A voir également:
- Virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Virus mcafee - Accueil - Piratage
- Tinyurl.com virus - Forum Virus
21 réponses
stael
Messages postés
314
Date d'inscription
samedi 9 juillet 2005
Statut
Contributeur
Dernière intervention
18 mars 2009
7
24 août 2005 à 21:23
24 août 2005 à 21:23
salut
telecharge ca : http://www.safer-networking.org/fr/download/index.html
passe en un coup et refais un log on i vera plu claire
telecharge ca : http://www.safer-networking.org/fr/download/index.html
passe en un coup et refais un log on i vera plu claire
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
24 août 2005 à 21:39
24 août 2005 à 21:39
Contrôle de service.: Le fichier Services.sbs manque. Svp utilisez la mise à jour pour en obtenir une nouvelle copie! ()
FastClick: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-08-24 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2004-05-12 SDHelper.dll (1.3.0.12)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-03-03 Includes\Cookies.sbi (*)
2005-04-07 Includes\Dialer.sbi (*)
2005-04-07 Includes\Hijackers.sbi (*)
2005-03-22 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-04-07 Includes\Malware.sbi (*)
2005-03-17 Includes\PUPS.sbi (*)
2005-03-17 Includes\Revision.sbi (*)
2005-02-09 Includes\Security.sbi (*)
2005-04-07 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-04-07 Includes\Trojans.sbi (*)
FastClick: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-08-24 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2004-05-12 SDHelper.dll (1.3.0.12)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-03-03 Includes\Cookies.sbi (*)
2005-04-07 Includes\Dialer.sbi (*)
2005-04-07 Includes\Hijackers.sbi (*)
2005-03-22 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-04-07 Includes\Malware.sbi (*)
2005-03-17 Includes\PUPS.sbi (*)
2005-03-17 Includes\Revision.sbi (*)
2005-02-09 Includes\Security.sbi (*)
2005-04-07 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-04-07 Includes\Trojans.sbi (*)
stael
Messages postés
314
Date d'inscription
samedi 9 juillet 2005
Statut
Contributeur
Dernière intervention
18 mars 2009
7
24 août 2005 à 21:45
24 août 2005 à 21:45
salut
mais a jour spybot
fais un scan et reposte un hijack this
mais a jour spybot
fais un scan et reposte un hijack this
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
24 août 2005 à 22:22
24 août 2005 à 22:22
--- Search result list ---
MyWay.MyBar: Netscape hook (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-1645522239-725345543-1004\Software\Netscape\Netscape Navigator\Automation Shutdown\MyWayToolBar.NetscapeShutdown.1
MyWay.MyBar: Netscape hook (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-1645522239-725345543-1004\Software\Netscape\Netscape Navigator\Automation Startup\MyWayToolBar.NetscapeStartup.1
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-1645522239-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
Windows Security Center.AntiVirusDisableNotify: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
InstaFink: Groupe de programmes (Répertoire, nothing done)
C:\Program Files\INSTAFINK\
DoubleClick: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
ValueClick: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
FastClick: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
MediaPlex: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-08-24 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-08-19 Includes\Dialer.sbi (*)
2005-08-19 Includes\Hijackers.sbi (*)
2005-08-16 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-08-19 Includes\Malware.sbi (*)
2005-08-12 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-08-19 Includes\Security.sbi (*)
2005-08-16 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-08-19 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security Update for Microsoft Data Access Components
/ Internet Explorer 6 / SP1: Correctif Windows XP - KB883939
/ Internet Explorer 6 / SP1: Correctif Windows XP - KB889293
/ Internet Explorer 6 / SP1: Correctif Windows XP - KB890923
/ Outlook Express 6 / SP1: Correctif Windows XP - KB887797
/ Outlook Express 6 / SP1: Correctif Windows XP - KB897715
/ Windows Media Player: Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]
/ Windows Media Player / SP0: Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Correctif Windows XP - KB873333
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB883939)
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB885884
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Correctif Windows XP - KB887797
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890175
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066)
/ Windows XP / SP3: Correctif Windows XP - KB893086
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB896727)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899588)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB903235)
--- Startup entries list ---
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
file: C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
size: 58488
MD5: aab57694bc1e2b6a2c6f0a07eb4cc307
Located: HK_LM:Run, CloneCDElbyCDFL
command: "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
file: C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe
size: 45056
MD5: 56193bce4dfd8879aedeb26b71a0a583
Located: HK_LM:Run, CloneCDTray
command: "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
file: C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
size: 73728
MD5: 3b50055972861da5d5625cad1b11007e
Located: HK_LM:Run, DAEMON Tools-1033
command: "C:\Program Files\D-Tools\daemon.exe" -lang 1033
file:
Located: HK_LM:Run, load32
command:
file:
Located: HK_LM:Run, MessagerStarter Wanadoo
command: C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
file: C:\PROGRA~1\MESSAG~1\StartMessager.exe
size: 32768
MD5: d7d09a7bfca85dbe2af58ce639f00576
Located: HK_LM:Run, Microsoft Sound Driver
command: sound32.exe
file:
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
file: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 28672
MD5: 7ebfae0a6d73d2d9c9a970a80935fd8f
Located: HK_LM:Run, NeroCheck
command: C:\WINDOWS\System32\\NeroCheck.exe
file: C:\WINDOWS\System32\\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, Network Host Service
command: eaoaheb32.exe
file:
Located: HK_LM:Run, New.net Startup
command: rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
file:
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: cdd7140c0eaa754c527b983ccc9993cd
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 323584
MD5: 44dfa110b29cb827fd67a633e5783d22
Located: HK_LM:RunServices, Microsoft Sound Driver
command: sound32.exe
file:
Located: HK_LM:RunServices, Network Host Service
command: eaoaheb32.exe
file:
Located: HK_LM:RunServices, Task Help
command: wualcts.exe
file:
Located: HK_CU:Run, CTFMON.EXE
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64e41e8fee655b03e3f19ded21ba5118
Located: HK_CU:Run, Gadwin PrintScreen 3.0
command: C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
file:
Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Located: HK_CU:Run, NVIEW
command: rundll32.exe nview.dll,nViewLoadHook
file: C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: cdd7140c0eaa754c527b983ccc9993cd
Located: Démarrage (tous utilisateurs), InterVideo WinCinema Manager.lnk
command: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
file: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
size: 98304
MD5: b490339be6e041ded2a39cf55f2cecd1
Located: Démarrage (tous utilisateurs), Pense-bête.lnk
command: C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
file: C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
size: 335872
MD5: 891d34eec1f22db0eb2b0e303dd8bd00
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
--- ActiveX list ---
--- Process list ---
PID: 0 ( 0) [System]
PID: 460 ( 4) \SystemRoot\System32\smss.exe
PID: 528 ( 460) \??\C:\WINDOWS\system32\csrss.exe
PID: 552 ( 460) \??\C:\WINDOWS\system32\winlogon.exe
PID: 596 ( 552) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 608 ( 552) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 752 ( 596) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 808 ( 596) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 848 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 916 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 992 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1164 (1112) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 2A7BD330924252A2FD80344FC949BB72
PID: 1244 ( 596) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1344 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
size: 164984
MD5: 6940596C92520C4CD1E4D153F008C6DA
PID: 1404 ( 596) C:\Program Files\Norton AntiVirus\navapsvc.exe
size: 176768
MD5: FA3715EBD0E95D0814114DD423A9F783
PID: 1452 ( 596) C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
size: 46208
MD5: 1A6F1D5F7D05EA5CB3750270BCCFD5C5
PID: 1496 ( 596) C:\WINDOWS\System32\nvsvc32.exe
size: 65536
MD5: 88A4A3FF59821E7BECDC786F355FB56E
PID: 1588 ( 596) C:\WINDOWS\system32\slserv.exe
size: 45056
MD5: 687217654134680371EF23FAFC5EC96D
PID: 1604 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
size: 206552
MD5: 997BF60BEF992C61C3014EF5C56D93EA
PID: 1736 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
size: 173160
MD5: 08FA56B7C13B4CBF0E5D351AECAD92B1
PID: 1764 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1784 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 822424
MD5: B6BF7DD619D045D0F999310882551B7D
PID: 1808 ( 596) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: AB0A7CA90D9E3D6A193905DC1715DED0
PID: 1864 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
size: 197752
MD5: F53038574574B37759FD029E9B891D8A
PID: 716 ( 596) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 1968 (1164) C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 28672
MD5: 7EBFAE0A6D73D2D9C9A970A80935FD8F
PID: 2060 (1164) C:\PROGRA~1\MESSAG~1\StartMessager.exe
size: 32768
MD5: D7D09A7BFCA85DBE2AF58CE639F00576
PID: 2112 (1164) C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
size: 73728
MD5: 3B50055972861DA5D5625CAD1B11007E
PID: 2140 (1164) C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
size: 58488
MD5: AAB57694BC1E2B6A2C6F0A07EB4CC307
PID: 2148 (1164) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: CDD7140C0EAA754C527B983CCC9993CD
PID: 2216 (1164) C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
PID: 2224 (1164) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 2248 (2156) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: CDD7140C0EAA754C527B983CCC9993CD
PID: 2464 (1164) C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
size: 98304
MD5: B490339BE6E041DED2A39CF55F2CECD1
PID: 2564 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 3148 (1164) C:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: 385D1644E676C96EB07848ADA63E37FA
PID: 4020 (3968) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24/08/2005 22:17:28
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\SYSTEM32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://wanadoo.fr/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\SYSTEM32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: New.net UDP Chain
GUID: {07785CE1-3852-11D5-9A70-0001031EA755}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Description: New.Net UDP chain
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net UDP Chain
Protocol 1: New.net TCP Chain
GUID: {F09D4560-0006-0026-9A6F-0001031EA788}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Protocol 19: New.net TCP Filter
GUID: {53D204E0-0006-0026-9A6F-0001031EA788}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Protocol 20: New.net UDP Filter
GUID: {07785CE0-3852-11D5-9A70-0001031EA755}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Description: New.Net UDP filter
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net UDP Filter
Namespace Provider 3: New.net Name Space Provider
GUID: {3B5F8060-1AE1-11D4-966F-00E018981B9E}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Description: New.Net name space provider
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net Name Space Provider
--- Uninstall list ---
123 Free Solitaire 123 Free Solitaire 2004 (123 Free Solitaire)
uninstall cmd: C:\PROGRA~1\123FRE~1\UNWISE.EXE C:\PROGRA~1\123FRE~1\INSTALL.LOG
publisher: TreeCardGames.com
ABBYY FineReader 4.0 Sprint (ABBYY FineReader 4.0 Sprint)
uninstall cmd: C:\WINDOWS\bitdeins.exe C:\PROGRA~1\ABBYYF~1.0SP\bitdeins.ini
AC3Filter (remove only) (AC3Filter)
uninstall cmd: C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com
(AddressBook)
Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: C:\Program Files\Adobe\Acrobat 5.0
uninstall cmd: C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link: http://www.adobe.com/prodindex/acrobat/main.html
ArcSoft PhotoImpression 3.0 (ArcSoft PhotoImpression 3.0)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\ArcSoft\PhotoImpression\Uninst.isu"
Audiogalaxy Rhapsody (Audiogalaxy Rhapsody)
uninstall cmd: "C:\Program Files\Audiogalaxy Rhapsody\Unwise32.exe" C:\PROGRA~1\AUDIOG~1\Install.log
