exe
    Intel(R) Quick Resume Technology Drivers-->MsiExec.exe /I{8C22F265-DE76-44D1-8A79-A71D819137DA}
    Intel(R) Quick Resume Technology Drivers-->MsiExec.exe /X{8C22F265-DE76-44D1-8A79-A71D819137DA} /qb!
    J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
    Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    Le logiciel Intel® Viiv™-->MsiExec.exe /X{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
    LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
    Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    MediaBar-->C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
    Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
    Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
    Microsoft AutoRoute 2006-->MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Money-->c:\program files\microsoft money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
    Microsoft Photo 2006 Standard Edition-->"C:\Program Files\Fichiers communs\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM VERSION=11
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
    Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Multimedia Keyboard Driver-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{31C63A8A-D9AB-4300-828B-86B41F59FAE1}
    muvee autoProducer 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E073D315-3C54-44BF-A1B2-B5583AEA618C}\setup.exe" -l0x40c
    muvee autoProducer unPlugged 1.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}\setup.exe" -l0x40c
    NCsoft Launcher-->"C:\Program Files\InstallShield Installation Information\{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}\setup.exe" -runfromtemp -l0x0009 -removeonly
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
    NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
    OpenOffice.org 2.2-->MsiExec.exe /I{BF516A44-48E3-4319-BBF6-B4B66E9F76FA}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
    QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sélecteur d'installation de Microsoft Works 2006-->C:\Program Files\Microsoft Works Suite 2006\Setup\Launcher.exe /ARP E:\
    Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
    Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
    Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    Sony Ericsson PC Suite 1.20.224-->MsiExec.exe /I{7689CA7A-1270-425A-9959-EB4CB25EA29A}
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Warcraft III-->C:\Program Files\Fichiers communs\Blizzard Entertainment\Warcraft III\Uninstall.exe
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
    Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
    Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
    Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: avast! Antivirus
    AV: Microsoft Security Essentials

    ======System event log======

    Computer Name: ASGORNS
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 12191
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: ASGORNS
    Event Code: 7036
    Message: Le service Windows Installer est entré dans l'état : en cours d'exécution.

    Record Number: 12190
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User:

    Computer Name: ASGORNS
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer.

    Record Number: 12189
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: ASGORNS
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

    Record Number: 12188
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: ASGORNS
    Event Code: 7036
    Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

    Record Number: 12187
    Source Name: Service Control Manager
    Time Written: 20091026075827.000000+060
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: ASGORNS
    Event Code: 100
    Message:
    Record Number: 8894
    Source Name: SNL HiveManager
    Time Written: 20100111165942.000000+060
    Event Type: Avertissement
    User:

    Computer Name: ASGORNS
    Event Code: 1000
    Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

    Record Number: 8893
    Source Name: Application Error
    Time Written: 20100111043002.000000+060
    Event Type: erreur
    User:

    Computer Name: ASGORNS
    Event Code: 1001
    Message: Détecteur d'erreurs 1594792460.

    Record Number: 8892
    Source Name: Application Error
    Time Written: 20100111042951.000000+060
    Event Type: erreur
    User:

    Computer Name: ASGORNS
    Event Code: 1000
    Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

    Record Number: 8891
    Source Name: Application Error
    Time Written: 20100111042947.000000+060
    Event Type: erreur
    User:

    Computer Name: ASGORNS
    Event Code: 1000
    Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

    Record Number: 8890
    Source Name: Application Error
    Time Written: 20100111031525.000000+060
    Event Type: erreur
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel
    "PROCESSOR_REVISION"=0602
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    0
  18. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    bien infecté encore

    on va arranger ca

    1)
    Téléchargez USBFIX de El Desaparecido, C_xx

    http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
    ou
    https://www.ionos.fr/?affiliate_id=77097

    /!\ Utilisateur de vista et windows 7 :
    ne pas oublier de désactiver Le contrôle des comptes utilisateurs
    https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

    /!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

    • Double clic sur le raccourci UsbFix présent sur le bureau .

    Choisir l'option2 suppression
    (d’autres options disponibles, voir le tutoriel).
    • Laissez travailler l'outil.
    Le menu démarrer et les icônes vont disparaître.. c'est normal.

