Sujet Précédent Sujet Suivant

Applications qui se bloquent

legibierdu31 -  
totobetourne Messages postés 5677 Statut Membre -
Bonjour,
les applications de mon ordinateur se bloque au bout de quelque minute, et finissent par bloqué l'ordinateur suite a un trojan. Je ne sais pas coi fair merci pour votre aied :).

10 réponses

Réponse 1 / 10
totobetourne Messages postés 5677 Statut Membre 65
 
bonjour

1)pour vista si infection.

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection: IMPORTANT A NE SURTOUT PAS OUBLIER):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html

2)on va analyser ton pc.

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...

-> laisse faire le scan et ne touche pas au PC ...

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
0
legibierdu31 Messages postés 12 Statut Membre
 
repond moi stp je galere
0
Réponse 2 / 10
Utilisateur anonyme
 
bonjour
edité, je suits
0
Réponse 3 / 10
legibierdu31 Messages postés 12 Statut Membre
 
ok jvais essayer de faire ca , mais l'ordi bloque vite donc j'ai pas beaucoup de temps . Je técris d'un autre ordi la.
0
Réponse 4 / 10
legibierdu31 Messages postés 12 Statut Membre
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by Thomas at 2010-01-28 15:21:51
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 16 GB (20%) free of 76 GB
Total RAM: 2038 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:47, on 28/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\System32\p2phost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe
C:\Program Files\Lexicon\Omega\Driver\ASIOSysTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Thomas\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Thomas.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Windows\system32\Taskmgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [P1110Cfg.exe] P1110Cfg.exe /d:3
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [COM+ Manager] "C:\Users\Thomas\.COMMgr\complmgr.exe"
O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas21.dll,AttachConsoleA
O4 - HKCU\..\Run: [BMIMZMHMFM] C:\Users\Thomas\AppData\Local\Temp\Pk2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Moniteur neufbox.lnk = C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe
O4 - Startup: Omega ASIO Control Panel.lnk = C:\Program Files\Lexicon\Omega\Driver\ASIOSysTray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {BFB5F154-9212-46F3-B547-AC6106030A54} - https://carrefourinternet.com/index.asp
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
legibierdu31 Messages postés 12 Statut Membre
 
info.txt logfile of random's system information tool 1.06 2010-01-28 15:17:58

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Ableton Live v7.0.2-->"C:\Program Files\Ableton\Live 7.0.2\Uninstall\unins000.exe"
Accessibility-->C:\Program Files\InstallShield Installation Information\{2C544254-39F2-4ACA-B779-ABF7297C96CF}\setup.exe -runfromtemp -l0x040c -removeonly
Addictive Drums Demo-->C:\Windows\unvise32.exe C:\Program Files\XLN Audio\Addictive Drums Demo\uninstal.log
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
AnumanLive-->"C:\Users\Thomas\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe" /UNINSTALL
Apple Mobile Device Support-->MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x040c -removeonly
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Creative WebCam NX Driver (2.00.04.0000)-->C:\Windows\CtDrvIns.exe -uninstall -script PD1110.uns -unsext NT -plugin P1110Pin.dll -pluginres CtCamPin.crl
Désinstaller Raveille-->"C:\Program Files\Raveille\unins000.exe"
Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c
Favorit-->c:\users\thomas\appdata\local\gowwi.bat
GTK+ 2.4.14 runtime environment-->"C:\Program Files\Common Files\GTK\2.0\unins000.exe"
Hercules audio files-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{865EE32E-B8D1-4378-9567-203DCAABE75A}\setup.exe" -l0x40c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
iZotope Ozone 4-->"C:\Program Files\VstPlugins\Ozone 4\unins000.exe"
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Live 8.0.1-->C:\PROGRA~1\Ableton\LIVE80~1.1\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE80~1.1\Install\INSTALL.LOG
Magic ISO Maker v5.5 (build 0273)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (2.0.0.20)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
QuickTime-->MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -l0x040c -removeonly
REALTEK USB Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{7095FD27-37F0-4750-9DE8-D37DC0043706}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x0009 -removeonly
Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x040c -removeonly
RICOH R5C83x/84x Media Driver Vista x86 Ver.3.33.03-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Steinberg Cubase LE 4-->MsiExec.exe /I{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TallStick TS-AudioToMIDI 3.30 (remove only)-->"C:\Program Files\TallStick\TS-AudioToMIDI 3.30\Uninstall.exe"
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x40c
TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}\setup.exe -runfromtemp -l0x040c uninstall
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TrackMania Nations ESWC 1.7.9-->"C:\Program Files\TrackMania Nations ESWC\unins000.exe"
Trans Music Manager-->C:\Program Files\InstallShield Installation Information\{3EF8DF44-F540-465A-8C4C-A5C8DFDE96AB}\setup.exe -runfromtemp -l0x040c
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows
0
Réponse 6 / 10
legibierdu31 Messages postés 12 Statut Membre
 
