Sujet Précédent Sujet Suivant

Probleme de cheval de troie Win32

Résolu/Fermé
asgorns - 22 janv. 2010 à 07:01
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 - 25 janv. 2010 à 02:59
Bonjour, j ai un soucis avec le cheval de troie win32.spyware gen qui c est fourré apperement d apres avast dans mon dossier c:\WINDOWS\CREATOR et le nom du fichier infecté est ToolsCDLauncher.exe j ai lu d autres postes et j ai vu qu il fallait faire un scan ac hijacthis que j ai fais le voici


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:54:22, on 22/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\svchost.exe
C:\program files\ncsoft\launcher\NCLauncher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\HiJackThis.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\OTM.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.youtube.com/c/MyWebs
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.youtube.com/c/MyWebs
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O3 - Toolbar: Deenero - {5F1C03FD-025E-4786-AF80-C2EF5C979115} - C:\Program Files\Deenero\Deenero.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [iycgeec] "c:\documents and settings\hp_administrateur.nom-fb9b15d2723\local settings\application data\iycgeec.exe" iycgeec
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [NCsoft Launcher] C:\program files\ncsoft\launcher\NCLauncher.exe /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: WorldTime.lnk = C:\Program Files\PawPrint.net\WorldTime\worldtime.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice133.exe
A voir également:

28 réponses

  • 1
  • 2
Réponse 1 / 28
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
22 janv. 2010 à 07:12
bonjour

plusieurs infections...

Infection Navipromo….Pour info :

Il s'installe via certains programmes, dont ceux-ci qu'il faut éviter à tout prix:
* Funky Emoticons
* go-astro
* Games Attack
* GoRecord
* HotTVPlayer / HotTVPlayer & Paris Hilton
* Live-Player
* MailSkinner
* Messenger Skinner
* Instant Access
* InternetGameBox
* Officiale Emule (Version d'Emule modifiée)
* Original Solitaire
* SuperSexPlayer
* Speed Downloading
* Sudoplanet
* Webmediaplayer

il faudrait télécharge navilog1 sur le bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Certaines infections bloquent les téléchargements d' outils de désinfection utilisez ce lien alternatif:
http://ww38.toofiles.com/fr/oip/documents/exe/yop3.html


1°Double-clique sur navilog1.exe présent sur ton bureau
2°Sélectionnez la langue désirée dans le menu puis valide le choix par la touche « entrer »
3°Petit message d’avertissement, appuyez sur une touche pour passe à la suite
4°un nouveau avertissement, appuie sur une touche pour suivre
5°Vérification de l’installation de Navilog1 : si tout est bon, appuyez sur une touche pour continuer
6°Choisir option 1 : recherche/désinfection automatique
7°La recherche va se lancer automatiquement et peut durée quelques minutes, patientez
8°Une fois l’analyse terminé, fermez et enregistrez votre travail en cours, puis appuiez sur une touche pour que votre pc puisse démarrer
9°Au redémarrage du pc, Navilog va supprimer ce qu’il a trouvé, patientez quelques instants.

Un rapport est gèneré par l'outil. Il se trouve à cette emplacement :
XP : demarrer/poste de travail/c:/cleannavi.txt
Vista : logo « demarrer »/ordinateur/c:/ cleannavi.txt

0
Réponse 2 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
22 janv. 2010 à 07:15
ben en fait ton premier lien mets page introuvable et le deuxieme files not found as tu un autre lien stp?

en tout cas merci de ta réponse super rapide
0
Réponse 3 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
22 janv. 2010 à 07:27
ah non c est bon sa a fonctionné donc je suis tes consignes
0
Réponse 4 / 28
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
22 janv. 2010 à 07:56
je viens de voir que tu possède spybot

Désactiver le TeaTimer de Spybot (Merci à Nico et nathandre):
Pour désactiver le TeaTimer :
=> Ouvrir Spybot S&D
=> Dans le menu "Mode", séléctionner le mode avancé.
=> Une fenêtre demande confirmation cliquer sur "oui".
=> Une fois le mode avancé actif, ouvrir l'onglet "Outils".
=> Cliquer sur Résident.
=> La partie Résident comporte deux lignes qui sont normalement cochées :
*Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.
* Résident "TeaTimer" (Protection des réglages système fondamentaux) actif
=> Décocher la ligne TeaTimer.
=> Redémarrer Spybot (le fermer et le réouvrir)
=> Retourner dans le menu Résident et vérifier qu'il soit bien désactivé