(Automap 9.0)
AviSynth 2.5 (AviSynth)
uninstall cmd: "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bejeweled 2 Deluxe (Bejeweled 2 Deluxe)
uninstall cmd: C:\WINDOWS\iun6002ev.exe "C:\Program Files\Bejeweled 2 Deluxe\irunin.ini"
(Branding)
Bubble Bobble World (Bubble Bobble World)
uninstall cmd: C:\WINDOWS\UnGins.exe "C:\Program Files\Bubble Bobble World\install.log"
BubbleBall (BubbleBall)
uninstall cmd: C:\Program Files\BubbleBall\SXUNINST.EXE
Canon S300 (CANONBJ_Deinstall_CNMCP38.DLL)
uninstall cmd: C:\WINDOWS\System32\CNMCP38.EXE -@C:\WINDOWS\IsUn040c.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\DeIsL1.isu" -pCanon S300-c"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\bjinst.dll
Casse-brique DELUXE (Casse-brique DELUXE)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Anuman Interactive\Casse-brique DELUXE\Uninst.isu"
CleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe
CloneCD (CloneCD)
install location: C:\Program Files\Elaborate Bytes\CloneCD
uninstall cmd: "C:\Program Files\Elaborate Bytes\CloneCD\ccd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneCD"
publisher: Elaborate Bytes
Capture My Screen 1 (CMS_is1)
install location: C:\Program Files\Namtuk\Capture My Screen\
uninstall cmd: "C:\Program Files\Namtuk\Capture My Screen\unins000.exe"
publisher: Namtuk
help link: http://www.namtuk.com/support.aspx
Codecs X264 (c) Ripp-it Te@m (Codecs X264 (c) Ripp-it Te@m)
uninstall cmd: C:\Program Files\Codecs X264\Uninstal.exe
(Connection Manager)
CoreAAC Audio Decoder (remove only) (CoreAAC Audio Decoder)
uninstall cmd: "C:\WINDOWS\system32\CoreAAC-uninstall.exe"
CoreVorbis Audio Decoder (remove only) (CoreVorbis Audio Decoder)
uninstall cmd: "C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
Cubis 2 Deluxe 1.3.0 (Cubis 2 Deluxe)
install location: C:\Program Files\Zylom Games\
uninstall cmd: "C:\Program Files\Zylom Games\Cubis 2 Deluxe\GameInstaller.exe" --uninstall UnInstall.log
publisher: Zylom Games
(DirectAnimation)
(DirectDrawEx)
DivX Codec 3.1alpha release (DIVXCodec)
uninstall cmd: C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivX.inf
(DXM_Runtime)
eDonkey2000 (eDonkey2000)
uninstall cmd: "C:\Program Files\eDonkey2000\uninstall_eDonkey2000.exe"
eMule (eMule)
uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"
Micro Application - Faire-Part (Faire-Part)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Faire-Part\Uninst.isu" -c"C:\Program Files\Micro Application\Faire-Part\_UNODBC.DLL"
ffdshow 20050119 (ffdshow)
install location: C:\WINDOWS\system32
uninstall cmd: "C:\WINDOWS\system32\uninstall.exe"
publisher: Milan Cutka
(Fontcore)
GSpot Codec Information Appliance (GSpot)
uninstall cmd: C:\Program Files\GSpot\Uninstall.exe
Handy Animated Emoticons version 2.30 2.30 (Handy Animated Emoticons_is1)
uninstall cmd: "C:\Program Files\Scorpio Software\Handy Animated Emoticons\unins000.exe"
publisher: Scorpio Software
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
Indispensables RV9/RV10 pour Ri4m (Indispensables RV9/RV10 pour Ri4m)
uninstall cmd: C:\Program Files\Ripp-it_AM\Uninstal_pack.exe
(InstallShield Uninstall Information)
Le Monde de Nemo 1.00.0000 (InstallShield_{3B26434C-FFA8-4A9C-A9C9-E8EE9C4E89D4})
version: 16777216
version (major): 1
estimated size: 562449
install date: 20050719
install source: C:\Program Files\eMule\Incoming\Le.Monde.De.Nemo-.Jeux.Pc-Fr\
uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3B26434C-FFA8-4A9C-A9C9-E8EE9C4E89D4} NemoADVUninstall
publisher: THQ
comments: -
contact: Assistance Clientèle
help link: http://www.thq.fr
help telephone: 08 25 06 90 51
readme: LisezMoi.txt
Kazaa Lite Resurrection 0.0.7.6 F 0.0.7.6 F (Kazaa Lite Resurrection_is1)
install location: C:\Program Files\Kazaa Lite Resurrection\
uninstall cmd: "C:\Program Files\Kazaa Lite Resurrection\unins000.exe"
publisher: Filesharingplace
help link: http://www.filesharingplace.com/forums/index.php?showforum=28
Microsoft Data Access Components KB870669 (KB870669)
uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB870669
Correctif Windows XP - KB873333 20050114.005213 (KB873333)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333
Correctif Windows XP - KB873339 20041117.092459 (KB873339)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339
(KB884016)
Correctif Windows XP - KB885835 20041027.181713 (KB885835)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835
Correctif Windows XP - KB885836 20041028.173203 (KB885836)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836
Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185
Correctif Windows XP - KB888302 20041207.111426 (KB888302)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302
Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046
Correctif Windows XP - KB890175 20041201.233338 (KB890175)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175
Correctif Windows XP - KB890859 1 (KB890859)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859
Correctif Windows XP - KB891781 20050110.165439 (KB891781)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781
Mise à jour de sécurité pour Windows XP (KB893066) 2 (KB893066)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066
Correctif Windows XP - KB893086 1 (KB893086)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086
Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756
Windows Installer 3.1 (KB893803) 3.1 (KB893803)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Mise à jour pour Windows XP (KB894391) 1 (KB894391)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391
Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358
Mise à jour de sécurité pour Windows XP (KB896422) 1 (KB896422)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422
Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423
Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428
Mise à jour pour Windows XP (KB896727) 1 (KB896727)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896727
Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587
Mise à jour de sécurité pour Windows XP (KB899588) 1 (KB899588)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899588
Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591
Mise à jour de sécurité pour Windows XP (KB903235) 1 (KB903235)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=903235
Dungeon Keeper Gold (Keeper)
uninstall cmd: C:\WINDOWS\unin040c.exe -fC:\WINDOWS\SYSTEM\KEEPER\DeIsL1.isu
Lame ACM MP3 Codec (LameACM)
uninstall cmd: C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
LiveReg (Symantec Corporation) 3.0.0 (LiveReg)
install location: C:\Program Files\Fichiers communs\Symantec Shared\LiveReg
uninstall cmd: C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
publisher: Symantec Corporation
LiveUpdate 2.6 (Symantec Corporation) 2.6.14.0 (LiveUpdate)
install location: C:\Program Files\Symantec\LiveUpdate
uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
publisher: Symantec Corporation
Macromedia Shockwave Player 10.1.0.11 (Macromedia Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
publisher: Macromedia, Inc.
help link: http://www.macromedia.com/fr/support/shockwave
MahJongg Fortuna Deluxe 1.0.1 (MahJongg Fortuna Deluxe)
install location: C:\Program Files\Zylom Games\
uninstall cmd: "C:\Program Files\Zylom Games\MahJongg Fortuna Deluxe\GameInstaller.exe" --uninstall UnInstall.log
publisher: Zylom Games
Matroska Pack (remove only) (Matroska Pack)
install location: C:\Program Files\Matroska Pack
uninstall cmd: C:\Program Files\Matroska Pack\Uninstall.exe
MatroskaProp (remove only) (MatroskaProp)
uninstall cmd: C:\Program Files\MatroskaProp\MatroskaProp-uninstall.exe
Maxi Puzzles 1.26 (Maxi Puzzles_is1)
uninstall cmd: "C:\Program Files\Micro Application\Maxi Puzzles\unins000.exe"
Micro Application - MediaDICO (MediaDICO)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\MediaDICO\Uninst.isu"
Messager Wanadoo (Messager Wanadoo.exe)
uninstall cmd: C:\PROGRA~1\MESSAG~1\Uninstall.exe
mIRC (mIRC)
uninstall cmd: "C:\Program Files\eMule\Incoming\harry potter la chambre des secrets jeux pc francais-TESTE TEAM DOW\mackao-script-pour venir sur le chat edonkey(super)\mackao-script\mackao-script.exe" -uninstall
(MobileOptionPack)
MountDaemon from GermanSoft (MountDaemon_is1)
install location: C:\Program Files\D-Tools\
uninstall cmd: "C:\Program Files\D-Tools\unins000.exe"
(MPlayer2)
MRT Codecs Pack (MRT Codecs Pack)
uninstall cmd: C:\Program Files\MRT Codecs Pack\Uninstall.exe
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
(MsJavaVM)
(MUSK Codec Pack v5)
(NetMeeting)
New.net Domains 6.38 6.38 (New.net)
version (major): 6
version (minor): 38
uninstall cmd: C:\WINDOWS\NDNUNI~1.EXE
publisher: New.net, Inc.
help link: http://www.new.net/help_faq.tp
NVIDIA Windows 2000/XP Display Drivers (NVIDIA)
uninstall cmd: rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvfs.inf
Direct Show Ogg Vorbis Filter (remove only) (OggDS)
uninstall cmd: "C:\WINDOWS\system32\OggDSuninst.exe"
(OutlookExpress)
(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
PrintMaster® Deluxe 8.0 (PrintMaster 8.0)
uninstall cmd: C:\WINDOWS\UNIN040C.EXE -f"C:\PROGRA~1\BRODER~1\PRINTM~1\DeIsL1.isu" -c"C:\PROGRA~1\BRODER~1\PRINTM~1\psfinst.dll"
Real Alternative 1.36 1.36 (RealAlt_is1)
install location: C:\Program Files\Real Alternative\
uninstall cmd: "C:\Program Files\Real Alternative\unins000.exe"
(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Ri4m v4.0.2c (Ri4m v4.0.2c)
uninstall cmd: C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ripp-It Codec Pack v 4.0.1 v 4.0.1 (Ripp-It Codec Pack)
uninstall cmd: C:\Program Files\Ripp-It Codec Pack\uninst.exe
publisher: Ripp-It Te@m
(SchedulingAgent)
Serif DrawPlus 3.0 (Serif DrawPlus 3.0)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Serif\dp30\DrawPlus_uninst.isu"
(Sevinst)
OutLaster (shhost)
uninstall cmd: C:\Program Files\OutLaster\un-shhost.exe
Shockwave (Shockwave)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
(ShockwaveFlash)
Smart Link 56K Modem (SLAMRMO)
uninstall cmd: C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
SLD CODEC PACK 1.5.3 (SLD CODEC PACK 1.5.3)
uninstall cmd: C:\Program Files\SLD CODEC PACK 1.5.3\uninstall.exe
Soleil (Soleil)
uninstall cmd: "C:\WINDOWS\uninstall Soleil.exe"
Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
Norton AntiVirus 2005 (Symantec Corporation) 11.0.6 (SymSetup.{C6F5B6CF-609C-428E-876F-CA83176C021B})
install location: C:\Program Files\Norton AntiVirus
install source: I:
uninstall cmd: C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe /X
publisher: Symantec Corporation
Themexp.org File (Themexp.org File)
uninstall cmd: C:\PROGRA~1\themexp\THEMEX~1.ORG\UNWISE.EXE C:\PROGRA~1\themexp\THEMEX~1.ORG\INSTALL.LOG
Microsoft Web Publishing Wizard 1.52 (WebPost)
uninstall cmd: RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Lecteur Windows Media 10 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 2 20040819.151636 (Windows XP Service Pack)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=811113
Archiveur WinRAR (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe
Sélecteur d'installation de Microsoft Works Suite 2003 (Works2003Setup)
uninstall cmd: C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe H:\
help link: http://www.microsoft.com/france/support/default.asp
x264 H.264/AVC CODEC (x264)
uninstall cmd: C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_x264 132 C:\WINDOWS\INF\x264vfw.inf
XviD Video Codec 22032003-1 (Koepi's developer build) (XviD)
uninstall cmd: "C:\Program Files\XviD\UninstXviD.exe"
XviD MPEG-4 Video Codec XviD-1.1.0-Beta1-16012005 (XviD_is1)
install location: C:\Program Files\XviD\
uninstall cmd: "C:\Program Files\XviD\unins000.exe"
publisher: XviD Team (Koepi)
help link: http://forum.doom9.org/forumdisplay.php?s=&forumid=52
Yahoo! Toolbar (Yahoo! Companion)
uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe
Yahoo! Toolbar (Yahoo! Toolbar)
Microsoft Office 2000 Small Business 9.00.2720 ({0003040C-78E1-11D2-B60F-006097C998E7})
version: 150997664
version (major): 9
estimated size: 99818
install date: 20050202
install source: H:\
uninstall cmd: MsiExec.exe /I{0003040C-78E1-11D2-B60F-006097C998E7}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office\ofread9.txt
Microsoft Money 11.0.100 ({01A2E33A-8ADA-42D1-9173-8F65149E952F})
version: 184549476
version (major): 11
estimated size: 49663
install date: 20050202
install source: H:\Money\
uninstall cmd: MsiExec.exe /I{01A2E33A-8ADA-42D1-9173-8F65149E952F}
publisher: Microsoft
comments: La base de données d'installation contient la logique et les données requises pour installer Money.
help link: http://www.microsoft.com/france/support
help telephone: http://www.microsoft.com/france/support
Extension Système de Microsoft Money 11.0.120 ({02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7})
version: 184549496
version (major): 11
estimated size: 6345
install date: 20050202
install source: H:\Money\
uninstall cmd: MsiExec.exe /I{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}
publisher: Microsoft
comments: Permet d'installer les composants système utilisés par Microsoft Money.