info.txt logfile of random's system information tool 1.06 2010-01-28 15:17:58

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Ableton Live v7.0.2-->"C:\Program Files\Ableton\Live 7.0.2\Uninstall\unins000.exe"
Accessibility-->C:\Program Files\InstallShield Installation Information\{2C544254-39F2-4ACA-B779-ABF7297C96CF}\setup.exe -runfromtemp -l0x040c -removeonly
Addictive Drums Demo-->C:\Windows\unvise32.exe C:\Program Files\XLN Audio\Addictive Drums Demo\uninstal.log
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
AnumanLive-->"C:\Users\Thomas\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe" /UNINSTALL
Apple Mobile Device Support-->MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x040c -removeonly
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Creative WebCam NX Driver (2.00.04.0000)-->C:\Windows\CtDrvIns.exe -uninstall -script PD1110.uns -unsext NT -plugin P1110Pin.dll -pluginres CtCamPin.crl
Désinstaller Raveille-->"C:\Program Files\Raveille\unins000.exe"
Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c
Favorit-->c:\users\thomas\appdata\local\gowwi.bat
GTK+ 2.4.14 runtime environment-->"C:\Program Files\Common Files\GTK\2.0\unins000.exe"
Hercules audio files-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{865EE32E-B8D1-4378-9567-203DCAABE75A}\setup.exe" -l0x40c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
iZotope Ozone 4-->"C:\Program Files\VstPlugins\Ozone 4\unins000.exe"
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Live 8.0.1-->C:\PROGRA~1\Ableton\LIVE80~1.1\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE80~1.1\Install\INSTALL.LOG
Magic ISO Maker v5.5 (build 0273)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (2.0.0.20)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
QuickTime-->MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -l0x040c -removeonly
REALTEK USB Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{7095FD27-37F0-4750-9DE8-D37DC0043706}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x0009 -removeonly
Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x040c -removeonly
RICOH R5C83x/84x Media Driver Vista x86 Ver.3.33.03-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Steinberg Cubase LE 4-->MsiExec.exe /I{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TallStick TS-AudioToMIDI 3.30 (remove only)-->"C:\Program Files\TallStick\TS-AudioToMIDI 3.30\Uninstall.exe"
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x40c
TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}\setup.exe -runfromtemp -l0x040c uninstall
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TrackMania Nations ESWC 1.7.9-->"C:\Program Files\TrackMania Nations ESWC\unins000.exe"
Trans Music Manager-->C:\Program Files\InstallShield Installation Information\{3EF8DF44-F540-465A-8C4C-A5C8DFDE96AB}\setup.exe -runfromtemp -l0x040c
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows
0
Utilisateur anonyme
 
je me permets de te répondre car tu as une infection Renos

Désactive l'UAC: controle de compte d'utilisateur

Clique sur le menu Démarrer puis sur Panneau de configuration , Comptes d'utilisateurs
Clique sur Activer ou désactiver le contrôle des comptes d'utilisateurs:
Une nouvelle fenêtre s'ouvre,décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur puis OK:
Une demande s'affiche si vous voulez redémarrer votre ordinateur, clique sur redémarrer maintenant

https://forums.cnetfrance.fr


Télécharge UsbFix (de El Desaparecido, C_XX et Chimay8) sur ton bureau
https://www.ionos.fr/?affiliate_id=77097

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

# Clic droit sur le raccourci UsbFix présent sur ton bureau et clique sur éxécuter en tant qu'administrateur .

# Sélectionne l'option 1 ( Recherche )

# Laisse travailler l outil.

# Ensuite poste le rapport UsbFix.txt qui apparaitra.

# Note : Le rapport UsbFix.txt est sauvegardé à la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
legibierdu31 Messages postés 12 Statut Membre > Utilisateur anonyme
 
############################## | UsbFix V6.080 |

User : Thomas (Administrateurs) # PC-DE-THOMAS
Update on 27/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 16:24:15 | 28/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 74,52 Go (15,12 Go free) [Vista] # NTFS
E:\ -> Disque fixe local # 73,06 Go (30,13 Go free) [Data] # NTFS
F:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS

############################## | Processus actifs |

C:\Windows\System32\smss.exe 432
C:\Windows\system32\csrss.exe 500
C:\Windows\system32\wininit.exe 544
C:\Windows\system32\csrss.exe 556
C:\Program Files\AVG\AVG9\avgchsvx.exe 568
C:\Program Files\AVG\AVG9\avgrsx.exe 576
C:\Windows\system32\services.exe 632
C:\Windows\system32\lsass.exe 648
C:\Windows\system32\lsm.exe 660
C:\Windows\system32\winlogon.exe 692
C:\Program Files\AVG\AVG9\avgcsrvx.exe 716
C:\Windows\system32\svchost.exe 872
C:\Windows\system32\svchost.exe 940
C:\Windows\System32\svchost.exe 1284
C:\Windows\System32\svchost.exe 1312
C:\Windows\system32\svchost.exe 1348
C:\Windows\system32\SLsvc.exe 1484
C:\Windows\system32\svchost.exe 1528
C:\Windows\system32\svchost.exe 1712
C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1880
C:\Windows\System32\spoolsv.exe 1984
C:\Windows\system32\svchost.exe 2008
C:\Windows\system32\taskeng.exe 1500
C:\Windows\system32\Dwm.exe 1708
C:\Windows\Explorer.EXE 1824
C:\Program Files\ATK Hotkey\Hcontrol.exe 1412
C:\Windows\system32\agrsmsvc.exe 624
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1372
C:\Program Files\AVG\AVG9\avgwdsvc.exe 304
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 2068
C:\Windows\system32\svchost.exe 2136
C:\Windows\system32\svchost.exe 2276
C:\Windows\system32\TODDSrv.exe 2348
C:\Program Files\AVG\AVG9\avgnsx.exe 2436
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2444
C:\Windows\System32\svchost.exe 2488
C:\Windows\system32\SearchIndexer.exe 2532
C:\Program Files\AVG\AVG9\avgemc.exe 2624
C:\Program Files\ATK Hotkey\ATKOSD.exe 2708
C:\Program Files\AVG\AVG9\avgcsrvx.exe 2844
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3336
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe 3388
C:\Windows\System32\igfxpers.exe 3500
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe 3512
C:\Program Files\AVG\AVG9\avgtray.exe 3524
C:\Program Files\Windows Sidebar\sidebar.exe 3532
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe 3540
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3548
C:\Windows\System32\p2phost.exe 3568
C:\Program Files\Windows Media Player\wmpnscfg.exe 3580
C:\Windows\system32\igfxsrvc.exe 3608
C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe 3704
C:\Program Files\Lexicon\Omega\Driver\ASIOSysTray.exe 3736
C:\Program Files\Windows Media Player\wmpnetwk.exe 3828
C:\Windows\system32\wbem\wmiprvse.exe 3980
C:\Windows\system32\wbem\unsecapp.exe 4084
C:\Windows\system32\wbem\wmiprvse.exe 2124
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe 2764
C:\Windows\system32\conime.exe 3140
C:\Windows\system32\taskeng.exe 2384
C:\Program Files\Windows Live\Contacts\wlcomm.exe 2760
C:\Windows\system32\SearchProtocolHost.exe 3040
C:\Windows\system32\SearchFilterHost.exe 2972