    Si un message te demande de redémarrer l'ordinateur fais le ...

    ● Au redémarrage, le fix se relance... laisses l'opération s'effectuer.

    ● Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse

    • Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    • Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    • Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

    UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097

    Il est enregistré sur ton bureau.

    Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.

    Merci

    ........................

    2)
    Téléchargez et enregistrez le fichier d installation sur le bureau
    http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

    Double cliquez sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.
    Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
    Au menu principal choisir Option L Lancer le nettoyage
    et tapez sur [entrée] .
    Laissez travailler l'outil et ne touchez à rien ...
    Postez le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    0
  19. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    ############################## | UsbFix V6.077 |

    User : HP_Administrateur (Administrateurs) # ASGORNS
    Update on 21/01/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 11:38:32 | 23/01/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Pentium(R) D CPU 3.20GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : avast! Antivirus 5.0.83886457 [ Enabled | Updated ]
    AV : Microsoft Security Essentials 2.0.6212.0 [ Enabled | Updated ]

    C:\ -> Disque fixe local # 270,98 Go (1,85 Go free) [HP_PAVILION] # NTFS
    D:\ -> Disque fixe local # 8,46 Go (3,85 Go free) [HP_RECOVERY] # FAT32
    E:\ -> Disque CD-ROM
    F:\ -> Disque amovible
    G:\ -> Disque amovible
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque fixe local # 149,04 Go (371,64 Mo free) [HP Personal Media Drive] # NTFS

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe 664
    C:\WINDOWS\system32\csrss.exe 716
    C:\WINDOWS\system32\winlogon.exe 740
    C:\WINDOWS\system32\services.exe 788
    C:\WINDOWS\system32\lsass.exe 800
    C:\WINDOWS\system32\nvsvc32.exe 980
    C:\WINDOWS\system32\svchost.exe 1012
    C:\WINDOWS\system32\svchost.exe 1080
    c:\Program Files\Microsoft Security Essentials\MsMpEng.exe 1176
    C:\WINDOWS\System32\svchost.exe 1216
    C:\WINDOWS\system32\svchost.exe 1320
    C:\WINDOWS\system32\svchost.exe 1404
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 1572
    C:\WINDOWS\Explorer.EXE 1768
    C:\WINDOWS\system32\spoolsv.exe 204
    C:\Program Files\Alwil Software\Avast5\setup\avast.setup 580
    C:\WINDOWS\system32\svchost.exe 652
    C:\Program Files\Bonjour\mDNSResponder.exe 708
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 1280
    C:\Program Files\Java\jre6\bin\jqs.exe 1296
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 1340
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE 1672
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1696
    C:\WINDOWS\system32\svchost.exe 1824
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE 428
    C:\WINDOWS\system32\SearchIndexer.exe 1264
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe 1652
    C:\WINDOWS\ehome\mcrdsvc.exe 1708
    C:\WINDOWS\system32\wuauclt.exe 2180
    C:\WINDOWS\system32\wbem\wmiprvse.exe 2184
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe 2716
    C:\WINDOWS\System32\alg.exe 2724

    ################## | Elements infectieux |

    Supprimé ! C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\RavMonLog
    Supprimé ! C:\Recycler\S-1-5-21-1409082233-1078081533-682003330-500
    Supprimé ! C:\Recycler\S-1-5-21-2248609772-2671577554-601185746-1007
    Supprimé ! C:\Recycler\S-1-5-21-2519129616-1202306879-24657660-1007
    Supprimé ! D:\autorun.inf
    Supprimé ! J:\autorun.inf
    Supprimé ! J:\$Recycle.Bin\S-1-5-21-376671459-3618405775-3804636930-1000
    Supprimé ! J:\Recycler\S-1-5-21-2248609772-2671577554-601185746-1007
    Supprimé ! J:\Recycler\S-1-5-21-2519129616-1202306879-24657660-1007