help link: http://www.microsoft.com/france/support
help telephone: http://www.microsoft.com/france/support
Encyclopédie Microsoft Encarta 2003 2003 ({03460014-3975-4267-9F39-1DC4745090B7})
version (major): 2003
version (minor): 2003
estimated size: 131242
install date: 20050202
install source: H:\
uninstall cmd: MsiExec.exe /I{03460014-3975-4267-9F39-1DC4745090B7}
publisher: Microsoft Corporation
help link: http://support.microsoft.com
Bob L'éponge - Le Film 1.0 ({11B2299E-2B79-495F-A022-1E2A8708DD0F})
version: 16777216
install location: C:\Program Files\THQ\Nick Games\Bob L'éponge\Le Film
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11B2299E-2B79-495F-A022-1E2A8708DD0F}\setup.exe" -l0x40c -uninst
Norton WMI Update 2005.1.2.20 ({1526D87C-A955-4FAB-BF18-697BA457E352})
version (major): 2005
version (minor): 1
estimated size: 2080
install date: 20050205
uninstall cmd: MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
publisher: Symantec Corporation
AutoUpdate 1.0 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX
7000 Lettres et Courriers Types ({1AB93ECB-2985-4CA8-807A-913AF340ABE8})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1AB93ECB-2985-4CA8-807A-913AF340ABE8}\SETUP.EXE" -l0x40c
Symantec 11.0.3 ({228F6876-A313-40A3-91C0-C3CBE6997D09})
version: 184549379
version (major): 11
estimated size: 2976
install date: 20050207
install source: I:\Support\MSRedist\
uninstall cmd: MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
publisher: Symantec Corp
Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Internet Worm Protection 11.0.6 ({2908F0CB-C1D4-447F-97A2-CFC135C9F8D4})
version: 184549382
version (major): 11
estimated size: 11397
install date: 20050207
install source: I:\NAV\
uninstall cmd: MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
publisher: Symantec Corp
SymNet 5.4.0 ({2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2})
version: 84148224
version (major): 5
version (minor): 4
estimated size: 20
install date: 20050207
install source: I:\Support\SymNet\
uninstall cmd: MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
publisher: Symantec Corporation
Norton AntiVirus Help 11.00.00 ({34EEB1F5-E939-40A1-A6BA-957282A4B2C8})
version: 184549376
version (major): 11
estimated size: 996
install date: 20050207
install source: I:\Support\Help\
uninstall cmd: MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
publisher: Symantec Corp.
WebFldrs XP 9.50.6513 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154278257
version (major): 9
version (minor): 50
estimated size: 2632
install date: 20050202
install source: C:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
Microsoft Picture It! Photo 7.0 7.0.0.0000 ({369B36BE-3D64-4641-9AEA-808D436FE132})
version: 117440512
version (major): 7
estimated size: 127781
install date: 20050202
install source: H:\pip\
uninstall cmd: MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132}
publisher: Microsoft Corporation
comments: Microsoft Picture It! Photo 7.0
help link: http://support.microsoft.com/default.aspx?LN=FR
help telephone:
Le Monde de Nemo 1.00.0000 ({3B26434C-FFA8-4A9C-A9C9-E8EE9C4E89D4})
version: 16777216
version (major): 1
estimated size: 562449
install date: 20050719
install source: C:\Program Files\eMule\Incoming\Le.Monde.De.Nemo-.Jeux.Pc-Fr\
publisher: THQ
comments: -
contact: Assistance Clientèle
help link: http://www.thq.fr
help telephone: 08 25 06 90 51
readme: LisezMoi.txt
Windows Genuine Advantage v1.3.0254.0 1.3.0254.0 ({63569CE9-FA00-469C-AF5C-E5D4D93ACF91})
version: 16974078
version (major): 1
version (minor): 3
estimated size: 519
install date: 20050730
uninstall cmd: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
publisher: Microsoft
comments: Your Comments
contact: Customer Support Department
help link: http://www.microsoft.com/genuine/downloads/whyValidate.aspx/help
help telephone: 1-425.882.8080
Microsoft Works 7.0 07.02.0000 ({64D114CE-4234-45C2-B60A-2B07D5A48F72})
version: 117571584
version (major): 7
version (minor): 2
estimated size: 196120
install date: 20050202
install source: H:\msworks\
uninstall cmd: MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
publisher: Microsoft Corporation
comments: Microsoft Works 7.0 installation.
help link: http://support.microsoft.com
help telephone:
Symantec Network Drivers Update 5.4.4.17 ({7169B8E4-2632-46B1-AA5F-167CB5FE5029})
version: 84148228
version (major): 5
version (minor): 4
estimated size: 2774
install date: 20050205
publisher: Symantec Corporation
SPBBC 1.00.0000 ({77772678-817F-4401-9301-ED1D01A8DA56})
version: 16777216
version (major): 1
estimated size: 1463
install date: 20050207
install location: C:\Program Files\Norton AntiVirus\
install source: I:\Support\SPBBC\
uninstall cmd: MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
publisher: Your Company Name
Bureau Médias de Kazaa 2.6.7 2.6.7 ({78903C42-CB0C-4B35-91A1-D4DEDD91F8CB})
version: 33947655
install location: C:\Program Files\Kazaa
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78903C42-CB0C-4B35-91A1-D4DEDD91F8CB}\Setup.exe" -l0x40c --AddRemove
DivX Pro Trial 5.2.1 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivXNetworks, Inc.
DivX Player 2.5.5 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.
Microsoft Office PowerPoint Viewer 2003 11.0.6458.0 ({90AF040C-6000-11D3-8CFE-0150048383C9})
version: 184555834
version (major): 11
estimated size: 4139
install date: 20050207
install location: C:\Program Files\Microsoft Office\
uninstall cmd: MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
Microsoft Word 2002 10.0.2627.5 ({911B040C-6000-11D3-8CFE-0050048383C9})
version: 167774787
version (major): 10
estimated size: 102302
install date: 20050821
install source: H:\MSWord\
uninstall cmd: MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM
InterVideo WinDVD 4 ({98E8A2EF-4EAE-43B8-A172-74842B764777})
version (major): 4
install location: C:\Program Files\InterVideo\WinDVD4
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
publisher: InterVideo Inc.
EPSON Scan Tool ({9F57DB08-26D6-11D6-8AA5-0000E22DA3A0})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F57DB08-26D6-11D6-8AA5-0000E22DA3A0}\setup.exe" -l0x40c
VP6 VFW Codec ({A23866A0-738B-4091-9924-0B0DE3988A15})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A23866A0-738B-4091-9924-0B0DE3988A15}\Setup.exe" -l0x9
Nero - Burning Rom 5.5.9 ({A4D7B764-4140-11D4-88EB-0050DA3579C0})
version: 84213769
version (major): 5
version (minor): 5
estimated size: 65880
install date: 20050202
install source: H:\Nero55\
uninstall cmd: MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
publisher: ahead software gmbh
contact: Hotline
help link: http://www.nero.com
help telephone: +49 (07248) 911-231
readme: 0
Norton AntiVirus 2005 11.0.6 ({C6F5B6CF-609C-428E-876F-CA83176C021B})
version: 184549382
version (major): 11
estimated size: 58948
install date: 20050207
install source: I:\NAV\
uninstall cmd: MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
publisher: Symantec Corporation
On2 VP3 Video for Windows Codec ({CF59708F-60F4-11D5-866A-00A0D2183227})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF59708F-60F4-11D5-866A-00A0D2183227}\Setup.exe" -l0x9
Norton AntiVirus SYMLT MSI 11.0.6 ({D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8})
version: 184549382
version (major): 11
estimated size: 1199
install date: 20050207
install source: I:\NAV\
uninstall cmd: MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
publisher: Symantec Corp.
Symantec Script Blocking Installer 11.0.6 ({D327AFC9-7BAA-473A-8319-6EB7A0D40138})
version: 184549382
version (major): 11
estimated size: 497
install date: 20050207
install source: I:\Support\ScrBlock\
uninstall cmd: MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
publisher: Symantec
Alcatel SpeedTouch USB Software ({D41FAAA9-8048-4906-86B2-9AADEA1FA0B7})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe" -Control_Panel
2000 Courriers Types ({D942D6EB-2DBE-4162-8DD8-2C2C1820C5D6})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D942D6EB-2DBE-4162-8DD8-2C2C1820C5D6}\SETUP.EXE" -l0x40c
ccCommon 103.0.1.26 ({DC367608-64A7-4BF7-92F4-8BAA25BA02DB})
version: 1728053249
version (major): 103
estimated size: 5774
install date: 20050207
install source: I:\Support\ccCommon\
uninstall cmd: MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
publisher: Symantec
OS Pack Works Suite 3.0.0.0000 ({E38D381A-ABCF-4D97-9D9C-B3A8529DCA15})
version: 50331648
version (major): 3
estimated size: 169
install date: 20050202
install source: H:\ospack\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/france
help telephone:
Norton AntiVirus Parent MSI 11.0.6 ({E5EE9939-259F-4DE2-8023-5C49E16A4F43})
version: 184549382
version (major): 11
estimated size: 709
install date: 20050207
install source: I:\NAV\
uninstall cmd: MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
publisher: Symantec Corp.