################## | Elements infectieux |


################## | Registre |

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BMIMZMHMFM"
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LosAlamos"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "MSConfig"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\I
shell\AutoRun\command =I:\LaunchU3.exe

HKCU\..\..\Explorer\MountPoints2\{13538451-4fa5-11de-9cfc-001d60f49afe}
shell\AutoRun\command =I:\lc.exe
shell\open\Command =I:\lc.exe

HKCU\..\..\Explorer\MountPoints2\{3d575412-b359-11de-a556-001d60f49afe}
shell\AutoRun\command =w9uxx92.exe
shell\open\Command =w9uxx92.exe

HKCU\..\..\Explorer\MountPoints2\{47855114-d9a5-11de-83f7-001d60f49afe}
shell\AutoRun\command =I:\eyt.exe
shell\open\Command =I:\eyt.exe

HKCU\..\..\Explorer\MountPoints2\{a1c247c7-cc66-11de-a7ea-001d60f49afe}
shell\AutoRun\command =I:\n1deiect.com
shell\explore\Command =I:\n1deiect.com
shell\open\Command =I:\n1deiect.com

HKCU\..\..\Explorer\MountPoints2\{d19fa462-c742-11dc-bdbb-001d60f49afe}
shell\AutoRun\command =I:\u9.com
shell\explore\Command =I:\u9.com
shell\open\Command =I:\u9.com

HKCU\..\..\Explorer\MountPoints2\{d6d8fa29-b896-11dd-a648-0016446d902b}
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdF56.vbs

################## | ! Fin du rapport # UsbFix V6.080 ! |
0
legibierdu31 Messages postés 12 Statut Membre > Utilisateur anonyme
 
############################## | UsbFix V6.080 |

User : Thomas (Administrateurs) # PC-DE-THOMAS
Update on 27/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 16:24:15 | 28/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 74,52 Go (15,12 Go free) [Vista] # NTFS
E:\ -> Disque fixe local # 73,06 Go (30,13 Go free) [Data] # NTFS
F:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS

############################## | Processus actifs |

C:\Windows\System32\smss.exe 432
C:\Windows\system32\csrss.exe 500
C:\Windows\system32\wininit.exe 544
C:\Windows\system32\csrss.exe 556
C:\Program Files\AVG\AVG9\avgchsvx.exe 568
C:\Program Files\AVG\AVG9\avgrsx.exe 576
C:\Windows\system32\services.exe 632
C:\Windows\system32\lsass.exe 648
C:\Windows\system32\lsm.exe 660
C:\Windows\system32\winlogon.exe 692
C:\Program Files\AVG\AVG9\avgcsrvx.exe 716
C:\Windows\system32\svchost.exe 872
C:\Windows\system32\svchost.exe 940
C:\Windows\System32\svchost.exe 1284
C:\Windows\System32\svchost.exe 1312
C:\Windows\system32\svchost.exe 1348
C:\Windows\system32\SLsvc.exe 1484
C:\Windows\system32\svchost.exe 1528
C:\Windows\system32\svchost.exe 1712
C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1880
C:\Windows\System32\spoolsv.exe 1984
C:\Windows\system32\svchost.exe 2008
C:\Windows\system32\taskeng.exe 1500
C:\Windows\system32\Dwm.exe 1708
C:\Windows\Explorer.EXE 1824
C:\Program Files\ATK Hotkey\Hcontrol.exe 1412
C:\Windows\system32\agrsmsvc.exe 624
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1372
C:\Program Files\AVG\AVG9\avgwdsvc.exe 304
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 2068
C:\Windows\system32\svchost.exe 2136
C:\Windows\system32\svchost.exe 2276
C:\Windows\system32\TODDSrv.exe 2348
C:\Program Files\AVG\AVG9\avgnsx.exe 2436
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2444
C:\Windows\System32\svchost.exe 2488
C:\Windows\system32\SearchIndexer.exe 2532
C:\Program Files\AVG\AVG9\avgemc.exe 2624
C:\Program Files\ATK Hotkey\ATKOSD.exe 2708
C:\Program Files\AVG\AVG9\avgcsrvx.exe 2844
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3336
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe 3388
C:\Windows\System32\igfxpers.exe 3500
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe 3512
C:\Program Files\AVG\AVG9\avgtray.exe 3524
C:\Program Files\Windows Sidebar\sidebar.exe 3532
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe 3540
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3548
C:\Windows\System32\p2phost.exe 3568
C:\Program Files\Windows Media Player\wmpnscfg.exe 3580
C:\Windows\system32\igfxsrvc.exe 3608
C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe 3704
C:\Program Files\Lexicon\Omega\Driver\ASIOSysTray.exe 3736
C:\Program Files\Windows Media Player\wmpnetwk.exe 3828
C:\Windows\system32\wbem\wmiprvse.exe 3980
C:\Windows\system32\wbem\unsecapp.exe 4084
C:\Windows\system32\wbem\wmiprvse.exe 2124
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe 2764
C:\Windows\system32\conime.exe 3140
C:\Windows\system32\taskeng.exe 2384
C:\Program Files\Windows Live\Contacts\wlcomm.exe 2760
C:\Windows\system32\SearchProtocolHost.exe 3040
C:\Windows\system32\SearchFilterHost.exe 2972

################## | Elements infectieux |


################## | Registre |

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BMIMZMHMFM"
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LosAlamos"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "MSConfig"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\I
shell\AutoRun\command =I:\LaunchU3.exe

HKCU\..\..\Explorer\MountPoints2\{13538451-4fa5-11de-9cfc-001d60f49afe}
shell\AutoRun\command =I:\lc.exe
shell\open\Command =I:\lc.exe

HKCU\..\..\Explorer\MountPoints2\{3d575412-b359-11de-a556-001d60f49afe}
shell\AutoRun\command =w9uxx92.exe
shell\open\Command =w9uxx92.exe