    ################## | Registre |

    ################## | Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\K\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{2cc3b15f-b5c2-11da-a6a8-d3508a7c698c}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{770b9573-a30d-11de-b875-001731a0c886}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{9b6c3632-7109-11dd-b7ab-de1bcfc366b7}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{9b6c3633-7109-11dd-b7ab-de1bcfc366b7}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{a4f608d9-417c-11de-b847-00c0a8b72f8f}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{a5d701c9-8cf7-11dd-b7b8-87dcb4d32675}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{f157732c-a976-11de-b87b-001731a0c886}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [11/08/2006 23:15|--ah-----|100] C:\AUTOEXEC.BAT
    [21/08/2008 11:08|-rahs----|211] C:\BOOT.BAK
    [24/09/2009 15:29|-rahs----|289] C:\boot.ini
    [10/08/2004 05:00|-rahs----|4952] C:\Bootfont.bin
    [22/01/2010 10:52|--a------|1000] C:\cleannavi.txt
    [10/08/2004 05:00|-r-hs----|263488] C:\cmldr
    [10/10/2005 19:34|--ah-----|0] C:\CONFIG.SYS
    [18/06/2008 19:09|--a------|216] C:\DebugTrace-RockallDLL.log
    [30/11/2009 13:47|--ahs----|1379840] C:\ehthumbs.db
    [?|?|?] C:\hiberfil.sys
    [21/10/2006 10:27|--a------|1120] C:\INSTALL.LOG
    [10/10/2005 19:34|-rahs----|0] C:\IO.SYS
    [10/10/2005 19:34|-rahs----|0] C:\MSDOS.SYS
    [10/08/2004 05:00|-rahs----|47564] C:\NTDETECT.COM
    [01/02/2009 15:44|-rahs----|252240] C:\ntldr
    [29/02/2004 16:44|--a------|52576] C:\orange.bmp
    [?|?|?] C:\pagefile.sys
    [18/03/2006 05:31|--a------|12] C:\RecoveryCD.txt
    [22/01/2008 16:54|--a------|159] C:\Setup.log
    [27/12/2005 15:21|--a------|7477561] C:\setup_all.exe
    [22/01/2010 11:30|--a------|2564] C:\TB.txt
    [25/06/1999 10:55|--a------|149504] C:\UNWISE.EXE
    [19/05/1999 10:40|--a------|5885] C:\UNWISE.INI
    [01/09/2009 13:02|--a------|825] C:\updatedatfix.log
    [23/01/2010 11:42|--a------|5282] C:\UsbFix.txt
    [27/07/2001 21:07|---hs----|0] D:\AUTOEXEC.BAT
    [09/01/2002 09:52|---hs----|244] D:\BOOT.INI
    [17/08/2001 00:26|---hs----|237728] D:\CMLDR
    [27/07/2001 21:07|---hs----|0] D:\CONFIG.SYS
    [25/05/2005 09:48|---hs----|102] D:\Desktop.ini
    [17/12/2007 08:43|--ahs----|64512] D:\ehthumbs.db
    [30/11/2004 10:01|---hs----|73728] D:\Info.exe
    [27/07/2001 21:07|---hs----|0] D:\IO.SYS
    [27/07/2001 21:07|---hs----|0] D:\MSDOS.SYS
    [25/07/2001 13:00|---hs----|45124] D:\NTDETECT.COM
    [25/07/2001 13:00|---hs----|222880] D:\NTLDR
    [12/09/2006 13:24|-r-hs----|26] D:\RCBoot.sys
    [29/04/2004 14:37|---hs----|4096] D:\Thumbs.db
    [08/02/2002 14:44|---hs----|88038] D:\Warning.bmp
    [17/03/2006 10:16|---hs----|16] D:\BLOCK.RIN
    [25/01/2002 08:21|---hs----|0] D:\GRAPH16
    [30/04/2001 11:16|---hs----|14] D:\Graph
    [17/08/2001 06:32|---hs----|0] D:\NTFS
    [17/03/2006 09:17|---hs----|36] D:\SAVEFILE.DIR
    [30/04/2001 11:16|---hs----|14] D:\SVGA
    [18/08/2001 06:00|---hs----|10] D:\WIN51
    [22/01/2001 05:00|---hs----|11] D:\WIN51.B2
    [25/07/2001 06:00|---hs----|11] D:\WIN51.RC1
    [25/07/2001 11:47|---hs----|11] D:\WIN51.RC2
    [18/08/2001 06:00|---hs----|10] D:\WIN51IC
    [20/03/2001 05:00|---hs----|11] D:\WIN51IC.B2
    [25/07/2001 06:00|---hs----|11] D:\WIN51IC.RC1
    [25/07/2001 06:00|---hs----|11] D:\WIN51IC.RC2
    [17/08/2001 06:00|---hs----|10] D:\WIN51IP
    [22/01/2001 05:00|---hs----|11] D:\WIN51IP.B2
    [25/07/2001 11:47|---hs----|11] D:\WIN51IP.RC2
    [17/08/2001 04:17|---hs----|184] D:\WINBOM.INI
    [10/09/2002 08:21|---hs----|7850] D:\Folder.htt
    [10/09/2002 05:58|---hs----|181616] D:\protect.ed
    [13/09/2006 20:26|---hs----|974] D:\MASTER.LOG
    [11/08/2006 14:16|---hs----|18] D:\USER
    [15/01/2008 00:59|---hs----|348160] J:\msvcr71.dll