EasyCleaner 2.0.6.380 ({F5346614-B7C4-4E94-826A-E2363155233D})
version: 33554438
install location: C:\Program Files\ToniArts\EasyCleaner
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9
Norton WMI Update 2005.1.0.111 ({F64306A5-4C32-41bb-B153-53986527FAB4})
version (major): 2005
version (minor): 1
estimated size: 5
install date: 20050207
install source: I:\Support\SymSC\
uninstall cmd: MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
publisher: Symantec Corporation
Complément Microsoft Word pour Microsoft Works Suite 2.0.0.0000 ({F6B1CD0F-DB2D-4666-A168-C46390AD8C4A})
version: 33554432
version (major): 2
estimated size: 43794
install date: 20050202
install source: H:\WordAdd\
uninstall cmd: MsiExec.exe /I{F6B1CD0F-DB2D-4666-A168-C46390AD8C4A}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/support/works
help telephone:
Microsoft AutoRoute 2002 9.00.17.0200 ({F7F2DC0A-C22E-49AD-AD37-797309A54E7B})
version: 150994961
version (major): 9
estimated size: 197748
install date: 20050202
install location: C:\Program Files\Microsoft AutoRoute\
install source: H:\MSMap\
uninstall cmd: MsiExec.exe /I{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}
publisher: Microsoft
help link: http://www.Microsoft.com/support
--- System Services ---
Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0
Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1
Service (registry key): ACPI
Display name: Pilote ACPI Microsoft
Image path: System32\DRIVERS\ACPI.sys
Image size: 188672
Image MD5: 0BD94FBFC14EA3606CD6CA4C0255BAA3
Start: 0
Type: 1
Error Control: 1
Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1
Service (registry key): adpu160m
Start: 4
Type: 1
Error Control: 1
Service (registry key): aec
Display name: Suppresseur d'écho acoustique (Noyau Microsoft)
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 841F385C6CFAF66B58FBD898722BB4F0
Start: 3
Type: 1
Error Control: 1
Service (registry key): AFD
Display name: Environnement de prise en charge de réseau AFD
Description: Environnement de prise en charge de réseau AFD
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1
Service (registry key): Aha154x
Start: 4
Type: 1
Error Control: 1
Service (registry key): aic78u2
Start: 4
Type: 1
Error Control: 1
Service (registry key): aic78xx
Start: 4
Type: 1
Error Control: 1
Service (registry key): alcan5wn
Display name: Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
Image path: System32\DRIVERS\alcan5wn.sys
Image size: 53168
Image MD5: C7E217CD964D0067F18263429C87EC1B
Start: 3
Type: 1
Error Control: 1
Service (registry key): alcaudsl
Display name: Alcatel Speed Touch ADSL Modem ATM Transport
Image path: System32\DRIVERS\alcaudsl.sys
Image size: 743136
Image MD5: 8080B5EA17A763BBCE6C92BBC6CEEFE8
Start: 3
Type: 1
Error Control: 1
Service (registry key): ALCXWDM
Display name: Service for Realtek AC97 Audio (WDM)
Image path: system32\drivers\ALCXWDM.SYS
Image size: 696284
Image MD5: AE754B357EEFCD586B297DFF373122AE
Start: 3
Type: 1
Error Control: 1
Service (registry key): Alerter
Display name: Avertissement
Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation
Service (registry key): ALG
Display name: Service de la passerelle de la couche Application
Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: B43CC0F07752D456038CD0268E4D84E9
Start: 3
Type: 16
Error Control: 1
Service (registry key): AliIde
Start: 4
Type: 1
Error Control: 1
Service (registry key): AmdK7
Display name: Pilote de processeur AMD K7
Image path: System32\DRIVERS\amdk7.sys
Image size: 41600
Image MD5: C0F59933070392E662B3C2BB2BE77955
Start: 1
Type: 1
Error Control: 1
Service (registry key): amsint
Start: 4
Type: 1
Error Control: 1
Service (registry key): AppMgmt
Display name: Gestion d'applications
Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A60262
MyWay.MyBar: Netscape hook (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-1645522239-725345543-1004\Software\Netscape\Netscape Navigator\Automation Shutdown\MyWayToolBar.NetscapeShutdown.1
MyWay.MyBar: Netscape hook (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-1645522239-725345543-1004\Software\Netscape\Netscape Navigator\Automation Startup\MyWayToolBar.NetscapeStartup.1
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-1645522239-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3
Windows Security Center.AntiVirusDisableNotify: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
InstaFink: Groupe de programmes (Répertoire, nothing done)
C:\Program Files\INSTAFINK\
DoubleClick: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
ValueClick: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
FastClick: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
MediaPlex: Cookie traceur (Internet Explorer: patricia martron) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-08-24 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-08-19 Includes\Dialer.sbi (*)
2005-08-19 Includes\Hijackers.sbi (*)
2005-08-16 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-08-19 Includes\Malware.sbi (*)
2005-08-12 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-08-19 Includes\Security.sbi (*)
2005-08-16 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-08-19 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security Update for Microsoft Data Access Components
/ Internet Explorer 6 / SP1: Correctif Windows XP - KB883939
/ Internet Explorer 6 / SP1: Correctif Windows XP - KB889293
/ Internet Explorer 6 / SP1: Correctif Windows XP - KB890923
/ Outlook Express 6 / SP1: Correctif Windows XP - KB887797
/ Outlook Express 6 / SP1: Correctif Windows XP - KB897715
/ Windows Media Player: Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]
/ Windows Media Player / SP0: Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Correctif Windows XP - KB873333
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB883939)
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB885884
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Correctif Windows XP - KB887797
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890175
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066)
/ Windows XP / SP3: Correctif Windows XP - KB893086
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB896727)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899588)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB903235)
--- Startup entries list ---
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
file: C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
size: 58488
MD5: aab57694bc1e2b6a2c6f0a07eb4cc307
Located: HK_LM:Run, CloneCDElbyCDFL
command: "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
file: C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe
size: 45056
MD5: 56193bce4dfd8879aedeb26b71a0a583
Located: HK_LM:Run, CloneCDTray
command: "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
file: C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
size: 73728
MD5: 3b50055972861da5d5625cad1b11007e
Located: HK_LM:Run, DAEMON Tools-1033
command: "C:\Program Files\D-Tools\daemon.exe" -lang 1033
file:
Located: HK_LM:Run, load32
command:
file:
Located: HK_LM:Run, MessagerStarter Wanadoo
command: C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
file: C:\PROGRA~1\MESSAG~1\StartMessager.exe
size: 32768
MD5: d7d09a7bfca85dbe2af58ce639f00576
Located: HK_LM:Run, Microsoft Sound Driver
command: sound32.exe
file:
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
file: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 28672
MD5: 7ebfae0a6d73d2d9c9a970a80935fd8f
Located: HK_LM:Run, NeroCheck
command: C:\WINDOWS\System32\\NeroCheck.exe
file: C:\WINDOWS\System32\\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, Network Host Service
command: eaoaheb32.exe
file:
Located: HK_LM:Run, New.net Startup
command: rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
file:
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: cdd7140c0eaa754c527b983ccc9993cd
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 323584
MD5: 44dfa110b29cb827fd67a633e5783d22
Located: HK_LM:RunServices, Microsoft Sound Driver
command: sound32.exe
file:
Located: HK_LM:RunServices, Network Host Service
command: eaoaheb32.exe
file:
Located: HK_LM:RunServices, Task Help
command: wualcts.exe
file:
Located: HK_CU:Run, CTFMON.EXE
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64e41e8fee655b03e3f19ded21ba5118
Located: HK_CU:Run, Gadwin PrintScreen 3.0
command: C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
file:
Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Located: HK_CU:Run, NVIEW
command: rundll32.exe nview.dll,nViewLoadHook
file: C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: cdd7140c0eaa754c527b983ccc9993cd
Located: Démarrage (tous utilisateurs), InterVideo WinCinema Manager.lnk
command: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
file: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
size: 98304
MD5: b490339be6e041ded2a39cf55f2cecd1
Located: Démarrage (tous utilisateurs), Pense-bête.lnk
command: C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
file: C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
size: 335872
MD5: 891d34eec1f22db0eb2b0e303dd8bd00
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
--- ActiveX list ---
--- Process list ---
PID: 0 ( 0) [System]
PID: 460 ( 4) \SystemRoot\System32\smss.exe
PID: 528 ( 460) \??\C:\WINDOWS\system32\csrss.exe
PID: 552 ( 460) \??\C:\WINDOWS\system32\winlogon.exe
PID: 596 ( 552) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
PID: 608 ( 552) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 259AF82A0932EEA4F316F92DB94707B6
PID: 752 ( 596) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 808 ( 596) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 848 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 916 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 992 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1164 (1112) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 2A7BD330924252A2FD80344FC949BB72
PID: 1244 ( 596) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1344 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
size: 164984
MD5: 6940596C92520C4CD1E4D153F008C6DA
PID: 1404 ( 596) C:\Program Files\Norton AntiVirus\navapsvc.exe
size: 176768
MD5: FA3715EBD0E95D0814114DD423A9F783
PID: 1452 ( 596) C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
size: 46208
MD5: 1A6F1D5F7D05EA5CB3750270BCCFD5C5
PID: 1496 ( 596) C:\WINDOWS\System32\nvsvc32.exe
size: 65536
MD5: 88A4A3FF59821E7BECDC786F355FB56E
PID: 1588 ( 596) C:\WINDOWS\system32\slserv.exe
size: 45056
MD5: 687217654134680371EF23FAFC5EC96D
PID: 1604 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
size: 206552
MD5: 997BF60BEF992C61C3014EF5C56D93EA
PID: 1736 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
size: 173160
MD5: 08FA56B7C13B4CBF0E5D351AECAD92B1
PID: 1764 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 1784 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 822424
MD5: B6BF7DD619D045D0F999310882551B7D
PID: 1808 ( 596) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: AB0A7CA90D9E3D6A193905DC1715DED0
PID: 1864 ( 596) C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
size: 197752
MD5: F53038574574B37759FD029E9B891D8A
PID: 716 ( 596) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B43CC0F07752D456038CD0268E4D84E9
PID: 1968 (1164) C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 28672
MD5: 7EBFAE0A6D73D2D9C9A970A80935FD8F
PID: 2060 (1164) C:\PROGRA~1\MESSAG~1\StartMessager.exe
size: 32768
MD5: D7D09A7BFCA85DBE2AF58CE639F00576
PID: 2112 (1164) C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
size: 73728
MD5: 3B50055972861DA5D5625CAD1B11007E
PID: 2140 (1164) C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
size: 58488
MD5: AAB57694BC1E2B6A2C6F0A07EB4CC307
PID: 2148 (1164) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: CDD7140C0EAA754C527B983CCC9993CD
PID: 2216 (1164) C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
PID: 2224 (1164) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 64E41E8FEE655B03E3F19DED21BA5118
PID: 2248 (2156) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: CDD7140C0EAA754C527B983CCC9993CD
PID: 2464 (1164) C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
size: 98304
MD5: B490339BE6E041DED2A39CF55F2CECD1
PID: 2564 ( 596) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 2979B03D5382A602623C0535B16AB9C0
PID: 3148 (1164) C:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: 385D1644E676C96EB07848ADA63E37FA
PID: 4020 (3968) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24/08/2005 22:17:28
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\SYSTEM32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://wanadoo.fr/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\SYSTEM32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: New.net UDP Chain
GUID: {07785CE1-3852-11D5-9A70-0001031EA755}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Description: New.Net UDP chain
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net UDP Chain
Protocol 1: New.net TCP Chain
GUID: {F09D4560-0006-0026-9A6F-0001031EA788}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Protocol 19: New.net TCP Filter
GUID: {53D204E0-0006-0026-9A6F-0001031EA788}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Protocol 20: New.net UDP Filter
GUID: {07785CE0-3852-11D5-9A70-0001031EA755}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Description: New.Net UDP filter
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net UDP Filter
Namespace Provider 3: New.net Name Space Provider
GUID: {3B5F8060-1AE1-11D4-966F-00E018981B9E}
Filename: C:\Program Files\NewDotNet\newdotnet6_38.dll
Description: New.Net name space provider
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net Name Space Provider
--- Uninstall list ---
123 Free Solitaire 123 Free Solitaire 2004 (123 Free Solitaire)
uninstall cmd: C:\PROGRA~1\123FRE~1\UNWISE.EXE C:\PROGRA~1\123FRE~1\INSTALL.LOG
publisher: TreeCardGames.com
ABBYY FineReader 4.0 Sprint (ABBYY FineReader 4.0 Sprint)
uninstall cmd: C:\WINDOWS\bitdeins.exe C:\PROGRA~1\ABBYYF~1.0SP\bitdeins.ini
AC3Filter (remove only) (AC3Filter)
uninstall cmd: C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com
(AddressBook)
Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: C:\Program Files\Adobe\Acrobat 5.0
uninstall cmd: C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link: http://www.adobe.com/prodindex/acrobat/main.html
ArcSoft PhotoImpression 3.0 (ArcSoft PhotoImpression 3.0)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\ArcSoft\PhotoImpression\Uninst.isu"
Audiogalaxy Rhapsody (Audiogalaxy Rhapsody)
uninstall cmd: "C:\Program Files\Audiogalaxy Rhapsody\Unwise32.exe" C:\PROGRA~1\AUDIOG~1\Install.log
(Automap 9.0)
AviSynth 2.5 (AviSynth)
uninstall cmd: "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bejeweled 2 Deluxe (Bejeweled 2 Deluxe)
uninstall cmd: C:\WINDOWS\iun6002ev.exe "C:\Program Files\Bejeweled 2 Deluxe\irunin.ini"
(Branding)
Bubble Bobble World (Bubble Bobble World)
uninstall cmd: C:\WINDOWS\UnGins.exe "C:\Program Files\Bubble Bobble World\install.log"
BubbleBall (BubbleBall)
uninstall cmd: C:\Program Files\BubbleBall\SXUNINST.EXE