HKCU\..\..\Explorer\MountPoints2\{47855114-d9a5-11de-83f7-001d60f49afe}
shell\AutoRun\command =I:\eyt.exe
shell\open\Command =I:\eyt.exe

HKCU\..\..\Explorer\MountPoints2\{a1c247c7-cc66-11de-a7ea-001d60f49afe}
shell\AutoRun\command =I:\n1deiect.com
shell\explore\Command =I:\n1deiect.com
shell\open\Command =I:\n1deiect.com

HKCU\..\..\Explorer\MountPoints2\{d19fa462-c742-11dc-bdbb-001d60f49afe}
shell\AutoRun\command =I:\u9.com
shell\explore\Command =I:\u9.com
shell\open\Command =I:\u9.com

HKCU\..\..\Explorer\MountPoints2\{d6d8fa29-b896-11dd-a648-0016446d902b}
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdF56.vbs

################## | ! Fin du rapport # UsbFix V6.080 ! |
0
Utilisateur anonyme > legibierdu31 Messages postés 12 Statut Membre
 
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectées sans les ouvrir

# Clic droit sur le raccourci UsbFix présent sur ton bureau et clique sur éxécuter en tant qu'administrateur .

# Sélectionne l'option 2 ( Suppression )

# Ton bureau disparaitra et le pc redémarrera .

# Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.

# Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
legibierdu31 Messages postés 12 Statut Membre > Utilisateur anonyme
 
############################## | UsbFix V6.080 |

User : Thomas (Administrateurs) # PC-DE-THOMAS
Update on 27/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 16:55:45 | 28/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 74,52 Go (15,03 Go free) [Vista] # NTFS
E:\ -> Disque fixe local # 73,06 Go (30,13 Go free) [Data] # NTFS
F:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS

############################## | Processus actifs |

C:\Windows\System32\smss.exe 420
C:\Windows\system32\csrss.exe 552
C:\Windows\system32\wininit.exe 596
C:\Windows\system32\csrss.exe 608
C:\Program Files\AVG\AVG9\avgchsvx.exe 620
C:\Program Files\AVG\AVG9\avgrsx.exe 628
C:\Windows\system32\services.exe 680
C:\Windows\system32\lsass.exe 692
C:\Windows\system32\lsm.exe 700
C:\Program Files\AVG\AVG9\avgcsrvx.exe 764
C:\Windows\system32\winlogon.exe 772
C:\Windows\system32\svchost.exe 984
C:\Windows\system32\svchost.exe 1044
C:\Windows\system32\LogonUI.exe 1260
C:\Windows\System32\svchost.exe 1344
C:\Windows\System32\svchost.exe 1376
C:\Windows\system32\svchost.exe 1392
C:\Windows\system32\SLsvc.exe 1564
C:\Windows\system32\svchost.exe 1596
C:\Windows\system32\svchost.exe 1748
C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1928
C:\Windows\System32\spoolsv.exe 2040
C:\Windows\system32\svchost.exe 292
C:\Windows\system32\agrsmsvc.exe 1572
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1672
C:\Program Files\AVG\AVG9\avgwdsvc.exe 1728
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 1768
C:\Windows\system32\svchost.exe 1984
C:\Windows\system32\svchost.exe 472
C:\Windows\system32\TODDSrv.exe 2072
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2156
C:\Windows\System32\svchost.exe 2244
C:\Program Files\AVG\AVG9\avgnsx.exe 2252
C:\Windows\system32\SearchIndexer.exe 2336
C:\Program Files\AVG\AVG9\avgemc.exe 2436
C:\Program Files\AVG\AVG9\avgcsrvx.exe 2572
C:\Windows\system32\userinit.exe 2916
C:\Windows\system32\taskeng.exe 2932
C:\Windows\system32\Dwm.exe 2956
C:\Windows\Explorer.EXE 3024
C:\Windows\system32\runonce.exe 3184
C:\Windows\system32\conime.exe 3248
C:\Program Files\ATK Hotkey\Hcontrol.exe 3324
C:\Program Files\ATK Hotkey\ATKOSD.exe 3440
C:\Windows\system32\wbem\wmiprvse.exe 3560

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-1165846488-1843666591-1663008885-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1165846488-1843666591-1663008885-1001
Supprimé ! E:\$Recycle.Bin\S-1-5-20
Supprimé ! E:\$Recycle.Bin\S-1-5-21-1165846488-1843666591-1663008885-1000
Supprimé ! E:\$Recycle.Bin\S-1-5-21-1165846488-1843666591-1663008885-1001

################## | Registre |

Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BMIMZMHMFM"
Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LosAlamos"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "MSConfig"