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # D:\autorun.inf -> Dossier créé par UsbFix.
    # J:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Crack > Keygen > Serial |

    ################## | Upload |

    Veuillez envoyer le fichier : C:\DOCUME~1\HP_ADM~1.NOM\Bureau\UsbFix_Upload_Me_ASGORNS.zip : https://www.ionos.fr/?affiliate_id=77097
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.077 ! |
    0
  20. asgorns Messages postés 14 Date d'inscription   Statut Membre
     
    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 21.01.2010 à 9:13
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 11:59:00, 23/01/2010 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: ASGORNS | Utilisateur actuel: HP_Administrateur
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    C:\DOCUME~1\HP_ADM~1.NOM\APPLIC~1\Mozilla\FireFox\Profiles\zwdpl8l3.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\DOCUME~1\HP_ADM~1.NOM\APPLIC~1\Mozilla\FireFox\Profiles\zwdpl8l3.default\searchplugins\ask.xml
    C:\DOCUME~1\HP_ADM~1.NOM\APPLIC~1\Mozilla\FireFox\Profiles\zwdpl8l3.default\searchplugins\mywebsearch.xml
    C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\DOCUME~1\HP_ADM~1.NOM\MENUDM~1\PROGRA~1\Deenero
    C:\Program Files\AskSearch
    C:\Program Files\Deenero
    C:\Program Files\Gameztar Toolbar
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Deenero
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Gameztar Toolbar
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Kiwee Toolbar
    C:\Documents and Settings\LocalService\Application Data\agi

    (!) -- Fichiers temporaires supprimés.