Canon S300 (CANONBJ_Deinstall_CNMCP38.DLL)
uninstall cmd: C:\WINDOWS\System32\CNMCP38.EXE -@C:\WINDOWS\IsUn040c.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\DeIsL1.isu" -pCanon S300-c"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\bjinst.dll
Casse-brique DELUXE (Casse-brique DELUXE)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Anuman Interactive\Casse-brique DELUXE\Uninst.isu"
CleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe
CloneCD (CloneCD)
install location: C:\Program Files\Elaborate Bytes\CloneCD
uninstall cmd: "C:\Program Files\Elaborate Bytes\CloneCD\ccd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneCD"
publisher: Elaborate Bytes
Capture My Screen 1 (CMS_is1)
install location: C:\Program Files\Namtuk\Capture My Screen\
uninstall cmd: "C:\Program Files\Namtuk\Capture My Screen\unins000.exe"
publisher: Namtuk
help link: http://www.namtuk.com/support.aspx
Codecs X264 (c) Ripp-it Te@m (Codecs X264 (c) Ripp-it Te@m)
uninstall cmd: C:\Program Files\Codecs X264\Uninstal.exe
(Connection Manager)
CoreAAC Audio Decoder (remove only) (CoreAAC Audio Decoder)
uninstall cmd: "C:\WINDOWS\system32\CoreAAC-uninstall.exe"
CoreVorbis Audio Decoder (remove only) (CoreVorbis Audio Decoder)
uninstall cmd: "C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
Cubis 2 Deluxe 1.3.0 (Cubis 2 Deluxe)
install location: C:\Program Files\Zylom Games\
uninstall cmd: "C:\Program Files\Zylom Games\Cubis 2 Deluxe\GameInstaller.exe" --uninstall UnInstall.log
publisher: Zylom Games
(DirectAnimation)
(DirectDrawEx)
DivX Codec 3.1alpha release (DIVXCodec)
uninstall cmd: C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivX.inf
(DXM_Runtime)
eDonkey2000 (eDonkey2000)
uninstall cmd: "C:\Program Files\eDonkey2000\uninstall_eDonkey2000.exe"
eMule (eMule)
uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"
Micro Application - Faire-Part (Faire-Part)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Faire-Part\Uninst.isu" -c"C:\Program Files\Micro Application\Faire-Part\_UNODBC.DLL"
ffdshow 20050119 (ffdshow)
install location: C:\WINDOWS\system32
uninstall cmd: "C:\WINDOWS\system32\uninstall.exe"
publisher: Milan Cutka
(Fontcore)
GSpot Codec Information Appliance (GSpot)
uninstall cmd: C:\Program Files\GSpot\Uninstall.exe
Handy Animated Emoticons version 2.30 2.30 (Handy Animated Emoticons_is1)
uninstall cmd: "C:\Program Files\Scorpio Software\Handy Animated Emoticons\unins000.exe"
publisher: Scorpio Software
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
Indispensables RV9/RV10 pour Ri4m (Indispensables RV9/RV10 pour Ri4m)
uninstall cmd: C:\Program Files\Ripp-it_AM\Uninstal_pack.exe
(InstallShield Uninstall Information)
Le Monde de Nemo 1.00.0000 (InstallShield_{3B26434C-FFA8-4A9C-A9C9-E8EE9C4E89D4})
version: 16777216
version (major): 1
estimated size: 562449
install date: 20050719
install source: C:\Program Files\eMule\Incoming\Le.Monde.De.Nemo-.Jeux.Pc-Fr\
uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3B26434C-FFA8-4A9C-A9C9-E8EE9C4E89D4} NemoADVUninstall
publisher: THQ
comments: -
contact: Assistance Clientèle
help link: http://www.thq.fr
help telephone: 08 25 06 90 51
readme: LisezMoi.txt
Kazaa Lite Resurrection 0.0.7.6 F 0.0.7.6 F (Kazaa Lite Resurrection_is1)
install location: C:\Program Files\Kazaa Lite Resurrection\
uninstall cmd: "C:\Program Files\Kazaa Lite Resurrection\unins000.exe"
publisher: Filesharingplace
help link: http://www.filesharingplace.com/forums/index.php?showforum=28
Microsoft Data Access Components KB870669 (KB870669)
uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB870669
Correctif Windows XP - KB873333 20050114.005213 (KB873333)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333
Correctif Windows XP - KB873339 20041117.092459 (KB873339)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339
(KB884016)
Correctif Windows XP - KB885835 20041027.181713 (KB885835)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835
Correctif Windows XP - KB885836 20041028.173203 (KB885836)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836
Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185
Correctif Windows XP - KB888302 20041207.111426 (KB888302)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302
Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046
Correctif Windows XP - KB890175 20041201.233338 (KB890175)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175
Correctif Windows XP - KB890859 1 (KB890859)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859
Correctif Windows XP - KB891781 20050110.165439 (KB891781)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781
Mise à jour de sécurité pour Windows XP (KB893066) 2 (KB893066)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066
Correctif Windows XP - KB893086 1 (KB893086)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086
Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756
Windows Installer 3.1 (KB893803) 3.1 (KB893803)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Mise à jour pour Windows XP (KB894391) 1 (KB894391)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391
Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358
Mise à jour de sécurité pour Windows XP (KB896422) 1 (KB896422)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422
Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423
Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
install date: 20050708
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428
Mise à jour pour Windows XP (KB896727) 1 (KB896727)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896727
Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587
Mise à jour de sécurité pour Windows XP (KB899588) 1 (KB899588)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899588
Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
install date: 20050811
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591
Mise à jour de sécurité pour Windows XP (KB903235) 1 (KB903235)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=903235
Dungeon Keeper Gold (Keeper)
uninstall cmd: C:\WINDOWS\unin040c.exe -fC:\WINDOWS\SYSTEM\KEEPER\DeIsL1.isu
Lame ACM MP3 Codec (LameACM)
uninstall cmd: C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
LiveReg (Symantec Corporation) 3.0.0 (LiveReg)
install location: C:\Program Files\Fichiers communs\Symantec Shared\LiveReg
uninstall cmd: C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
publisher: Symantec Corporation
LiveUpdate 2.6 (Symantec Corporation) 2.6.14.0 (LiveUpdate)
install location: C:\Program Files\Symantec\LiveUpdate
uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
publisher: Symantec Corporation
Macromedia Shockwave Player 10.1.0.11 (Macromedia Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
publisher: Macromedia, Inc.
help link: http://www.macromedia.com/fr/support/shockwave
MahJongg Fortuna Deluxe 1.0.1 (MahJongg Fortuna Deluxe)
install location: C:\Program Files\Zylom Games\
uninstall cmd: "C:\Program Files\Zylom Games\MahJongg Fortuna Deluxe\GameInstaller.exe" --uninstall UnInstall.log
publisher: Zylom Games
Matroska Pack (remove only) (Matroska Pack)
install location: C:\Program Files\Matroska Pack
uninstall cmd: C:\Program Files\Matroska Pack\Uninstall.exe
MatroskaProp (remove only) (MatroskaProp)
uninstall cmd: C:\Program Files\MatroskaProp\MatroskaProp-uninstall.exe
Maxi Puzzles 1.26 (Maxi Puzzles_is1)
uninstall cmd: "C:\Program Files\Micro Application\Maxi Puzzles\unins000.exe"
Micro Application - MediaDICO (MediaDICO)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\MediaDICO\Uninst.isu"
Messager Wanadoo (Messager Wanadoo.exe)
uninstall cmd: C:\PROGRA~1\MESSAG~1\Uninstall.exe
mIRC (mIRC)
uninstall cmd: "C:\Program Files\eMule\Incoming\harry potter la chambre des secrets jeux pc francais-TESTE TEAM DOW\mackao-script-pour venir sur le chat edonkey(super)\mackao-script\mackao-script.exe" -uninstall
(MobileOptionPack)
MountDaemon from GermanSoft (MountDaemon_is1)
install location: C:\Program Files\D-Tools\
uninstall cmd: "C:\Program Files\D-Tools\unins000.exe"
(MPlayer2)
MRT Codecs Pack (MRT Codecs Pack)
uninstall cmd: C:\Program Files\MRT Codecs Pack\Uninstall.exe
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
(MsJavaVM)
(MUSK Codec Pack v5)
(NetMeeting)
New.net Domains 6.38 6.38 (New.net)
version (major): 6
version (minor): 38
uninstall cmd: C:\WINDOWS\NDNUNI~1.EXE
publisher: New.net, Inc.
help link: http://www.new.net/help_faq.tp
NVIDIA Windows 2000/XP Display Drivers (NVIDIA)
uninstall cmd: rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvfs.inf
Direct Show Ogg Vorbis Filter (remove only) (OggDS)
uninstall cmd: "C:\WINDOWS\system32\OggDSuninst.exe"
(OutlookExpress)
(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
PrintMaster® Deluxe 8.0 (PrintMaster 8.0)
uninstall cmd: C:\WINDOWS\UNIN040C.EXE -f"C:\PROGRA~1\BRODER~1\PRINTM~1\DeIsL1.isu" -c"C:\PROGRA~1\BRODER~1\PRINTM~1\psfinst.dll"
Real Alternative 1.36 1.36 (RealAlt_is1)
install location: C:\Program Files\Real Alternative\
uninstall cmd: "C:\Program Files\Real Alternative\unins000.exe"
(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Ri4m v4.0.2c (Ri4m v4.0.2c)
uninstall cmd: C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ripp-It Codec Pack v 4.0.1 v 4.0.1 (Ripp-It Codec Pack)
uninstall cmd: C:\Program Files\Ripp-It Codec Pack\uninst.exe
publisher: Ripp-It Te@m
(SchedulingAgent)
Serif DrawPlus 3.0 (Serif DrawPlus 3.0)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Serif\dp30\DrawPlus_uninst.isu"
(Sevinst)
OutLaster (shhost)
uninstall cmd: C:\Program Files\OutLaster\un-shhost.exe
Shockwave (Shockwave)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
(ShockwaveFlash)
Smart Link 56K Modem (SLAMRMO)
uninstall cmd: C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
SLD CODEC PACK 1.5.3 (SLD CODEC PACK 1.5.3)
uninstall cmd: C:\Program Files\SLD CODEC PACK 1.5.3\uninstall.exe
Soleil (Soleil)
uninstall cmd: "C:\WINDOWS\uninstall Soleil.exe"
Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
Norton AntiVirus 2005 (Symantec Corporation) 11.0.6 (SymSetup.{C6F5B6CF-609C-428E-876F-CA83176C021B})
install location: C:\Program Files\Norton AntiVirus
install source: I:
uninstall cmd: C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe /X
publisher: Symantec Corporation
Themexp.org File (Themexp.org File)
uninstall cmd: C:\PROGRA~1\themexp\THEMEX~1.ORG\UNWISE.EXE C:\PROGRA~1\themexp\THEMEX~1.ORG\INSTALL.LOG
Microsoft Web Publishing Wizard 1.52 (WebPost)
uninstall cmd: RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Lecteur Windows Media 10 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 2 20040819.151636 (Windows XP Service Pack)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=811113
Archiveur WinRAR (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe
Sélecteur d'installation de Microsoft Works Suite 2003 (Works2003Setup)
uninstall cmd: C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe H:\
help link: http://www.microsoft.com/france/support/default.asp
x264 H.264/AVC CODEC (x264)
uninstall cmd: C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_x264 132 C:\WINDOWS\INF\x264vfw.inf
XviD Video Codec 22032003-1 (Koepi's developer build) (XviD)
uninstall cmd: "C:\Program Files\XviD\UninstXviD.exe"
XviD MPEG-4 Video Codec XviD-1.1.0-Beta1-16012005 (XviD_is1)
install location: C:\Program Files\XviD\
uninstall cmd: "C:\Program Files\XviD\unins000.exe"
publisher: XviD Team (Koepi)
help link: http://forum.doom9.org/forumdisplay.php?s=&forumid=52
Yahoo! Toolbar (Yahoo! Companion)
uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe
Yahoo! Toolbar (Yahoo! Toolbar)
Microsoft Office 2000 Small Business 9.00.2720 ({0003040C-78E1-11D2-B60F-006097C998E7})
version: 150997664
version (major): 9
estimated size: 99818
install date: 20050202
install source: H:\
uninstall cmd: MsiExec.exe /I{0003040C-78E1-11D2-B60F-006097C998E7}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office\ofread9.txt
Microsoft Money 11.0.100 ({01A2E33A-8ADA-42D1-9173-8F65149E952F})
version: 184549476
version (major): 11
estimated size: 49663
install date: 20050202
install source: H:\Money\
uninstall cmd: MsiExec.exe /I{01A2E33A-8ADA-42D1-9173-8F65149E952F}
publisher: Microsoft
comments: La base de données d'installation contient la logique et les données requises pour installer Money.
help link: http://www.microsoft.com/france/support
help telephone: http://www.microsoft.com/france/support
Extension Système de Microsoft Money 11.0.120 ({02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7})
version: 184549496
version (major): 11
estimated size: 6345
install date: 20050202
install source: H:\Money\
uninstall cmd: MsiExec.exe /I{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}
publisher: Microsoft
comments: Permet d'installer les composants système utilisés par Microsoft Money.
help link: http://www.microsoft.com/france/support
help telephone: http://www.microsoft.com/france/support
Encyclopédie Microsoft Encarta 2003 2003 ({03460014-3975-4267-9F39-1DC4745090B7})
version (major): 2003
version (minor): 2003
estimated size: 131242
install date: 20050202
install source: H:\
uninstall cmd: MsiExec.exe /I{03460014-3975-4267-9F39-1DC4745090B7}
publisher: Microsoft Corporation
help link: http://support.microsoft.com
Bob L'éponge - Le Film 1.0 ({11B2299E-2B79-495F-A022-1E2A8708DD0F})
version: 16777216
install location: C:\Program Files\THQ\Nick Games\Bob L'éponge\Le Film
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11B2299E-2B79-495F-A022-1E2A8708DD0F}\setup.exe" -l0x40c -uninst
Norton WMI Update 2005.1.2.20 ({1526D87C-A955-4FAB-BF18-697BA457E352})
version (major): 2005
version (minor): 1
estimated size: 2080
install date: 20050205
uninstall cmd: MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
publisher: Symantec Corporation
AutoUpdate 1.0 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX
7000 Lettres et Courriers Types ({1AB93ECB-2985-4CA8-807A-913AF340ABE8})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1AB93ECB-2985-4CA8-807A-913AF340ABE8}\SETUP.EXE" -l0x40c
Symantec 11.0.3 ({228F6876-A313-40A3-91C0-C3CBE6997D09})
version: 184549379
version (major): 11
estimated size: 2976
install date: 20050207
install source: I:\Support\MSRedist\
uninstall cmd: MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
publisher: Symantec Corp
Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Internet Worm Protection 11.0.6 ({2908F0CB-C1D4-447F-97A2-CFC135C9F8D4})
version: 184549382
version (major): 11
estimated size: 11397
install date: 20050207
install source: I:\NAV\
uninstall cmd: MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
publisher: Symantec Corp
SymNet 5.4.0 ({2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2})
version: 84148224
version (major): 5
version (minor): 4
estimated size: 20
install date: 20050207
install source: I:\Support\SymNet\
uninstall cmd: MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
publisher: Symantec Corporation
Norton AntiVirus Help 11.00.00 ({34EEB1F5-E939-40A1-A6BA-957282A4B2C8})
version: 184549376
version (major): 11
estimated size: 996
install date: 20050207
install source: I:\Support\Help\
uninstall cmd: MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
publisher: Symantec Corp.