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\I\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{13538451-4fa5-11de-9cfc-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3d575412-b359-11de-a556-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{47855114-d9a5-11de-83f7-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a1c247c7-cc66-11de-a7ea-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d19fa462-c742-11dc-bdbb-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d6d8fa29-b896-11dd-a648-0016446d902b}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[19/01/2008 08:45|-rahs----|333203] C:\bootmgr
[31/08/2007 05:36|-ra-s----|8192] C:\BOOTSECT.BAK
[25/12/2009 14:37|--a------|34] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[27/01/2009 16:31|-rahs----|0] C:\IO.SYS
[27/01/2009 16:31|--a------|0] C:\MediaTube_ver1.1573.0.exe
[27/01/2009 16:31|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[31/08/2007 07:12|--a------|420] C:\RHDSetup.log
[31/08/2007 07:19|--a------|86] C:\setup.log
[27/01/2009 16:32|--a------|7269] C:\StarCodec_ver1.5897.0.exe
[31/08/2007 08:37|--ah-----|70] C:\SWSTAMP.TXT
[28/01/2010 17:00|--a------|4634] C:\UsbFix.txt
[27/01/2009 16:30|--a------|7235] C:\wmcodec_update.exe
[23/09/2009 17:12|--a------|262215] E:\12191.mp3
[02/11/2009 20:27|--a------|24795] E:\12191.mp3.asd
[25/09/2009 16:55|--a------|398732] E:\1431.mp3
[02/11/2009 20:27|--a------|35787] E:\1431.mp3.asd
[23/09/2009 17:12|--a------|113165] E:\9678.mp3
[23/09/2009 17:12|--a------|96447] E:\9681.mp3
[02/11/2009 20:27|--a------|8647] E:\9681.mp3.asd
[26/10/2009 12:42|--a------|7351924] E:\ail ail ail.wma
[26/10/2009 12:53|--a------|4189589] E:\ail ailjjuil.wma
[08/11/2009 17:58|--a------|165757] E:\avion.jpg
[08/02/2007 04:23|--a------|732084866] E:\Barton Fink.avi
[29/08/2008 04:10|--a------|335872] E:\Branding.dll
[14/05/2008 19:52|--a------|5273] E:\cdrpdacc.sys
[04/01/2009 09:56|--a------|13992003] E:\CIMG0588.mov
[04/01/2009 10:18|--a------|5339231] E:\CIMG0589.mov
[04/01/2009 10:19|--a------|2416167] E:\CIMG0590.mov
[04/01/2009 10:38|--a------|5919507] E:\CIMG0593.mov
[04/01/2009 13:52|--a------|8990851] E:\CIMG0594.mov
[04/01/2009 14:11|--a------|3142845] E:\CIMG0595.mov
[04/01/2009 15:37|--a------|14446521] E:\CIMG0601.mov
[04/01/2009 15:38|--a------|7518829] E:\CIMG0602.mov
[04/01/2009 15:51|--a------|15430779] E:\CIMG0605.mov
[04/01/2009 15:56|--a------|6532024] E:\CIMG0606.mov
[04/01/2009 17:52|--a------|8228378] E:\CIMG0610.mov
[04/01/2009 18:03|--a------|3149877] E:\CIMG0611.mov
[04/01/2009 18:03|--a------|3259801] E:\CIMG0612.mov
[04/01/2009 18:31|--a------|6424632] E:\CIMG0613.mov
[04/01/2009 19:31|--a------|3944003] E:\CIMG0617.mov
[04/01/2009 20:25|--a------|1315597] E:\CIMG0619.mov
[04/01/2009 20:29|--a------|1816504] E:\CIMG0621.mov
[05/01/2009 11:54|--a------|8363785] E:\CIMG0623.mov
[05/01/2009 11:55|--a------|2732535] E:\CIMG0624.mov
[05/01/2009 12:28|--a------|3708117] E:\CIMG0626.mov
[05/11/2009 19:57|--a------|165] E:\compo texte smell her.txt
[29/07/2009 21:10|--a------|786] E:\Confirmation de l'adh‚sion.mht
[01/09/2009 10:43|--a------|125740] E:\Corr_Ex_Circuit_09.jpg
[08/01/2009 12:21|--a------|717373440] E:\cube_-_divx_francais.avi
[19/01/2010 13:52|--a------|3906] E:\current.m3u8
[29/09/2009 11:27|--a------|438272] E:\CV_Ducroquet_Aurelia.doc
[29/09/2009 10:51|--a------|6662] E:\daft Q.rns
[28/10/2009 21:25|--a------|10425] E:\E-needing.docx
[08/11/2009 17:58|--a------|342771] E:\easyJet_com - billets avion vol, h“tel et location de voiture discount.mht
[14/05/2008 19:49|--a------|4855] E:\eqpresets.eql
[03/10/2009 12:05|--a------|18091] E:\equations differentielle.docx
[20/05/2000 10:14|--a------|532684653] E:\Factory Sound Bank.RFL
[25/09/2009 17:19|--a------|4902912] E:\Film - Star Wars (Main Theme).mp3
[30/10/2009 18:40|--a------|39768] E:\fin.do.htm
[25/09/2007 05:48|--a------|11] E:\H07909FR.tag
[20/08/2009 19:46|--a------|18] E:\hugo.txt
[04/11/2009 04:47|--a------|3141] E:\index.htm
[29/08/2009 17:22|--a------|44105] E:\It's a man's world 2 2.rtf
[29/08/2009 17:25|--a------|44194] E:\It's a man's world 2 newwww.rtf
[19/07/2009 18:46|--a------|13434] E:\jj.rns
[29/08/2009 17:25|--a------|33174] E:\Le Bonheur de vivre newwww.rtf
[29/08/2009 11:53|--a------|33513] E:\Le Bonheur de vivre.rtf
[02/11/2009 20:10|--a------|983] E:\Live 7.0.2.lnk
[23/03/2009 03:09|--a------|729036800] E:\Memento.avi
[05/11/2009 16:18|--a------|6780797] E:\moment.wma
[05/11/2009 17:06|--a------|29635288] E:\momentl.aif
[05/11/2009 17:10|--a------|172963] E:\momentl.aif.asd
[27/09/2009 19:27|--a------|11479] E:\Monsieur Cariou.docx
[18/07/2009 11:13|--a------|360] E:\mp3 - Raccourci.lnk
[20/07/2009 20:49|--a------|22] E:\neuf.txt
[21/07/2009 20:53|--a------|14234] E:\new.rns
[07/10/2009 18:44|--a------|4128918] E:\Offspring - Self Esteem.mp3
[28/10/2009 18:34|--a------|271829510] E:\P1000278.MOV
[05/02/2009 21:07|--a------|2077854999] E:\Reason 4 Full DVD.uif
[18/06/2007 14:54|--a------|83458016] E:\Reason France Refill Vol.1.rfl
[21/07/2009 20:52|--a------|14234] E:\reason.rns
[18/07/2009 11:30|--a------|980] E:\ReFill Packer.lnk
[12/09/2008 13:16|--a------|202398] E:\ride car.MMM
[05/11/2009 17:28|--a------|13547608] E:\RIFF.aif
[12/11/2009 19:48|--a------|78032] E:\RIFF.aif.asd
[05/11/2009 17:23|--a------|13547608] E:\RIFF1.aif
[12/11/2009 19:48|--a------|77928] E:\RIFF1.aif.asd
[05/11/2009 17:25|--a------|13547608] E:\RIFF2.aif
[05/11/2009 17:25|--a------|76879] E:\RIFF2.aif.asd
[05/11/2009 17:33|--a------|13547608] E:\RIFF3.aif
[12/11/2009 19:48|--a------|77180] E:\RIFF3.aif.asd
[25/12/2009 14:55|--a------|0] E:\SkinColor.ini
[19/01/2010 13:52|--a------|320] E:\SkinPref.ini
[29/08/2009 16:57|--a------|37710] E:\traduction.jpg
[08/11/2009 17:47|--a------|147855] E:\train.jpg
[06/08/2008 06:17|--a------|737715] E:\TransHelp.chm
[03/07/2008 07:07|--a------|1034664] E:\TransPlayer.exe
[19/01/2010 13:52|--a------|1705] E:\TransPlayer.ini
[05/06/2008 03:13|--a------|201216] E:\TransShell.dll
[23/09/2009 16:57|--a------|14688] E:\trexroar.mp3
[23/09/2009 16:56|--a------|3639] E:\tyrannosaure_04.html
[14/05/2008 19:53|--a------|258352] E:\unicows.dll
[08/11/2009 15:59|--a------|7316909] E:\We are alone - freedom roots company.wma
[08/11/2009 15:16|--a------|154975] E:\we are alone-01.cpr
[08/11/2009 15:16|--a------|154979] E:\we are alone-011.cpr
[08/11/2009 15:56|--a------|174429] E:\we are alone-12.cpr
[08/11/2009 14:35|--a------|141968] E:\we are alone.cpr
[20/08/2009 18:52|--a------|14] E:\YANUS.txt
[01/01/1995 01:00|-r-------|44] F:\Track01.cda
[01/01/1995 01:00|-r-------|44] F:\Track02.cda
[01/01/1995 01:00|-r-------|44] F:\Track03.cda
[01/01/1995 01:00|-r-------|44] F:\Track04.cda
[01/01/1995 01:00|-r-------|44] F:\Track05.cda
[01/01/1995 01:00|-r-------|44] F:\Track06.cda
[01/01/1995 01:00|-r-------|44] F:\Track07.cda
[01/01/1995 01:00|-r-------|44] F:\Track08.cda
[01/01/1995 01:00|-r-------|44] F:\Track09.cda
[01/01/1995 01:00|-r-------|44] F:\Track10.cda
[01/01/1995 01:00|-r-------|44] F:\Track11.cda
[01/01/1995 01:00|-r-------|44] F:\Track12.cda
[01/01/1995 01:00|-r-------|44] F:\Track13.cda
[01/01/1995 01:00|-r-------|44] F:\Track14.cda
[01/01/1995 01:00|-r-------|44] F:\Track15.cda