Spybot va géner les outils


en attente du rapport navilog...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
22 janv. 2010 à 10:53
Fix Navipromo version 4.0.6 commencé le 22/01/2010 10:52:24,87

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot

Antivirus : Microsoft Security Essentials 2.0.6212.0 (Activated)


C:\ (Local Disk) - NTFS - Total:270 Go (Free:16 Go)
D:\ (Local Disk) - FAT32 - Total:8 Go (Free:3 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (Local Disk) - NTFS - Total:149 Go (Free:0 Go)


Recherche executée en mode normal


[b]Aucune Infection Navipromo/Egdaccess trouvée/b



*** Scan terminé 22/01/2010 10:52:45,31 ***


il semblerait que se soit bon
0
Réponse 6 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
22 janv. 2010 à 10:55
sinon j ai un autre soucis peut etre peux tu m aider j ai une fenetre qui s ouvre tres souvent sorte de fenetre de logiciel qui veut se mettre a jour c est windows installer et c est grave emmerdant car sa insiste régulierement surtt au démarage
0
Réponse 7 / 28
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
22 janv. 2010 à 11:21
ok c'est noté pour ton soucis

je suis surpris par ton rapport navilog !

l'as tu fais une seule fois ou plusieurs ?

Téléchargez Toolbar-S&D ( Merci à Eric_71, Angel Dark, Sham_Rock et XmichouX ) sur le Bureau

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

Lancez l'installation du programme en exécutant le fichier téléchargé.
Double-cliquez maintenant sur le raccourci de Toolbar-S&D.
Sélectionnez la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisir maintenant l'option 2 suppression
Patientez jusqu'à la fin de la recherche.
Postez le rapport généré. (C:\TB.txt)

Tuto: https://sites.google.com/site/toolbarsd/aideenimages
0
Réponse 8 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
22 janv. 2010 à 11:31
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : Microsoft Security Essentials 2.0.6212.0 (Activated)
C:\ (Local Disk) - NTFS - Total:270 Go (Free:15 Go)
D:\ (Local Disk) - FAT32 - Total:8 Go (Free:3 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (Local Disk) - NTFS - Total:149 Go (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 22/01/2010|11:23 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\PopSwatter
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\Kiwee Toolbar\2.9.201
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\Kiwee Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(HP_Administrateur.NOM-FB9B15D2723) - {1280606b-2510-4fe0-97ef-9b5a22eafe41} => fission
(HP_Administrateur.NOM-FB9B15D2723) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(HP_Administrateur.NOM-FB9B15D2723) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Administrateur.NOM-FB9B15D2723) - {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904} => tinymenu
(HP_Administrateur.NOM-FB9B15D2723) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.youtube.com/c/MyWebs"
"Search Page"="https://www.youtube.com/c/MyWebs"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.youtube.com/c/MyWebs"
"Default_Search_URL"="https://www.youtube.com/c/MyWebs"
"Search Page"="https://www.youtube.com/c/MyWebs"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 22/01/2010|11:30 - Option : [2]

-----------\\ Fin du rapport a 11:30:36,26

voilla
0
Réponse 9 / 28
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
22 janv. 2010 à 11:44
Téléchargez MalwareByte's Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
0
Réponse 10 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
23 janv. 2010 à 11:06
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3614
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

23/01/2010 10:43:43
mbam-log-2010-01-23 (10-43-43).txt

Type de recherche: Examen complet (C:\|D:\|J:\|)
Eléments examinés: 266916
Temps écoulé: 2 hour(s), 8 minute(s), 41 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 34
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 31
Fichier(s) infecté(s): 159

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\questservice (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QuestService Service (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840 (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\3.1.0.1630 (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\QuestService\questservice133.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\QuestService\questservice.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\QuestService\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\ExtractZipFile.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_RSS.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPACommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091104-171241.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091104-214710.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091105-003015.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091105-094128.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091105-174852.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091106-180002.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091107-112700.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091107-215200.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091108-194914.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091109-195016.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091111-145750.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091111-161326.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091112-121903.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091112-143746.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091113-125910.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-212550.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-212610.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-212944.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-221353.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-230542.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-020645.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-032928.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-033333.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-040430.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-171832.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-171834.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-175729.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-190623.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-204229.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-115637.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-173026.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-231522.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091218-231525.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-011329.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-011331.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-092217.336.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091219-184658.586.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091220-164701.863.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091220-174622.193.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091220-175728.115.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091222-215002.378.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091224-023048.929.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091224-163720.242.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091224-221739.384.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-015537.826.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091227-113607.556.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091228-192631.040.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091229-201109.243.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091230-000631.837.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091231-051611.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091231-051813.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091231-081032.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091231-203549.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20100101-214000.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20100102-195035.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20100103-212223.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\searchPlugins\questservice127.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\searchPlugins\questservice133.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
0
Réponse 11 / 28
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
23 janv. 2010 à 11:11
redemarres le pc pour que les suppressions soient effectives

ensuite tu peux vider la quarantaine

................