WebFldrs XP 9.50.6513 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154278257
version (major): 9
version (minor): 50
estimated size: 2632
install date: 20050202
install source: C:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
Microsoft Picture It! Photo 7.0 7.0.0.0000 ({369B36BE-3D64-4641-9AEA-808D436FE132})
version: 117440512
version (major): 7
estimated size: 127781
install date: 20050202
install source: H:\pip\
uninstall cmd: MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132}
publisher: Microsoft Corporation
comments: Microsoft Picture It! Photo 7.0
help link: http://support.microsoft.com/default.aspx?LN=FR
help telephone:
Le Monde de Nemo 1.00.0000 ({3B26434C-FFA8-4A9C-A9C9-E8EE9C4E89D4})
version: 16777216
version (major): 1
estimated size: 562449
install date: 20050719
install source: C:\Program Files\eMule\Incoming\Le.Monde.De.Nemo-.Jeux.Pc-Fr\
publisher: THQ
comments: -
contact: Assistance Clientèle
help link: http://www.thq.fr
help telephone: 08 25 06 90 51
readme: LisezMoi.txt
Windows Genuine Advantage v1.3.0254.0 1.3.0254.0 ({63569CE9-FA00-469C-AF5C-E5D4D93ACF91})
version: 16974078
version (major): 1
version (minor): 3
estimated size: 519
install date: 20050730
uninstall cmd: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
publisher: Microsoft
comments: Your Comments
contact: Customer Support Department
help link: http://www.microsoft.com/genuine/downloads/whyValidate.aspx/help
help telephone: 1-425.882.8080
Microsoft Works 7.0 07.02.0000 ({64D114CE-4234-45C2-B60A-2B07D5A48F72})
version: 117571584
version (major): 7
version (minor): 2
estimated size: 196120
install date: 20050202
install source: H:\msworks\
uninstall cmd: MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
publisher: Microsoft Corporation
comments: Microsoft Works 7.0 installation.
help link: http://support.microsoft.com
help telephone:
Symantec Network Drivers Update 5.4.4.17 ({7169B8E4-2632-46B1-AA5F-167CB5FE5029})
version: 84148228
version (major): 5
version (minor): 4
estimated size: 2774
install date: 20050205
publisher: Symantec Corporation
SPBBC 1.00.0000 ({77772678-817F-4401-9301-ED1D01A8DA56})
version: 16777216
version (major): 1
estimated size: 1463
install date: 20050207
install location: C:\Program Files\Norton AntiVirus\
install source: I:\Support\SPBBC\
uninstall cmd: MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
publisher: Your Company Name
Bureau Médias de Kazaa 2.6.7 2.6.7 ({78903C42-CB0C-4B35-91A1-D4DEDD91F8CB})
version: 33947655
install location: C:\Program Files\Kazaa
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78903C42-CB0C-4B35-91A1-D4DEDD91F8CB}\Setup.exe" -l0x40c --AddRemove
DivX Pro Trial 5.2.1 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivXNetworks, Inc.
DivX Player 2.5.5 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.
Microsoft Office PowerPoint Viewer 2003 11.0.6458.0 ({90AF040C-6000-11D3-8CFE-0150048383C9})
version: 184555834
version (major): 11
estimated size: 4139
install date: 20050207
install location: C:\Program Files\Microsoft Office\
uninstall cmd: MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
Microsoft Word 2002 10.0.2627.5 ({911B040C-6000-11D3-8CFE-0050048383C9})
version: 167774787
version (major): 10
estimated size: 102302
install date: 20050821
install source: H:\MSWord\
uninstall cmd: MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM
InterVideo WinDVD 4 ({98E8A2EF-4EAE-43B8-A172-74842B764777})
version (major): 4
install location: C:\Program Files\InterVideo\WinDVD4
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
publisher: InterVideo Inc.
EPSON Scan Tool ({9F57DB08-26D6-11D6-8AA5-0000E22DA3A0})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F57DB08-26D6-11D6-8AA5-0000E22DA3A0}\setup.exe" -l0x40c
VP6 VFW Codec ({A23866A0-738B-4091-9924-0B0DE3988A15})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A23866A0-738B-4091-9924-0B0DE3988A15}\Setup.exe" -l0x9
Nero - Burning Rom 5.5.9 ({A4D7B764-4140-11D4-88EB-0050DA3579C0})
version: 84213769
version (major): 5
version (minor): 5
estimated size: 65880
install date: 20050202
install source: H:\Nero55\
uninstall cmd: MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
publisher: ahead software gmbh
contact: Hotline
help link: http://www.nero.com
help telephone: +49 (07248) 911-231
readme: 0
Norton AntiVirus 2005 11.0.6 ({C6F5B6CF-609C-428E-876F-CA83176C021B})
version: 184549382
version (major): 11
estimated size: 58948
install date: 20050207
install source: I:\NAV\
uninstall cmd: MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
publisher: Symantec Corporation
On2 VP3 Video for Windows Codec ({CF59708F-60F4-11D5-866A-00A0D2183227})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF59708F-60F4-11D5-866A-00A0D2183227}\Setup.exe" -l0x9
Norton AntiVirus SYMLT MSI 11.0.6 ({D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8})
version: 184549382
version (major): 11
estimated size: 1199
install date: 20050207
install source: I:\NAV\
uninstall cmd: MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
publisher: Symantec Corp.
Symantec Script Blocking Installer 11.0.6 ({D327AFC9-7BAA-473A-8319-6EB7A0D40138})
version: 184549382
version (major): 11
estimated size: 497
install date: 20050207
install source: I:\Support\ScrBlock\
uninstall cmd: MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
publisher: Symantec
Alcatel SpeedTouch USB Software ({D41FAAA9-8048-4906-86B2-9AADEA1FA0B7})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe" -Control_Panel
2000 Courriers Types ({D942D6EB-2DBE-4162-8DD8-2C2C1820C5D6})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D942D6EB-2DBE-4162-8DD8-2C2C1820C5D6}\SETUP.EXE" -l0x40c
ccCommon 103.0.1.26 ({DC367608-64A7-4BF7-92F4-8BAA25BA02DB})
version: 1728053249
version (major): 103
estimated size: 5774
install date: 20050207
install source: I:\Support\ccCommon\
uninstall cmd: MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
publisher: Symantec
OS Pack Works Suite 3.0.0.0000 ({E38D381A-ABCF-4D97-9D9C-B3A8529DCA15})
version: 50331648
version (major): 3
estimated size: 169
install date: 20050202
install source: H:\ospack\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/france
help telephone:
Norton AntiVirus Parent MSI 11.0.6 ({E5EE9939-259F-4DE2-8023-5C49E16A4F43})
version: 184549382
version (major): 11
estimated size: 709
install date: 20050207
install source: I:\NAV\
uninstall cmd: MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
publisher: Symantec Corp.
EasyCleaner 2.0.6.380 ({F5346614-B7C4-4E94-826A-E2363155233D})
version: 33554438
install location: C:\Program Files\ToniArts\EasyCleaner
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9
Norton WMI Update 2005.1.0.111 ({F64306A5-4C32-41bb-B153-53986527FAB4})
version (major): 2005
version (minor): 1
estimated size: 5
install date: 20050207
install source: I:\Support\SymSC\
uninstall cmd: MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
publisher: Symantec Corporation
Complément Microsoft Word pour Microsoft Works Suite 2.0.0.0000 ({F6B1CD0F-DB2D-4666-A168-C46390AD8C4A})
version: 33554432
version (major): 2
estimated size: 43794
install date: 20050202
install source: H:\WordAdd\
uninstall cmd: MsiExec.exe /I{F6B1CD0F-DB2D-4666-A168-C46390AD8C4A}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/support/works
help telephone:
Microsoft AutoRoute 2002 9.00.17.0200 ({F7F2DC0A-C22E-49AD-AD37-797309A54E7B})
version: 150994961
version (major): 9
estimated size: 197748
install date: 20050202
install location: C:\Program Files\Microsoft AutoRoute\
install source: H:\MSMap\
uninstall cmd: MsiExec.exe /I{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}
publisher: Microsoft
help link: http://www.Microsoft.com/support
--- System Services ---
Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0
Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1
Service (registry key): ACPI
Display name: Pilote ACPI Microsoft
Image path: System32\DRIVERS\ACPI.sys
Image size: 188672
Image MD5: 0BD94FBFC14EA3606CD6CA4C0255BAA3
Start: 0
Type: 1
Error Control: 1
Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1
Service (registry key): adpu160m
Start: 4
Type: 1
Error Control: 1
Service (registry key): aec
Display name: Suppresseur d'écho acoustique (Noyau Microsoft)
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 841F385C6CFAF66B58FBD898722BB4F0
Start: 3
Type: 1
Error Control: 1
Service (registry key): AFD
Display name: Environnement de prise en charge de réseau AFD
Description: Environnement de prise en charge de réseau AFD
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1
Service (registry key): Aha154x
Start: 4
Type: 1
Error Control: 1
Service (registry key): aic78u2
Start: 4
Type: 1
Error Control: 1
Service (registry key): aic78xx
Start: 4
Type: 1
Error Control: 1
Service (registry key): alcan5wn
Display name: Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
Image path: System32\DRIVERS\alcan5wn.sys
Image size: 53168
Image MD5: C7E217CD964D0067F18263429C87EC1B
Start: 3
Type: 1
Error Control: 1
Service (registry key): alcaudsl
Display name: Alcatel Speed Touch ADSL Modem ATM Transport
Image path: System32\DRIVERS\alcaudsl.sys
Image size: 743136
Image MD5: 8080B5EA17A763BBCE6C92BBC6CEEFE8
Start: 3
Type: 1
Error Control: 1
Service (registry key): ALCXWDM
Display name: Service for Realtek AC97 Audio (WDM)
Image path: system32\drivers\ALCXWDM.SYS
Image size: 696284
Image MD5: AE754B357EEFCD586B297DFF373122AE
Start: 3
Type: 1
Error Control: 1
Service (registry key): Alerter
Display name: Avertissement
Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 2979B03D5382A602623C0535B16AB9C0
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation
Service (registry key): ALG
Display name: Service de la passerelle de la couche Application
Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: B43CC0F07752D456038CD0268E4D84E9
Start: 3
Type: 16
Error Control: 1
Service (registry key): AliIde
Start: 4
Type: 1
Error Control: 1
Service (registry key): AmdK7
Display name: Pilote de processeur AMD K7
Image path: System32\DRIVERS\amdk7.sys
Image size: 41600
Image MD5: C0F59933070392E662B3C2BB2BE77955
Start: 1
Type: 1
Error Control: 1
Service (registry key): amsint
Start: 4
Type: 1
Error Control: 1
Service (registry key): AppMgmt
Display name: Gestion d'applications
Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 2979B03D5382A60262
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
25 août 2005 à 10:25
25 août 2005 à 10:25
Logfile of HijackThis v1.99.1
Scan saved at 10:20:41, on 25/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Network Host Service] eaoaheb32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Sound Driver] sound32.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\RunServices: [Network Host Service] eaoaheb32.exe
O4 - HKLM\..\RunServices: [Microsoft Sound Driver] sound32.exe
O4 - HKLM\..\RunServices: [Task Help] wualcts.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZB
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA96DB13-C336-43E3-AF9F-38B070ED6E8D}: NameServer = 80.10.246.1 80.10.246.132
O18 - Filter: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - (no file)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Scan saved at 10:20:41, on 25/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Network Host Service] eaoaheb32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Sound Driver] sound32.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\RunServices: [Network Host Service] eaoaheb32.exe
O4 - HKLM\..\RunServices: [Microsoft Sound Driver] sound32.exe
O4 - HKLM\..\RunServices: [Task Help] wualcts.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZB
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA96DB13-C336-43E3-AF9F-38B070ED6E8D}: NameServer = 80.10.246.1 80.10.246.132
O18 - Filter: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - (no file)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
<a href="http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl">cialis</a>
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
<a href="http://technorati.com/posts/tag/Buy+Genuine+Levitra+Online.+FDA+Approved+Pharmacy.+xlevitraonline">levitra</a>
http://technorati.com/posts/tag/Buy+Genuine+Levitra+Online.+FDA+Approved+Pharmacy.+xlevitraonline
[url=http://technorati.com/posts/tag/Buy+Genuine+Levitra+Online.+FDA+Approved+Pharmacy.+xlevitraonline]levitra[/url]
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
<a href="http://technorati.com/posts/tag/Buy+Genuine+Levitra+Online.+FDA+Approved+Pharmacy.+xlevitraonline">levitra</a>
http://technorati.com/posts/tag/Buy+Genuine+Levitra+Online.+FDA+Approved+Pharmacy.+xlevitraonline
[url=http://technorati.com/posts/tag/Buy+Genuine+Levitra+Online.+FDA+Approved+Pharmacy.+xlevitraonline]levitra[/url]
Utilisateur anonyme
25 août 2005 à 13:49
25 août 2005 à 13:49
Bonjour,
Méthode à suivre dans l'ordre...