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
0
Réponse 7 / 10
legibierdu31 Messages postés 12 Statut Membre
 
############################## | UsbFix V6.080 |

User : Thomas (Administrateurs) # PC-DE-THOMAS
Update on 27/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 16:55:45 | 28/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 74,52 Go (15,03 Go free) [Vista] # NTFS
E:\ -> Disque fixe local # 73,06 Go (30,13 Go free) [Data] # NTFS
F:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS

############################## | Processus actifs |

C:\Windows\System32\smss.exe 420
C:\Windows\system32\csrss.exe 552
C:\Windows\system32\wininit.exe 596
C:\Windows\system32\csrss.exe 608
C:\Program Files\AVG\AVG9\avgchsvx.exe 620
C:\Program Files\AVG\AVG9\avgrsx.exe 628
C:\Windows\system32\services.exe 680
C:\Windows\system32\lsass.exe 692
C:\Windows\system32\lsm.exe 700
C:\Program Files\AVG\AVG9\avgcsrvx.exe 764
C:\Windows\system32\winlogon.exe 772
C:\Windows\system32\svchost.exe 984
C:\Windows\system32\svchost.exe 1044
C:\Windows\system32\LogonUI.exe 1260
C:\Windows\System32\svchost.exe 1344
C:\Windows\System32\svchost.exe 1376
C:\Windows\system32\svchost.exe 1392
C:\Windows\system32\SLsvc.exe 1564
C:\Windows\system32\svchost.exe 1596
C:\Windows\system32\svchost.exe 1748
C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1928
C:\Windows\System32\spoolsv.exe 2040
C:\Windows\system32\svchost.exe 292
C:\Windows\system32\agrsmsvc.exe 1572
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1672
C:\Program Files\AVG\AVG9\avgwdsvc.exe 1728
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 1768
C:\Windows\system32\svchost.exe 1984
C:\Windows\system32\svchost.exe 472
C:\Windows\system32\TODDSrv.exe 2072
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2156
C:\Windows\System32\svchost.exe 2244
C:\Program Files\AVG\AVG9\avgnsx.exe 2252
C:\Windows\system32\SearchIndexer.exe 2336
C:\Program Files\AVG\AVG9\avgemc.exe 2436
C:\Program Files\AVG\AVG9\avgcsrvx.exe 2572
C:\Windows\system32\userinit.exe 2916
C:\Windows\system32\taskeng.exe 2932
C:\Windows\system32\Dwm.exe 2956
C:\Windows\Explorer.EXE 3024
C:\Windows\system32\runonce.exe 3184
C:\Windows\system32\conime.exe 3248
C:\Program Files\ATK Hotkey\Hcontrol.exe 3324
C:\Program Files\ATK Hotkey\ATKOSD.exe 3440
C:\Windows\system32\wbem\wmiprvse.exe 3560

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-1165846488-1843666591-1663008885-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1165846488-1843666591-1663008885-1001
Supprimé ! E:\$Recycle.Bin\S-1-5-20
Supprimé ! E:\$Recycle.Bin\S-1-5-21-1165846488-1843666591-1663008885-1000
Supprimé ! E:\$Recycle.Bin\S-1-5-21-1165846488-1843666591-1663008885-1001

################## | Registre |

Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BMIMZMHMFM"
Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LosAlamos"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "MSConfig"