• Télécharge Random's System Information Tool (RSIT) de Random/Random.

http://images.malwareremoval.com/random/RSIT.exe

• Enregistre le sur ton Bureau.

• Double clique sur RSIT.exe pour lancer l'outil.

• Clique sur "Continue" à l'écran Disclaimer.

• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)

et tu devras accepter la licence.

• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp

Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
0
Réponse 12 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
23 janv. 2010 à 11:13
RSIT?
0
Réponse 13 / 28
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
23 janv. 2010 à 11:14
(sourire)

tu ne l'avais pas

et j'ai modifie mon post précédent du coup
0
Réponse 14 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
23 janv. 2010 à 11:16
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrateur at 2010-01-23 11:15:40
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 2 GB (1%) free of 277 GB
Total RAM: 3582 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:15:58, on 23/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\NCsoft\Launcher\NCLauncher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\trend micro\HP_Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.youtube.com/c/MyWebs
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.youtube.com/c/MyWebs
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {33727f97-486d-4d19-97c3-23f432ef93fc} - (no file)
O3 - Toolbar: Deenero - {5F1C03FD-025E-4786-AF80-C2EF5C979115} - C:\Program Files\Deenero\Deenero.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [NCsoft Launcher] C:\Program Files\NCsoft\Launcher\NCLauncher.exe /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: WorldTime.lnk = C:\Program Files\PawPrint.net\WorldTime\worldtime.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
0
Réponse 15 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
23 janv. 2010 à 11:16
info.txt logfile of random's system information tool 1.06 2010-01-23 11:16:03

======Uninstall list======

-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Aion-->"C:\Program Files\InstallShield Installation Information\{50844825-7F6A-4419-8545-756CAA2BF2CF}\setup.exe" -runfromtemp -l0x0009 -removeonly
Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{D9DAF1AF-D9B7-4397-A3B6-AFA27D329DAB}
Condition Zero Deleted Scenes-->"C:\Program Files\Steam\steam.exe" steam://uninstall/100
Condition Zero-->"C:\Program Files\Steam\steam.exe" steam://uninstall/80
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
CoreVorbis Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Dark Messiah Might and Magic Multi-Player-->"C:\Program Files\Steam\steam.exe" steam://uninstall/2130
Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30
Décompression des fichiers-->C:\UNWISE.EXE C:\INSTALL.LOG
Deenero-->"C:\Program Files\Deenero\uninstall.exe"
Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
Divinity II - Ego Draconis-->"C:\Program Files\Divinity II - Ego Draconis\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86}
Huffyuv AVI lossless video codec (Remove Only)-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
Impulse-->"C:\Documents and Settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe" REMOVE=TRUE MODIFY=FALSE
Impulse-->C:\Documents and Settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe
Install(Fr)-->C:\Program Files\InstallShield Installation Information\{E32B0931-C97B-48E1-A466-27D4088060EF}\setup.exe -runfromtemp -l0x040c -removeonly
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe
Intel(R) Network Connections Drivers-->Prounstl.exe
Intel(R) Quick Resume Technology Drivers-->MsiExec.exe /I{8C22F265-DE76-44D1-8A79-A71D819137DA}
Intel(R) Quick Resume Technology Drivers-->MsiExec.exe /X{8C22F265-DE76-44D1-8A79-A71D819137DA} /qb!
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Le logiciel Intel® Viiv™-->MsiExec.exe /X{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaBar-->C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
Microsoft AutoRoute 2006-->MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money-->c:\program files\microsoft money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Photo 2006 Standard Edition-->"C:\Program Files\Fichiers communs\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM VERSION=11
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Multimedia Keyboard Driver-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{31C63A8A-D9AB-4300-828B-86B41F59FAE1}
muvee autoProducer 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E073D315-3C54-44BF-A1B2-B5583AEA618C}\setup.exe" -l0x40c
muvee autoProducer unPlugged 1.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}\setup.exe" -l0x40c
NCsoft Launcher-->"C:\Program Files\InstallShield Installation Information\{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}\setup.exe" -runfromtemp -l0x0009 -removeonly
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
OpenOffice.org 2.2-->MsiExec.exe /I{BF516A44-48E3-4319-BBF6-B4B66E9F76FA}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sélecteur d'installation de Microsoft Works 2006-->C:\Program Files\Microsoft Works Suite 2006\Setup\Launcher.exe /ARP E:\
Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony Ericsson PC Suite 1.20.224-->MsiExec.exe /I{7689CA7A-1270-425A-9959-EB4CB25EA29A}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Warcraft III-->C:\Program Files\Fichiers communs\Blizzard Entertainment\Warcraft III\Uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! Antivirus
AV: Microsoft Security Essentials