----------------------------------------------------------------------------
¤Télécharge ces logiciels mais que tu n‘utilises pas tout de suite:
1/Spybot S&D 1.4 <<nouvelle version
http://www.safer-networking.org/fr/index.html
Démo d’utilisation (merci à Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
2/Ad-Aware SE 1.06 <<nouvelle version
http://www.lavasoftusa.com/software/adaware/
-Une aide:
http://www.tutopat.com/viewtopic.php?t=1191
- installe le patch français, tu pourras le trouver ici:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/adawrevid.asf
3/Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci à Balltrap34)
http://pageperso.aol.fr/balltrap34/democleanup.htm
Ces 3 logiciels ont les utiliseras plus tard
********
4/Pour new net
telecharge ceci
http://www.new.net/support/uninstall6_76.exe
Execute le et suis la procedure maintenant !
Une fois tu as utiliser celui la, suis ce que je te met ensuite:
----------------------------------------------------------------------------
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5)
----------------------------------------------------------------------------
¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage
Coche « afficher les fichiers et dossiers cachés »
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.
Et appliquer !
----------------------------------------------------------------------------
¤Vide tes fichiers temps et tempory internet file:
utilise ceci pour le faire (tu as téléchargé avant)
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
----------------------------------------------------------------------------
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :
O4 - HKLM\..\Run: [Network Host Service] eaoaheb32.exe
O4 - HKLM\..\Run: [Microsoft Sound Driver] sound32.exe
O4 - HKLM\..\RunServices: [Network Host Service] eaoaheb32.exe
O4 - HKLM\..\RunServices: [Microsoft Sound Driver] sound32.exe
O4 - HKLM\..\RunServices: [Task Help] wualcts.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZB
O18 - Filter: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - (no file)
----------------------------------------------------------------------------
¤Recherche et supprime ceci:
attention seulement les fichiers (si présents)
sound32.exe
eaoaheb32.exe
wualcts.exe
----------------------------------------------------------------------------
¤ Passe Ad-Aware et vire tout ce qu’il trouve
----------------------------------------------------------------------------
¤ Passe Spybot et vire tout ce qu’il trouve
----------------------------------------------------------------------------
> Tu vides ta poubelle et tu redémarres en mode normal et refait un HijackThis
Précise tes soucis s’il en reste....
Tiens-moi au courant
a+
Méthode à suivre dans l'ordre...
----------------------------------------------------------------------------
¤Télécharge ces logiciels mais que tu n‘utilises pas tout de suite:
1/Spybot S&D 1.4 <<nouvelle version
http://www.safer-networking.org/fr/index.html
Démo d’utilisation (merci à Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
2/Ad-Aware SE 1.06 <<nouvelle version
http://www.lavasoftusa.com/software/adaware/
-Une aide:
http://www.tutopat.com/viewtopic.php?t=1191
- installe le patch français, tu pourras le trouver ici:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/adawrevid.asf
3/Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci à Balltrap34)
http://pageperso.aol.fr/balltrap34/democleanup.htm
Ces 3 logiciels ont les utiliseras plus tard
********
4/Pour new net
telecharge ceci
http://www.new.net/support/uninstall6_76.exe
Execute le et suis la procedure maintenant !
Une fois tu as utiliser celui la, suis ce que je te met ensuite:
----------------------------------------------------------------------------
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5)
----------------------------------------------------------------------------
¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage
Coche « afficher les fichiers et dossiers cachés »
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.
Et appliquer !
----------------------------------------------------------------------------
¤Vide tes fichiers temps et tempory internet file:
utilise ceci pour le faire (tu as téléchargé avant)
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
----------------------------------------------------------------------------
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :
O4 - HKLM\..\Run: [Network Host Service] eaoaheb32.exe
O4 - HKLM\..\Run: [Microsoft Sound Driver] sound32.exe
O4 - HKLM\..\RunServices: [Network Host Service] eaoaheb32.exe
O4 - HKLM\..\RunServices: [Microsoft Sound Driver] sound32.exe
O4 - HKLM\..\RunServices: [Task Help] wualcts.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZB
O18 - Filter: text/html - {03974811-C15F-462c-B6B0-2D2336AA57D0} - (no file)
----------------------------------------------------------------------------
¤Recherche et supprime ceci:
attention seulement les fichiers (si présents)
sound32.exe
eaoaheb32.exe
wualcts.exe
----------------------------------------------------------------------------
¤ Passe Ad-Aware et vire tout ce qu’il trouve
----------------------------------------------------------------------------
¤ Passe Spybot et vire tout ce qu’il trouve
----------------------------------------------------------------------------
> Tu vides ta poubelle et tu redémarres en mode normal et refait un HijackThis
Précise tes soucis s’il en reste....
Tiens-moi au courant
a+
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
25 août 2005 à 20:33
25 août 2005 à 20:33
tout c'est bien passé comme dans le forum sauf quand tu dis supprime sound32.exe
eaoaheb32.exe
wuaicts.exe la j'ai rien trouvé ,j'ai passé ad-aware et viré,spybot et viré et dans la corbeille il n'y avait rien à viré ,refait hijackthis et voila Logfile of HijackThis v1.99.1
Scan saved at 20:18:47, on 25/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Est-ce que c'est bon reste t-il des traces de virus
Merci
eaoaheb32.exe
wuaicts.exe la j'ai rien trouvé ,j'ai passé ad-aware et viré,spybot et viré et dans la corbeille il n'y avait rien à viré ,refait hijackthis et voila Logfile of HijackThis v1.99.1
Scan saved at 20:18:47, on 25/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Est-ce que c'est bon reste t-il des traces de virus
Merci
Utilisateur anonyme
25 août 2005 à 21:45
25 août 2005 à 21:45
re
6/Pour LspFix :
http://translate.google.com/translate?hl=fr&sl=en&u=http://www.cexx.org/lspfix.htm&prev=/search%3Fq%3Dlspfix%26num%3D100%26hl%3Dfr%26lr%3D%26ie%3DUTF-8
http://www.cexx.org/LSPFix.exe
Tu le lances.
Tu coches "I know what I'm doing"
Tu fais passer dans "remove" tout ce qui a trait à newdotnet
Et surtout rien d'autre!
Tu cliques "finish »
Redemarre et remet un hijack this
a+
6/Pour LspFix :
http://translate.google.com/translate?hl=fr&sl=en&u=http://www.cexx.org/lspfix.htm&prev=/search%3Fq%3Dlspfix%26num%3D100%26hl%3Dfr%26lr%3D%26ie%3DUTF-8
http://www.cexx.org/LSPFix.exe
Tu le lances.
Tu coches "I know what I'm doing"
Tu fais passer dans "remove" tout ce qui a trait à newdotnet
Et surtout rien d'autre!
Tu cliques "finish »
Redemarre et remet un hijack this
a+
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
27 août 2005 à 12:10
27 août 2005 à 12:10
Salut regis59
As tu eu mon dernier scan ,car tu ne m'as pas repondu est-ce que je suis debarrassée de cette vilaine bête
Merci
As tu eu mon dernier scan ,car tu ne m'as pas repondu est-ce que je suis debarrassée de cette vilaine bête
Merci
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
26 août 2005 à 09:01
26 août 2005 à 09:01
c'est faitLogfile of HijackThis v1.99.1
Scan saved at 08:54:53, on 26/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
il y a t-il quelque chose de change j'ai l'impression que c'est pareil
Scan saved at 08:54:53, on 26/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
il y a t-il quelque chose de change j'ai l'impression que c'est pareil
Real Mona
Messages postés
1432
Date d'inscription
jeudi 1 juillet 2004
Statut
Membre
Dernière intervention
9 août 2016
94
27 août 2005 à 12:34
27 août 2005 à 12:34
Bonjour,
Il semblerait, soit que tu n'ais pas utilisé Lspfix, soit que ca n'ait pas marché... peux tu le (re)faire s'il te plait ?
Et relance HijackThis coche et fixe :
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
Tiens moi au courant
M.
Il semblerait, soit que tu n'ais pas utilisé Lspfix, soit que ca n'ait pas marché... peux tu le (re)faire s'il te plait ?
Et relance HijackThis coche et fixe :
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
Tiens moi au courant
M.
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
27 août 2005 à 13:22
27 août 2005 à 13:22
Quest-ce que tu appel Lspfix
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
27 août 2005 à 14:27
27 août 2005 à 14:27
j'ai fais lspfix
http://img376.imageshack.us/img376/7576/lspfix1cr.jpg
j'ai refais hijack
http://img376.imageshack.us/img376/1434/hich9zp.jpg j'ai repondu oui
le resultat
Logfile of HijackThis v1.99.1
Scan saved at 14:22:54, on 27/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\eDonkey2000\edonkey2000.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Micro Application\MediaDICO\MediaDICO.EXE
C:\Program Files\Micro Application\MediaDICO\Rac.EXE
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Handy Animated Emoticons] "C:\Program Files\Scorpio Software\Handy Animated Emoticons\HAE.exe" /minimized
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA96DB13-C336-43E3-AF9F-38B070ED6E8D}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Je ne sais pas si tu asla cpture d'image du haut
http://img376.imageshack.us/img376/7576/lspfix1cr.jpg
j'ai refais hijack
http://img376.imageshack.us/img376/1434/hich9zp.jpg j'ai repondu oui
le resultat
Logfile of HijackThis v1.99.1
Scan saved at 14:22:54, on 27/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\eDonkey2000\edonkey2000.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Micro Application\MediaDICO\MediaDICO.EXE
C:\Program Files\Micro Application\MediaDICO\Rac.EXE
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Handy Animated Emoticons] "C:\Program Files\Scorpio Software\Handy Animated Emoticons\HAE.exe" /minimized
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA96DB13-C336-43E3-AF9F-38B070ED6E8D}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Je ne sais pas si tu asla cpture d'image du haut
generic viagra
>
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
26 sept. 2009 à 08:49
26 sept. 2009 à 08:49
<a href="http://www.ezbuyviagra.com/">generic viagra</a>
http://www.ezbuyviagra.com/
[url=http://www.ezbuyviagra.com/]generic viagra[/url]
http://www.ezbuyviagra.com/
[url=http://www.ezbuyviagra.com/]generic viagra[/url]
Real Mona
Messages postés
1432
Date d'inscription
jeudi 1 juillet 2004
Statut
Membre
Dernière intervention
9 août 2016
94
27 août 2005 à 20:48
27 août 2005 à 20:48
Bonsoir,
Oui j'ai bien les deux captures d'image...Maiis cette ligne est toujours présente, donc on va l'effacer en mode sans échec (je croise les doigts, ca peut aider ;))
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5)
----------------------------------------------------------------------------
¤Désactive ta restauration système :
Clic droit sur poste de travail puis,
propriété, tu cliques sur onglet restauration système
tu coches la case « désactiver la restauration » et applique
----------------------------------------------------------------------------
¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage
Coche « afficher les fichiers et dossiers cachés »
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.
Et appliquer !
----------------------------------------------------------------------------
¤Vide tes fichiers temps et tempory internet file:
utilise ceci pour le faire (tu as téléchargé avant)
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
----------------------------------------------------------------------------
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
----------------------------------------------------------------------------
¤ Passe Ad-Aware et vire tout ce qu’il trouve
----------------------------------------------------------------------------
¤ Passe Spybot et vire tout ce qu’il trouve
----------------------------------------------------------------------------
> Tu vides ta poubelle et tu redémarres en mode normal et refait un HijackThis que tu postes ici !
Précise tes soucis s’il en reste....
Tiens-moi au courant
a+
M.
Oui j'ai bien les deux captures d'image...Maiis cette ligne est toujours présente, donc on va l'effacer en mode sans échec (je croise les doigts, ca peut aider ;))
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5)
----------------------------------------------------------------------------
¤Désactive ta restauration système :
Clic droit sur poste de travail puis,
propriété, tu cliques sur onglet restauration système
tu coches la case « désactiver la restauration » et applique
----------------------------------------------------------------------------
¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage
Coche « afficher les fichiers et dossiers cachés »
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.
Et appliquer !