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\I\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{13538451-4fa5-11de-9cfc-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3d575412-b359-11de-a556-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{47855114-d9a5-11de-83f7-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a1c247c7-cc66-11de-a7ea-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d19fa462-c742-11dc-bdbb-001d60f49afe}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d6d8fa29-b896-11dd-a648-0016446d902b}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[19/01/2008 08:45|-rahs----|333203] C:\bootmgr
[31/08/2007 05:36|-ra-s----|8192] C:\BOOTSECT.BAK
[25/12/2009 14:37|--a------|34] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[27/01/2009 16:31|-rahs----|0] C:\IO.SYS
[27/01/2009 16:31|--a------|0] C:\MediaTube_ver1.1573.0.exe
[27/01/2009 16:31|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[31/08/2007 07:12|--a------|420] C:\RHDSetup.log
[31/08/2007 07:19|--a------|86] C:\setup.log
[27/01/2009 16:32|--a------|7269] C:\StarCodec_ver1.5897.0.exe
[31/08/2007 08:37|--ah-----|70] C:\SWSTAMP.TXT
[28/01/2010 17:00|--a------|4634] C:\UsbFix.txt
[27/01/2009 16:30|--a------|7235] C:\wmcodec_update.exe
[23/09/2009 17:12|--a------|262215] E:\12191.mp3
[02/11/2009 20:27|--a------|24795] E:\12191.mp3.asd
[25/09/2009 16:55|--a------|398732] E:\1431.mp3
[02/11/2009 20:27|--a------|35787] E:\1431.mp3.asd
[23/09/2009 17:12|--a------|113165] E:\9678.mp3
[23/09/2009 17:12|--a------|96447] E:\9681.mp3
[02/11/2009 20:27|--a------|8647] E:\9681.mp3.asd
[26/10/2009 12:42|--a------|7351924] E:\ail ail ail.wma
[26/10/2009 12:53|--a------|4189589] E:\ail ailjjuil.wma
[08/11/2009 17:58|--a------|165757] E:\avion.jpg
[08/02/2007 04:23|--a------|732084866] E:\Barton Fink.avi
[29/08/2008 04:10|--a------|335872] E:\Branding.dll
[14/05/2008 19:52|--a------|5273] E:\cdrpdacc.sys
[04/01/2009 09:56|--a------|13992003] E:\CIMG0588.mov
[04/01/2009 10:18|--a------|5339231] E:\CIMG0589.mov
[04/01/2009 10:19|--a------|2416167] E:\CIMG0590.mov
[04/01/2009 10:38|--a------|5919507] E:\CIMG0593.mov
[04/01/2009 13:52|--a------|8990851] E:\CIMG0594.mov
[04/01/2009 14:11|--a------|3142845] E:\CIMG0595.mov
[04/01/2009 15:37|--a------|14446521] E:\CIMG0601.mov
[04/01/2009 15:38|--a------|7518829] E:\CIMG0602.mov
[04/01/2009 15:51|--a------|15430779] E:\CIMG0605.mov
[04/01/2009 15:56|--a------|6532024] E:\CIMG0606.mov
[04/01/2009 17:52|--a------|8228378] E:\CIMG0610.mov
[04/01/2009 18:03|--a------|3149877] E:\CIMG0611.mov
[04/01/2009 18:03|--a------|3259801] E:\CIMG0612.mov
[04/01/2009 18:31|--a------|6424632] E:\CIMG0613.mov
[04/01/2009 19:31|--a------|3944003] E:\CIMG0617.mov
[04/01/2009 20:25|--a------|1315597] E:\CIMG0619.mov
[04/01/2009 20:29|--a------|1816504] E:\CIMG0621.mov
[05/01/2009 11:54|--a------|8363785] E:\CIMG0623.mov
[05/01/2009 11:55|--a------|2732535] E:\CIMG0624.mov
[05/01/2009 12:28|--a------|3708117] E:\CIMG0626.mov
[05/11/2009 19:57|--a------|165] E:\compo texte smell her.txt
[29/07/2009 21:10|--a------|786] E:\Confirmation de l'adh‚sion.mht
[01/09/2009 10:43|--a------|125740] E:\Corr_Ex_Circuit_09.jpg
[08/01/2009 12:21|--a------|717373440] E:\cube_-_divx_francais.avi
[19/01/2010 13:52|--a------|3906] E:\current.m3u8
[29/09/2009 11:27|--a------|438272] E:\CV_Ducroquet_Aurelia.doc
[29/09/2009 10:51|--a------|6662] E:\daft Q.rns
[28/10/2009 21:25|--a------|10425] E:\E-needing.docx
[08/11/2009 17:58|--a------|342771] E:\easyJet_com - billets avion vol, h“tel et location de voiture discount.mht
[14/05/2008 19:49|--a------|4855] E:\eqpresets.eql
[03/10/2009 12:05|--a------|18091] E:\equations differentielle.docx
[20/05/2000 10:14|--a------|532684653] E:\Factory Sound Bank.RFL
[25/09/2009 17:19|--a------|4902912] E:\Film - Star Wars (Main Theme).mp3
[30/10/2009 18:40|--a------|39768] E:\fin.do.htm
[25/09/2007 05:48|--a------|11] E:\H07909FR.tag
[20/08/2009 19:46|--a------|18] E:\hugo.txt
[04/11/2009 04:47|--a------|3141] E:\index.htm
[29/08/2009 17:22|--a------|44105] E:\It's a man's world 2 2.rtf
[29/08/2009 17:25|--a------|44194] E:\It's a man's world 2 newwww.rtf
[19/07/2009 18:46|--a------|13434] E:\jj.rns
[29/08/2009 17:25|--a------|33174] E:\Le Bonheur de vivre newwww.rtf
[29/08/2009 11:53|--a------|33513] E:\Le Bonheur de vivre.rtf
[02/11/2009 20:10|--a------|983] E:\Live 7.0.2.lnk
[23/03/2009 03:09|--a------|729036800] E:\Memento.avi
[05/11/2009 16:18|--a------|6780797] E:\moment.wma
[05/11/2009 17:06|--a------|29635288] E:\momentl.aif
[05/11/2009 17:10|--a------|172963] E:\momentl.aif.asd
[27/09/2009 19:27|--a------|11479] E:\Monsieur Cariou.docx
[18/07/2009 11:13|--a------|360] E:\mp3 - Raccourci.lnk
[20/07/2009 20:49|--a------|22] E:\neuf.txt
[21/07/2009 20:53|--a------|14234] E:\new.rns
[07/10/2009 18:44|--a------|4128918] E:\Offspring - Self Esteem.mp3
[28/10/2009 18:34|--a------|271829510] E:\P1000278.MOV
[05/02/2009 21:07|--a------|2077854999] E:\Reason 4 Full DVD.uif
[18/06/2007 14:54|--a------|83458016] E:\Reason France Refill Vol.1.rfl
[21/07/2009 20:52|--a------|14234] E:\reason.rns
[18/07/2009 11:30|--a------|980] E:\ReFill Packer.lnk
[12/09/2008 13:16|--a------|202398] E:\ride car.MMM
[05/11/2009 17:28|--a------|13547608] E:\RIFF.aif
[12/11/2009 19:48|--a------|78032] E:\RIFF.aif.asd
[05/11/2009 17:23|--a------|13547608] E:\RIFF1.aif
[12/11/2009 19:48|--a------|77928] E:\RIFF1.aif.asd
[05/11/2009 17:25|--a------|13547608] E:\RIFF2.aif
[05/11/2009 17:25|--a------|76879] E:\RIFF2.aif.asd
[05/11/2009 17:33|--a------|13547608] E:\RIFF3.aif
[12/11/2009 19:48|--a------|77180] E:\RIFF3.aif.asd
[25/12/2009 14:55|--a------|0] E:\SkinColor.ini
[19/01/2010 13:52|--a------|320] E:\SkinPref.ini
[29/08/2009 16:57|--a------|37710] E:\traduction.jpg
[08/11/2009 17:47|--a------|147855] E:\train.jpg
[06/08/2008 06:17|--a------|737715] E:\TransHelp.chm
[03/07/2008 07:07|--a------|1034664] E:\TransPlayer.exe
[19/01/2010 13:52|--a------|1705] E:\TransPlayer.ini
[05/06/2008 03:13|--a------|201216] E:\TransShell.dll
[23/09/2009 16:57|--a------|14688] E:\trexroar.mp3
[23/09/2009 16:56|--a------|3639] E:\tyrannosaure_04.html
[14/05/2008 19:53|--a------|258352] E:\unicows.dll
[08/11/2009 15:59|--a------|7316909] E:\We are alone - freedom roots company.wma
[08/11/2009 15:16|--a------|154975] E:\we are alone-01.cpr
[08/11/2009 15:16|--a------|154979] E:\we are alone-011.cpr
[08/11/2009 15:56|--a------|174429] E:\we are alone-12.cpr
[08/11/2009 14:35|--a------|141968] E:\we are alone.cpr
[20/08/2009 18:52|--a------|14] E:\YANUS.txt
[01/01/1995 01:00|-r-------|44] F:\Track01.cda
[01/01/1995 01:00|-r-------|44] F:\Track02.cda
[01/01/1995 01:00|-r-------|44] F:\Track03.cda
[01/01/1995 01:00|-r-------|44] F:\Track04.cda
[01/01/1995 01:00|-r-------|44] F:\Track05.cda
[01/01/1995 01:00|-r-------|44] F:\Track06.cda
[01/01/1995 01:00|-r-------|44] F:\Track07.cda
[01/01/1995 01:00|-r-------|44] F:\Track08.cda
[01/01/1995 01:00|-r-------|44] F:\Track09.cda
[01/01/1995 01:00|-r-------|44] F:\Track10.cda
[01/01/1995 01:00|-r-------|44] F:\Track11.cda
[01/01/1995 01:00|-r-------|44] F:\Track12.cda
[01/01/1995 01:00|-r-------|44] F:\Track13.cda
[01/01/1995 01:00|-r-------|44] F:\Track14.cda
[01/01/1995 01:00|-r-------|44] F:\Track15.cda