======System event log======

Computer Name: ASGORNS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 12191
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ASGORNS
Event Code: 7036
Message: Le service Windows Installer est entré dans l'état : en cours d'exécution.

Record Number: 12190
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User:

Computer Name: ASGORNS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer.

Record Number: 12189
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ASGORNS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 12188
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ASGORNS
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

Record Number: 12187
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: ASGORNS
Event Code: 100
Message:
Record Number: 8894
Source Name: SNL HiveManager
Time Written: 20100111165942.000000+060
Event Type: Avertissement
User:

Computer Name: ASGORNS
Event Code: 1000
Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

Record Number: 8893
Source Name: Application Error
Time Written: 20100111043002.000000+060
Event Type: erreur
User:

Computer Name: ASGORNS
Event Code: 1001
Message: Détecteur d'erreurs 1594792460.

Record Number: 8892
Source Name: Application Error
Time Written: 20100111042951.000000+060
Event Type: erreur
User:

Computer Name: ASGORNS
Event Code: 1000
Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

Record Number: 8891
Source Name: Application Error
Time Written: 20100111042947.000000+060
Event Type: erreur
User:

Computer Name: ASGORNS
Event Code: 1000
Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

Record Number: 8890
Source Name: Application Error
Time Written: 20100111031525.000000+060
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0602
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 16 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
23 janv. 2010 à 11:17
info.txt logfile of random's system information tool 1.06 2010-01-23 11:16:03

======Uninstall list======

-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Aion-->"C:\Program Files\InstallShield Installation Information\{50844825-7F6A-4419-8545-756CAA2BF2CF}\setup.exe" -runfromtemp -l0x0009 -removeonly
Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{D9DAF1AF-D9B7-4397-A3B6-AFA27D329DAB}
Condition Zero Deleted Scenes-->"C:\Program Files\Steam\steam.exe" steam://uninstall/100
Condition Zero-->"C:\Program Files\Steam\steam.exe" steam://uninstall/80
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
CoreVorbis Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Dark Messiah Might and Magic Multi-Player-->"C:\Program Files\Steam\steam.exe" steam://uninstall/2130
Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30
Décompression des fichiers-->C:\UNWISE.EXE C:\INSTALL.LOG
Deenero-->"C:\Program Files\Deenero\uninstall.exe"
Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
Divinity II - Ego Draconis-->"C:\Program Files\Divinity II - Ego Draconis\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86}
Huffyuv AVI lossless video codec (Remove Only)-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
Impulse-->"C:\Documents and Settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe" REMOVE=TRUE MODIFY=FALSE
Impulse-->C:\Documents and Settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe
Install(Fr)-->C:\Program Files\InstallShield Installation Information\{E32B0931-C97B-48E1-A466-27D4088060EF}\setup.exe -runfromtemp -l0x040c -removeonly
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe
Intel(R) Network Connections Drivers-->Prounstl.exe
Intel(R) Quick Resume Technology Drivers-->MsiExec.exe /I{8C22F265-DE76-44D1-8A79-A71D819137DA}
Intel(R) Quick Resume Technology Drivers-->MsiExec.exe /X{8C22F265-DE76-44D1-8A79-A71D819137DA} /qb!
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Le logiciel Intel® Viiv™-->MsiExec.exe /X{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaBar-->C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
Microsoft AutoRoute 2006-->MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money-->c:\program files\microsoft money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Photo 2006 Standard Edition-->"C:\Program Files\Fichiers communs\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM VERSION=11
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Multimedia Keyboard Driver-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{31C63A8A-D9AB-4300-828B-86B41F59FAE1}
muvee autoProducer 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E073D315-3C54-44BF-A1B2-B5583AEA618C}\setup.exe" -l0x40c
muvee autoProducer unPlugged 1.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}\setup.exe" -l0x40c
NCsoft Launcher-->"C:\Program Files\InstallShield Installation Information\{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}\setup.exe" -runfromtemp -l0x0009 -removeonly
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
OpenOffice.org 2.2-->MsiExec.exe /I{BF516A44-48E3-4319-BBF6-B4B66E9F76FA}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sélecteur d'installation de Microsoft Works 2006-->C:\Program Files\Microsoft Works Suite 2006\Setup\Launcher.exe /ARP E:\
Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony Ericsson PC Suite 1.20.224-->MsiExec.exe /I{7689CA7A-1270-425A-9959-EB4CB25EA29A}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Warcraft III-->C:\Program Files\Fichiers communs\Blizzard Entertainment\Warcraft III\Uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! Antivirus
AV: Microsoft Security Essentials