----------------------------------------------------------------------------
¤Vide tes fichiers temps et tempory internet file:
utilise ceci pour le faire (tu as téléchargé avant)
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
----------------------------------------------------------------------------
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
----------------------------------------------------------------------------
¤ Passe Ad-Aware et vire tout ce qu’il trouve
----------------------------------------------------------------------------
¤ Passe Spybot et vire tout ce qu’il trouve
----------------------------------------------------------------------------
> Tu vides ta poubelle et tu redémarres en mode normal et refait un HijackThis que tu postes ici !
Précise tes soucis s’il en reste....
Tiens-moi au courant
a+
M.
patou28
Messages postés
203
Date d'inscription
mercredi 24 août 2005
Statut
Membre
Dernière intervention
16 mai 2015
2
28 août 2005 à 15:38
28 août 2005 à 15:38
Bon dimanche Real Mona
Je pense que l'on n'est venu à bout de cette vilaine bête qu'est-ce que tu en pense voila le resultat
Logfile of HijackThis v1.99.1
Scan saved at 15:32:53, on 28/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Scorpio Software\Handy Animated Emoticons\HAE.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Handy Animated Emoticons] "C:\Program Files\Scorpio Software\Handy Animated Emoticons\HAE.exe" /minimized
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA96DB13-C336-43E3-AF9F-38B070ED6E8D}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Je te remercie du temps que tu ma consacré
Je pense que l'on n'est venu à bout de cette vilaine bête qu'est-ce que tu en pense voila le resultat
Logfile of HijackThis v1.99.1
Scan saved at 15:32:53, on 28/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Scorpio Software\Handy Animated Emoticons\HAE.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\patricia martron\Mes documents\ANTIVIRUS\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Handy Animated Emoticons] "C:\Program Files\Scorpio Software\Handy Animated Emoticons\HAE.exe" /minimized
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA96DB13-C336-43E3-AF9F-38B070ED6E8D}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Je te remercie du temps que tu ma consacré
Real Mona
Messages postés
1432
Date d'inscription
jeudi 1 juillet 2004
Statut
Membre
Dernière intervention
9 août 2016
94
28 août 2005 à 18:51
28 août 2005 à 18:51
Bonjour !
J'en pense que... du bien !
Bon surf, et fais attention où tu mets les pieds (enfin la souris;))
Et n'oublie pas d'utiliser régulièrement Spybot, Ad-Aware, Clean Up et ton anti-virus !
D'ailleurs, je n'ai pas vu si tu avais un pare-feu (firewall), si tu n'en as pas c'est primordial d'en installer un. ZoneAlarm est très bien http://download.zonelabs.com/bin/free/fr/download/comparison.html
Ciao,
M.
J'en pense que... du bien !
Bon surf, et fais attention où tu mets les pieds (enfin la souris;))
Et n'oublie pas d'utiliser régulièrement Spybot, Ad-Aware, Clean Up et ton anti-virus !
D'ailleurs, je n'ai pas vu si tu avais un pare-feu (firewall), si tu n'en as pas c'est primordial d'en installer un. ZoneAlarm est très bien http://download.zonelabs.com/bin/free/fr/download/comparison.html
Ciao,
M.
Generic viagra online
<a href="https://www.viagrageneric.org/">generic viagra</a>
https://www.viagrageneric.org/
[url=https://www.viagrageneric.org/]generic viagra[/url]
<a href="https://www.viagrageneric.org/">generic viagra</a>
https://www.viagrageneric.org/
[url=https://www.viagrageneric.org/]generic viagra[/url]
Generic viagra online
<a href="https://www.viagrageneric.org/">generic viagra</a>
https://www.viagrageneric.org/
[url=https://www.viagrageneric.org/]generic viagra[/url]
<a href="https://www.viagrageneric.org/">generic viagra</a>
https://www.viagrageneric.org/
[url=https://www.viagrageneric.org/]generic viagra[/url]
Viagra and cialis online
<a href="http://www.onlybestgalleries.com/">buy viagra</a>
http://www.onlybestgalleries.com/
[url=http://www.onlybestgalleries.com/]buy viagra[/url]
<a href="https://whois.domaintools.com/cialischeap.info">cialis</a>
https://whois.domaintools.com/cialischeap.info
[url=https://whois.domaintools.com/cialischeap.info]cialis[/url]
<a href="http://whois.domaintools.com/viagrabuyonline.info">buy viagra online</a>
http://whois.domaintools.com/viagrabuyonline.info
[url=http://whois.domaintools.com/viagrabuyonline.info]buy viagra online[/url]
<a href="http://www.onlybestgalleries.com/">buy viagra</a>
http://www.onlybestgalleries.com/
[url=http://www.onlybestgalleries.com/]buy viagra[/url]
<a href="https://whois.domaintools.com/cialischeap.info">cialis</a>
https://whois.domaintools.com/cialischeap.info
[url=https://whois.domaintools.com/cialischeap.info]cialis[/url]
<a href="http://whois.domaintools.com/viagrabuyonline.info">buy viagra online</a>
http://whois.domaintools.com/viagrabuyonline.info
[url=http://whois.domaintools.com/viagrabuyonline.info]buy viagra online[/url]
Viagra and cialis online
<a href="http://www.onlybestgalleries.com/">buy viagra</a>
http://www.onlybestgalleries.com/
[url=http://www.onlybestgalleries.com/]buy viagra[/url]
<a href="https://whois.domaintools.com/cialischeap.info">cialis</a>
https://whois.domaintools.com/cialischeap.info
[url=https://whois.domaintools.com/cialischeap.info]cialis[/url]
<a href="http://whois.domaintools.com/viagrabuyonline.info">buy viagra online</a>
http://whois.domaintools.com/viagrabuyonline.info
[url=http://whois.domaintools.com/viagrabuyonline.info]buy viagra online[/url]
<a href="http://www.onlybestgalleries.com/">buy viagra</a>
http://www.onlybestgalleries.com/
[url=http://www.onlybestgalleries.com/]buy viagra[/url]
<a href="https://whois.domaintools.com/cialischeap.info">cialis</a>
https://whois.domaintools.com/cialischeap.info
[url=https://whois.domaintools.com/cialischeap.info]cialis[/url]
<a href="http://whois.domaintools.com/viagrabuyonline.info">buy viagra online</a>
http://whois.domaintools.com/viagrabuyonline.info
[url=http://whois.domaintools.com/viagrabuyonline.info]buy viagra online[/url]
<a href="http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl">cialis</a>
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
<a href="http://technorati.com/blogs/buycialismeds.sblog.cz?posts">buy cialis</a>
http://technorati.com/blogs/buycialismeds.sblog.cz?posts
[url=http://technorati.com/blogs/buycialismeds.sblog.cz?posts]buy cialis[/url]
<a href="http://technorati.com/blogs/buyviagrameds.sblog.cz?posts">buy viagra</a>
http://technorati.com/blogs/buyviagrameds.sblog.cz?posts
[url=http://technorati.com/blogs/buyviagrameds.sblog.cz?posts]buy viagra[/url]
<a href="http://technorati.com/blogs/genericviagrav.sblog.cz?posts">generic viagra</a>
http://technorati.com/blogs/genericviagrav.sblog.cz?posts
[url=http://technorati.com/blogs/genericviagrav.sblog.cz?posts]generic viagra[/url]
<a href="http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts">generic cialis</a>
http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts
[url=http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts]generic cialis[/url]
<a href="http://technorati.com/blogs/propeciaonline.sblog.cz?posts">propecia</a>
http://technorati.com/blogs/propeciaonline.sblog.cz?posts
[url=http://technorati.com/blogs/propeciaonline.sblog.cz?posts]propecia[/url]
<a href="http://technorati.com/blogs/buylevitrapills.sblog.cz?posts">levitra</a>
http://technorati.com/blogs/buylevitrapills.sblog.cz?posts
[url=http://technorati.com/blogs/buylevitrapills.sblog.cz?posts]levitra[/url]
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
<a href="http://technorati.com/blogs/buycialismeds.sblog.cz?posts">buy cialis</a>
http://technorati.com/blogs/buycialismeds.sblog.cz?posts
[url=http://technorati.com/blogs/buycialismeds.sblog.cz?posts]buy cialis[/url]
<a href="http://technorati.com/blogs/buyviagrameds.sblog.cz?posts">buy viagra</a>
http://technorati.com/blogs/buyviagrameds.sblog.cz?posts
[url=http://technorati.com/blogs/buyviagrameds.sblog.cz?posts]buy viagra[/url]
<a href="http://technorati.com/blogs/genericviagrav.sblog.cz?posts">generic viagra</a>
http://technorati.com/blogs/genericviagrav.sblog.cz?posts
[url=http://technorati.com/blogs/genericviagrav.sblog.cz?posts]generic viagra[/url]
<a href="http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts">generic cialis</a>
http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts
[url=http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts]generic cialis[/url]
<a href="http://technorati.com/blogs/propeciaonline.sblog.cz?posts">propecia</a>
http://technorati.com/blogs/propeciaonline.sblog.cz?posts
[url=http://technorati.com/blogs/propeciaonline.sblog.cz?posts]propecia[/url]
<a href="http://technorati.com/blogs/buylevitrapills.sblog.cz?posts">levitra</a>
http://technorati.com/blogs/buylevitrapills.sblog.cz?posts
[url=http://technorati.com/blogs/buylevitrapills.sblog.cz?posts]levitra[/url]
<a href="http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl">cialis</a>
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
<a href="http://technorati.com/blogs/buycialismeds.sblog.cz?posts">buy cialis</a>
http://technorati.com/blogs/buycialismeds.sblog.cz?posts
[url=http://technorati.com/blogs/buycialismeds.sblog.cz?posts]buy cialis[/url]
<a href="http://technorati.com/blogs/buyviagrameds.sblog.cz?posts">buy viagra</a>
http://technorati.com/blogs/buyviagrameds.sblog.cz?posts
[url=http://technorati.com/blogs/buyviagrameds.sblog.cz?posts]buy viagra[/url]
<a href="http://technorati.com/blogs/genericviagrav.sblog.cz?posts">generic viagra</a>
http://technorati.com/blogs/genericviagrav.sblog.cz?posts
[url=http://technorati.com/blogs/genericviagrav.sblog.cz?posts]generic viagra[/url]
<a href="http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts">generic cialis</a>
http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts
[url=http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts]generic cialis[/url]
<a href="http://technorati.com/blogs/propeciaonline.sblog.cz?posts">propecia</a>
http://technorati.com/blogs/propeciaonline.sblog.cz?posts
[url=http://technorati.com/blogs/propeciaonline.sblog.cz?posts]propecia[/url]
<a href="http://technorati.com/blogs/buylevitrapills.sblog.cz?posts">levitra</a>
http://technorati.com/blogs/buylevitrapills.sblog.cz?posts
[url=http://technorati.com/blogs/buylevitrapills.sblog.cz?posts]levitra[/url]
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
<a href="http://technorati.com/blogs/buycialismeds.sblog.cz?posts">buy cialis</a>
http://technorati.com/blogs/buycialismeds.sblog.cz?posts
[url=http://technorati.com/blogs/buycialismeds.sblog.cz?posts]buy cialis[/url]
<a href="http://technorati.com/blogs/buyviagrameds.sblog.cz?posts">buy viagra</a>
http://technorati.com/blogs/buyviagrameds.sblog.cz?posts
[url=http://technorati.com/blogs/buyviagrameds.sblog.cz?posts]buy viagra[/url]
<a href="http://technorati.com/blogs/genericviagrav.sblog.cz?posts">generic viagra</a>
http://technorati.com/blogs/genericviagrav.sblog.cz?posts
[url=http://technorati.com/blogs/genericviagrav.sblog.cz?posts]generic viagra[/url]
<a href="http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts">generic cialis</a>
http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts
[url=http://technorati.com/blogs/rxgenericcialis.sblog.cz?posts]generic cialis[/url]
<a href="http://technorati.com/blogs/propeciaonline.sblog.cz?posts">propecia</a>
http://technorati.com/blogs/propeciaonline.sblog.cz?posts
[url=http://technorati.com/blogs/propeciaonline.sblog.cz?posts]propecia[/url]
<a href="http://technorati.com/blogs/buylevitrapills.sblog.cz?posts">levitra</a>
http://technorati.com/blogs/buylevitrapills.sblog.cz?posts
[url=http://technorati.com/blogs/buylevitrapills.sblog.cz?posts]levitra[/url]
<a href="http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl">cialis</a>
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
<a href="http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl">cialis</a>
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl
[url=http://technorati.com/posts/tag/Buy+Cialis+Online.+FDA+Approved+Quality+Pills.+cialisxl]cialis[/url]