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.

################## | Upload |

Veuillez envoyer le fichier : C:\Users\Thomas\Desktop\UsbFix_Upload_Me_PC-de-Thomas.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
0
Utilisateur anonyme
 
as tu fait ceci ?
Veuillez envoyer le fichier : C:\Users\Thomas\Desktop\UsbFix_Upload_Me_PC-de-Thomas.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

Pourrai tu me poster un nouveau rapport RSIT
0
Réponse 8 / 10
legibierdu31 Messages postés 12 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:47, on 28/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\System32\p2phost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe
C:\Program Files\Lexicon\Omega\Driver\ASIOSysTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Thomas\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Thomas.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Windows\system32\Taskmgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [P1110Cfg.exe] P1110Cfg.exe /d:3
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [COM+ Manager] "C:\Users\Thomas\.COMMgr\complmgr.exe"
O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas21.dll,AttachConsoleA
O4 - HKCU\..\Run: [BMIMZMHMFM] C:\Users\Thomas\AppData\Local\Temp\Pk2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Moniteur neufbox.lnk = C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe
O4 - Startup: Omega ASIO Control Panel.lnk = C:\Program Files\Lexicon\Omega\Driver\ASIOSysTray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {BFB5F154-9212-46F3-B547-AC6106030A54} - http://tituslevengeur.carrefourinternet.com/toolbar/CI.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 9 / 10
legibierdu31 Messages postés 12 Statut Membre
 
j'ai virer avg j'ai limpression que sava mieu ... bizarre
0
Réponse 10 / 10
totobetourne Messages postés 5677 Statut Membre 65
 
colle un rapport rsit et pas hijack car rsit plus complet.merci.

passe cela :
passe cet antimalware, fait comme indique
Telecharges malwaresbytes antimalwares(MBAM) : egalement tres util sur pb de pub mais pas tous malheureusement

Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
fais comme indique,mise a jour , scan complet et le rapport.
COLLE LE RAPPORT APRES SUPPRESSION MERCI.

garde le et lance un scan tout les mois comme indique.

si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.

ps:tu enleves ton antivirus et tu es toujours infectes a ce que je vois sur hijack.
0