======System event log======

Computer Name: ASGORNS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 12191
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ASGORNS
Event Code: 7036
Message: Le service Windows Installer est entré dans l'état : en cours d'exécution.

Record Number: 12190
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User:

Computer Name: ASGORNS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer.

Record Number: 12189
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ASGORNS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 12188
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ASGORNS
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

Record Number: 12187
Source Name: Service Control Manager
Time Written: 20091026075827.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: ASGORNS
Event Code: 100
Message:
Record Number: 8894
Source Name: SNL HiveManager
Time Written: 20100111165942.000000+060
Event Type: Avertissement
User:

Computer Name: ASGORNS
Event Code: 1000
Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

Record Number: 8893
Source Name: Application Error
Time Written: 20100111043002.000000+060
Event Type: erreur
User:

Computer Name: ASGORNS
Event Code: 1001
Message: Détecteur d'erreurs 1594792460.

Record Number: 8892
Source Name: Application Error
Time Written: 20100111042951.000000+060
Event Type: erreur
User:

Computer Name: ASGORNS
Event Code: 1000
Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

Record Number: 8891
Source Name: Application Error
Time Written: 20100111042947.000000+060
Event Type: erreur
User:

Computer Name: ASGORNS
Event Code: 1000
Message: Application défaillante avcenter.exe, version 9.0.0.20, module défaillant msvcr90.dll, version 9.0.30729.1, adresse de défaillance 0x0005bb47.

Record Number: 8890
Source Name: Application Error
Time Written: 20100111031525.000000+060
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0602
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 17 / 28
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
23 janv. 2010 à 11:29
bien infecté encore

on va arranger ca

1)
Téléchargez USBFIX de El Desaparecido, C_xx

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097

/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur le bureau .

Choisir l'option2 suppression
(d’autres options disponibles, voir le tutoriel).
• Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.

Si un message te demande de redémarrer l'ordinateur fais le ...

● Au redémarrage, le fix se relance... laisses l'opération s'effectuer.

● Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse


• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html


UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097

Il est enregistré sur ton bureau.

Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.

Merci

........................

2)
Téléchargez et enregistrez le fichier d installation sur le bureau
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe


Double cliquez sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.
Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
Au menu principal choisir Option L Lancer le nettoyage
et tapez sur [entrée] .
Laissez travailler l'outil et ne touchez à rien ...
Postez le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.



0
Réponse 18 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
23 janv. 2010 à 11:55
############################## | UsbFix V6.077 |

User : HP_Administrateur (Administrateurs) # ASGORNS
Update on 21/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 11:38:32 | 23/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) D CPU 3.20GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886457 [ Enabled | Updated ]
AV : Microsoft Security Essentials 2.0.6212.0 [ Enabled | Updated ]