    .
    HKCU\software\appdatalow\AskBarDis
    HKCU\software\AskBarDis
    HKCU\software\CMW
    HKCU\Software\Microsoft\Internet Explorer\ProtocolExecute\deenero
    HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    HKLM\software\AskBarDis
    HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKLM\Software\Classes\CLSID\{3716644a-ce84-4f54-9b90-568e7408e542}
    HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKLM\Software\Classes\CLSID\{5F1C03FD-025E-4786-AF80-C2EF5C979115}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{8B459A17-69F6-4571-9362-1368CA4E7D63}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\CLSID\{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}
    HKLM\Software\Classes\CLSID\{F871AA6E-FE10-453B-84E4-670AEBCAF487}
    HKLM\software\classes\deenero
    HKLM\software\classes\Deenero.Deenero.1
    HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
    HKLM\Software\Classes\Interface\{FC2A289A-F036-4566-A38A-A2A992E76D30}
    HKLM\Software\Classes\TypeLib\{386235E3-C550-4D78-A634-87C72E6780A1}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
    HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19c186c0-7502-492e-bf03-69821f0b2589}
    HKLM\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
    HKLM\software\microsoft\windows\currentversion\uninstall\Deenero
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.5.7 [fr] *
    .
    Nom du profil: zwdpl8l3.default (HP_Administrateur)
    .
    (HP_ADM~1.NOM, prefs.js) Browser.download.lastDir, C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Bureau
    (HP_ADM~1.NOM, prefs.js) Browser.search.defaultenginename, Live Search
    (HP_ADM~1.NOM, prefs.js) Browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
    (HP_ADM~1.NOM, prefs.js) Browser.search.selectedEngine, MyWebSearch
    (HP_ADM~1.NOM, prefs.js) Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=ZJfox000&ptb=w7L1R61FvlbZBqiKaRju9g
    (HP_ADM~1.NOM, prefs.js) Extensions.enabledItems, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1,6,2,49,anycolor.pavlos256@gmail.com:0.3.1,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,en-GB@dictionaries.addons.mozilla.org:1.19,notreal.ccoptions@environmentalchemistry.com:1.2.1,fr-FR@dictionaries.addons.mozilla.org:2.1,fr@dictionaries.addons.mozilla.org:2.1,{1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9,{3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091119W,{e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{F2DDDB92-1605-4260-9B25-45A4DAE87B50}:1.0,{d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:2.0.2,treestyletab@piro.sakura.ne.jp:0.8.2009122501,en-US@dictionaries.addons.mozilla.org:4.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
    (HP_ADM~1.NOM, prefs.js) Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
    .
    (HP_ADM~1.NOM, prefs.js) EFFACE - Browser.search.selectedEngine, MyWebSearch
    (HP_ADM~1.NOM, prefs.js) EFFACE - Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=ZJfox000&ptb=w7L1R61FvlbZBqiKaRju9g
    (HP_ADM~1.NOM, prefs.js) EFFACE - Extensions.mywebsearch.openSearchURL, hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=ZJfox000&ptb=w7L1R61FvlbZBqiKaRju9g
    (HP_ADM~1.NOM, prefs.js) EFFACE - Extensions.mywebsearch.prevKwdEnabled, true
    (HP_ADM~1.NOM, prefs.js) EFFACE - Extensions.mywebsearch.prevKwdURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
    (HP_ADM~1.NOM, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1
    (HP_ADM~1.NOM, prefs.js) EFFACE - Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
    .
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Local Page: C:\WINDOWS\system32\blank.htm
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    Enable Browser Extensions: yes
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache_TIMESTAMP: caea25a05d01ca01
    Start Page Redirect Cache AcceptLangs: fr
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Start Page: hxxp://fr.msn.com/
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ============== Suspect (Cracks, Serials, ...) ==============
    .
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.3.0.8661_to_1.3.9.9167.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.3.15.9436_to_1.3.18.9563.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.3.18.9563_to_1.4.0.9864.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.3.9.9167_to_1.3.15.9436.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.4.0.9864_to_1.4.1.9891.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.4.1.9891_to_1.4.8.10266.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.4.8.10266_to_1.5.0.10372.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.5.0.10372_to_1.5.1.10390.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.5.1.10390_to_1.5.2.10433.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.5.2.10433_to_1.5.3.10478.exe
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.5.3.10478_to_1.6.3.10747.exe
    .
    ===================================
    .
    8843 Octet(s) - C:\Ad-Report-CLEAN[1].log
    .
    87 Fichier(s) - C:\DOCUME~1\HP_ADM~1.NOM\LOCALS~1\Temp
    28 Fichier(s) - C:\WINDOWS\Temp
    0 Fichier(s) - C:\WINDOWS\Prefetch
    .
    18 Fichier(s) - C:\Ad-Remover\BACKUP
    51 Fichier(s) - C:\Ad-Remover\QUARANTINE
    .
    Fin à: 12:05:34 | 23/01/2010 - CLEAN[1]
    .
    ============== E.O.F ==============
    .

    par contre j ai tjrs sonic update qui se lance intenpestivement et qui revient plusieurs fois d affilé
    0
  21. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    as tu essayer de le supprimer manuellement dans ajout supprim programmes ?
    "SONIC UPDATE MANAGER"
    0
  • 1
  • 2