C:\ -> Disque fixe local # 270,98 Go (1,85 Go free) [HP_PAVILION] # NTFS
D:\ -> Disque fixe local # 8,46 Go (3,85 Go free) [HP_RECOVERY] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque fixe local # 149,04 Go (371,64 Mo free) [HP Personal Media Drive] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 664
C:\WINDOWS\system32\csrss.exe 716
C:\WINDOWS\system32\winlogon.exe 740
C:\WINDOWS\system32\services.exe 788
C:\WINDOWS\system32\lsass.exe 800
C:\WINDOWS\system32\nvsvc32.exe 980
C:\WINDOWS\system32\svchost.exe 1012
C:\WINDOWS\system32\svchost.exe 1080
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe 1176
C:\WINDOWS\System32\svchost.exe 1216
C:\WINDOWS\system32\svchost.exe 1320
C:\WINDOWS\system32\svchost.exe 1404
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 1572
C:\WINDOWS\Explorer.EXE 1768
C:\WINDOWS\system32\spoolsv.exe 204
C:\Program Files\Alwil Software\Avast5\setup\avast.setup 580
C:\WINDOWS\system32\svchost.exe 652
C:\Program Files\Bonjour\mDNSResponder.exe 708
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 1280
C:\Program Files\Java\jre6\bin\jqs.exe 1296
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 1340
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE 1672
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1696
C:\WINDOWS\system32\svchost.exe 1824
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE 428
C:\WINDOWS\system32\SearchIndexer.exe 1264
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe 1652
C:\WINDOWS\ehome\mcrdsvc.exe 1708
C:\WINDOWS\system32\wuauclt.exe 2180
C:\WINDOWS\system32\wbem\wmiprvse.exe 2184
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe 2716
C:\WINDOWS\System32\alg.exe 2724

################## | Elements infectieux |

Supprimé ! C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\RavMonLog
Supprimé ! C:\Recycler\S-1-5-21-1409082233-1078081533-682003330-500
Supprimé ! C:\Recycler\S-1-5-21-2248609772-2671577554-601185746-1007
Supprimé ! C:\Recycler\S-1-5-21-2519129616-1202306879-24657660-1007
Supprimé ! D:\autorun.inf
Supprimé ! J:\autorun.inf
Supprimé ! J:\$Recycle.Bin\S-1-5-21-376671459-3618405775-3804636930-1000
Supprimé ! J:\Recycler\S-1-5-21-2248609772-2671577554-601185746-1007
Supprimé ! J:\Recycler\S-1-5-21-2519129616-1202306879-24657660-1007

################## | Registre |


################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\K\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2cc3b15f-b5c2-11da-a6a8-d3508a7c698c}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{770b9573-a30d-11de-b875-001731a0c886}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9b6c3632-7109-11dd-b7ab-de1bcfc366b7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9b6c3633-7109-11dd-b7ab-de1bcfc366b7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a4f608d9-417c-11de-b847-00c0a8b72f8f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a5d701c9-8cf7-11dd-b7b8-87dcb4d32675}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{f157732c-a976-11de-b87b-001731a0c886}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[11/08/2006 23:15|--ah-----|100] C:\AUTOEXEC.BAT
[21/08/2008 11:08|-rahs----|211] C:\BOOT.BAK
[24/09/2009 15:29|-rahs----|289] C:\boot.ini
[10/08/2004 05:00|-rahs----|4952] C:\Bootfont.bin
[22/01/2010 10:52|--a------|1000] C:\cleannavi.txt
[10/08/2004 05:00|-r-hs----|263488] C:\cmldr
[10/10/2005 19:34|--ah-----|0] C:\CONFIG.SYS
[18/06/2008 19:09|--a------|216] C:\DebugTrace-RockallDLL.log
[30/11/2009 13:47|--ahs----|1379840] C:\ehthumbs.db
[?|?|?] C:\hiberfil.sys
[21/10/2006 10:27|--a------|1120] C:\INSTALL.LOG
[10/10/2005 19:34|-rahs----|0] C:\IO.SYS
[10/10/2005 19:34|-rahs----|0] C:\MSDOS.SYS
[10/08/2004 05:00|-rahs----|47564] C:\NTDETECT.COM
[01/02/2009 15:44|-rahs----|252240] C:\ntldr
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[18/03/2006 05:31|--a------|12] C:\RecoveryCD.txt
[22/01/2008 16:54|--a------|159] C:\Setup.log
[27/12/2005 15:21|--a------|7477561] C:\setup_all.exe
[22/01/2010 11:30|--a------|2564] C:\TB.txt
[25/06/1999 10:55|--a------|149504] C:\UNWISE.EXE
[19/05/1999 10:40|--a------|5885] C:\UNWISE.INI
[01/09/2009 13:02|--a------|825] C:\updatedatfix.log
[23/01/2010 11:42|--a------|5282] C:\UsbFix.txt
[27/07/2001 21:07|---hs----|0] D:\AUTOEXEC.BAT
[09/01/2002 09:52|---hs----|244] D:\BOOT.INI
[17/08/2001 00:26|---hs----|237728] D:\CMLDR
[27/07/2001 21:07|---hs----|0] D:\CONFIG.SYS
[25/05/2005 09:48|---hs----|102] D:\Desktop.ini
[17/12/2007 08:43|--ahs----|64512] D:\ehthumbs.db
[30/11/2004 10:01|---hs----|73728] D:\Info.exe
[27/07/2001 21:07|---hs----|0] D:\IO.SYS
[27/07/2001 21:07|---hs----|0] D:\MSDOS.SYS
[25/07/2001 13:00|---hs----|45124] D:\NTDETECT.COM
[25/07/2001 13:00|---hs----|222880] D:\NTLDR
[12/09/2006 13:24|-r-hs----|26] D:\RCBoot.sys
[29/04/2004 14:37|---hs----|4096] D:\Thumbs.db
[08/02/2002 14:44|---hs----|88038] D:\Warning.bmp
[17/03/2006 10:16|---hs----|16] D:\BLOCK.RIN
[25/01/2002 08:21|---hs----|0] D:\GRAPH16
[30/04/2001 11:16|---hs----|14] D:\Graph
[17/08/2001 06:32|---hs----|0] D:\NTFS
[17/03/2006 09:17|---hs----|36] D:\SAVEFILE.DIR
[30/04/2001 11:16|---hs----|14] D:\SVGA
[18/08/2001 06:00|---hs----|10] D:\WIN51
[22/01/2001 05:00|---hs----|11] D:\WIN51.B2
[25/07/2001 06:00|---hs----|11] D:\WIN51.RC1
[25/07/2001 11:47|---hs----|11] D:\WIN51.RC2
[18/08/2001 06:00|---hs----|10] D:\WIN51IC
[20/03/2001 05:00|---hs----|11] D:\WIN51IC.B2
[25/07/2001 06:00|---hs----|11] D:\WIN51IC.RC1
[25/07/2001 06:00|---hs----|11] D:\WIN51IC.RC2
[17/08/2001 06:00|---hs----|10] D:\WIN51IP
[22/01/2001 05:00|---hs----|11] D:\WIN51IP.B2
[25/07/2001 11:47|---hs----|11] D:\WIN51IP.RC2
[17/08/2001 04:17|---hs----|184] D:\WINBOM.INI
[10/09/2002 08:21|---hs----|7850] D:\Folder.htt
[10/09/2002 05:58|---hs----|181616] D:\protect.ed
[13/09/2006 20:26|---hs----|974] D:\MASTER.LOG
[11/08/2006 14:16|---hs----|18] D:\USER
[15/01/2008 00:59|---hs----|348160] J:\msvcr71.dll

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\HP_ADM~1.NOM\Bureau\UsbFix_Upload_Me_ASGORNS.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.077 ! |
0
Réponse 19 / 28
asgorns Messages postés 16 Date d'inscription vendredi 22 janvier 2010 Statut Membre Dernière intervention 24 janvier 2010
23 janv. 2010 à 12:08
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 21.01.2010 à 9:13
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 11:59:00, 23/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: ASGORNS | Utilisateur actuel: HP_Administrateur
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

C:\DOCUME~1\HP_ADM~1.NOM\APPLIC~1\Mozilla\FireFox\Profiles\zwdpl8l3.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
C:\DOCUME~1\HP_ADM~1.NOM\APPLIC~1\Mozilla\FireFox\Profiles\zwdpl8l3.default\searchplugins\ask.xml
C:\DOCUME~1\HP_ADM~1.NOM\APPLIC~1\Mozilla\FireFox\Profiles\zwdpl8l3.default\searchplugins\mywebsearch.xml
C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\DOCUME~1\HP_ADM~1.NOM\MENUDM~1\PROGRA~1\Deenero
C:\Program Files\AskSearch
C:\Program Files\Deenero
C:\Program Files\Gameztar Toolbar
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Deenero
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Gameztar Toolbar
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\Kiwee Toolbar
C:\Documents and Settings\LocalService\Application Data\agi

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\appdatalow\AskBarDis
HKCU\software\AskBarDis
HKCU\software\CMW
HKCU\Software\Microsoft\Internet Explorer\ProtocolExecute\deenero
HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKLM\software\AskBarDis
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{3716644a-ce84-4f54-9b90-568e7408e542}
HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
HKLM\Software\Classes\CLSID\{5F1C03FD-025E-4786-AF80-C2EF5C979115}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{8B459A17-69F6-4571-9362-1368CA4E7D63}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}
HKLM\Software\Classes\CLSID\{F871AA6E-FE10-453B-84E4-670AEBCAF487}
HKLM\software\classes\deenero
HKLM\software\classes\Deenero.Deenero.1
HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM\Software\Classes\Interface\{FC2A289A-F036-4566-A38A-A2A992E76D30}
HKLM\Software\Classes\TypeLib\{386235E3-C550-4D78-A634-87C72E6780A1}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19c186c0-7502-492e-bf03-69821f0b2589}
HKLM\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
HKLM\software\microsoft\windows\currentversion\uninstall\Deenero
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.7 [fr] *
.
Nom du profil: zwdpl8l3.default (HP_Administrateur)
.
(HP_ADM~1.NOM, prefs.js) Browser.download.lastDir, C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Bureau
(HP_ADM~1.NOM, prefs.js) Browser.search.defaultenginename, Live Search
(HP_ADM~1.NOM, prefs.js) Browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(HP_ADM~1.NOM, prefs.js) Browser.search.selectedEngine, MyWebSearch
(HP_ADM~1.NOM, prefs.js) Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=ZJfox000&ptb=w7L1R61FvlbZBqiKaRju9g
(HP_ADM~1.NOM, prefs.js) Extensions.enabledItems, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1,6,2,49,anycolor.pavlos256@gmail.com:0.3.1,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,en-GB@dictionaries.addons.mozilla.org:1.19,notreal.ccoptions@environmentalchemistry.com:1.2.1,fr-FR@dictionaries.addons.mozilla.org:2.1,fr@dictionaries.addons.mozilla.org:2.1,{1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9,{3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091119W,{e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{F2DDDB92-1605-4260-9B25-45A4DAE87B50}:1.0,{d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:2.0.2,treestyletab@piro.sakura.ne.jp:0.8.2009122501,en-US@dictionaries.addons.mozilla.org:4.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
(HP_ADM~1.NOM, prefs.js) Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
.
(HP_ADM~1.NOM, prefs.js) EFFACE - Browser.search.selectedEngine, MyWebSearch
(HP_ADM~1.NOM, prefs.js) EFFACE - Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=ZJfox000&ptb=w7L1R61FvlbZBqiKaRju9g
(HP_ADM~1.NOM, prefs.js) EFFACE - Extensions.mywebsearch.openSearchURL, hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=ZJfox000&ptb=w7L1R61FvlbZBqiKaRju9g
(HP_ADM~1.NOM, prefs.js) EFFACE - Extensions.mywebsearch.prevKwdEnabled, true
(HP_ADM~1.NOM, prefs.js) EFFACE - Extensions.mywebsearch.prevKwdURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
(HP_ADM~1.NOM, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1
(HP_ADM~1.NOM, prefs.js) EFFACE - Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
.
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
Enable Browser Extensions: yes
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: caea25a05d01ca01
Start Page Redirect Cache AcceptLangs: fr
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.3.0.8661_to_1.3.9.9167.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.3.15.9436_to_1.3.18.9563.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.3.18.9563_to_1.4.0.9864.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.3.9.9167_to_1.3.15.9436.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.4.0.9864_to_1.4.1.9891.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.4.1.9891_to_1.4.8.10266.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.4.8.10266_to_1.5.0.10372.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.5.0.10372_to_1.5.1.10390.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.5.1.10390_to_1.5.2.10433.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.5.2.10433_to_1.5.3.10478.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Dreamlords\DreamlordsPatch_1.5.3.10478_to_1.6.3.10747.exe
.
===================================
.
8843 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
87 Fichier(s) - C:\DOCUME~1\HP_ADM~1.NOM\LOCALS~1\Temp
28 Fichier(s) - C:\WINDOWS\Temp
0 Fichier(s) - C:\WINDOWS\Prefetch
.
18 Fichier(s) - C:\Ad-Remover\BACKUP
51 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 12:05:34 | 23/01/2010 - CLEAN[1]
.
============== E.O.F ==============
.


par contre j ai tjrs sonic update qui se lance intenpestivement et qui revient plusieurs fois d affilé
0
Réponse 20 / 28
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
23 janv. 2010 à 12:17
as tu essayer de le supprimer manuellement dans ajout supprim programmes ?
"SONIC UPDATE MANAGER"
0

Discussions similaires

Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
Présence ou non de cheval de troie ?
hunter55 -
Malekal_morte- -

14 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
windows defender cheval de troie
dplonguet -
Faarid.31 -

3 réponses