Sos, cheval de troie win32
lou
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
mon ordinateur a détecté 2 "cheval de troie"; j'ai découvert leur emplacement, mais seulement, je ne peux les supprimer car il y a un autre utilisateur de ce programme . J'ai trouvé aussi ce que je crois être "la carte d'identité du virus,que je vous envoie ci-dessous :
[*WMC Logging begun at 2007/12/24 - 19:18:04. Logging at level: '4'. OS is NT. OSVer is 5.1.2600.0.3119. System Lang is 1036. Prev version system is 10.0.0.3646. Setup version 11.0.5721.5146.]
Setup commandlines are C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\setup_wm.exe /NoMutex /Q /R:N.
Validation completed.
Setup beginning.
=====Building Install list.
Finished building install list. Result: '0x0'.
Previous setup was incomplete: this setup will run in Reinstall All mode.
=====Updating Install list for UI.
Finished updating install list.
Stopping service 'umwdf'.
Stopping service 'umwdf' succeeded.
Deletion of service : 'umwdf' succeeded.
=====Installing Install list. Last result: 0x0.
Installer: Preparing to set system restore point...
System restore point set.
Querying service 'WMPNetworkSvc'.
Querying service 'WMPNetworkSvc' failed.
======Installing component 'UMDF'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\umdf.exe /quiet /norestart /er'.
Package install complete. Last result 0x0.
SUCCESS: Package 'Infrastructure du pilote en mode Utilisateur'. Result: 0x0.
======Installing component 'WMFDist11Setup'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\wmfdist11.exe /quiet /norestart /er'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb0.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb0.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmadmod.dll'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb1.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb1.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmasf.dll'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb2.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb2.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmnetmgr.dll'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb3.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb3.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmvcore.dll'.
Registering DLL: 'c:\windows\system32\wmadmod.dll'.
Dll Registration: Succeeded for file 'c:\windows\system32\wmadmod.dll'.
Registering DLL: 'c:\windows\system32\wmnetmgr.dll'.
Dll Registration: Succeeded for file 'c:\windows\system32\wmnetmgr.dll'.
Registering DLL: 'c:\windows\system32\wmvcore.dll'.
Dll Registration: Succeeded for file 'c:\windows\system32\wmvcore.dll'.
Starting process 'C:\WINDOWS\system32\drmupgds.exe'.
Package install complete. Last result 0x0.
SUCCESS: Package 'Module d'exécution de format Windows Media'. Result: 0x0.
======Installing component 'DefaultPlaylist'.
InfParser: Set source directory 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP'.
INF: Found section 'DEFAULTINSTALL.NT'.
Parsing CustomDestination INFSection:'WMP.Destination'
INF: Found section 'ProgramFilesDir'.
Assigned destination: 'C:\Program Files' for section 'WMP.Destination'
Added CustomDestination '49000' as 'C:\PROGRA~1'.
Added CustomDestination '49001' as 'C:\Program Files'.
Added CustomDestination '49002' as 'C:\PROGRA~1'.
INF: Found section 'WMPDirectory'.
Assigned destination: 'C:\Program Files\Windows Media Player' for section 'WMP.Destination'
Added CustomDestination '49300' as 'C:\PROGRA~1\WINDOW~2'.
Added CustomDestination '49301' as 'C:\Program Files\Windows Media Player'.
Added CustomDestination '49302' as 'C:\PROGRA~1\WINDOW~2'.
INF: Found section 'Win9xDocsDir'.
Assigned destination: 'C:\Program Files\Wanadoo\imaginelapaix' for section 'WMP.Destination'
Added CustomDestination '49400' as 'C:\PROGRA~1\Wanadoo\IMAGIN~1'.
Added CustomDestination '49401' as 'C:\Program Files\Wanadoo\imaginelapaix'.
Added CustomDestination '49402' as 'C:\PROGRA~1\Wanadoo\IMAGIN~1'.
INF: Found section 'DocsDir'.
Assigned destination: 'C:\Documents and Settings\All Users\Documents' for section 'WMP.Destination'
Added CustomDestination '49500' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1'.
Added CustomDestination '49501' as 'C:\Documents and Settings\All Users\Documents'.
Added CustomDestination '49502' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1'.
INF: Found section 'CommonMusicDir'.
Assigned destination: 'C:\Documents and Settings\All Users\Documents\Ma musique' for section 'WMP.Destination'
Added CustomDestination '49600' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1'.
Added CustomDestination '49601' as 'C:\Documents and Settings\All Users\Documents\Ma musique'.
Added CustomDestination '49602' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1'.
INF: Found section 'MyPlaylistsDirectory'.
Assigned destination: 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists' for section 'WMP.Destination'
Added CustomDestination '49650' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists'.
Added CustomDestination '49651' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists'.
Added CustomDestination '49652' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists'.
INF: Found section 'MySyncPlaylistsDirectory'.
Assigned destination: 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists' for section 'WMP.Destination'
Added CustomDestination '49750' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists'.
Added CustomDestination '49751' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists'.
Added CustomDestination '49752' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists'.
INF: Found section 'DEFAULTINSTALL.NT'.
Source location is:'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP'.
Parsing 'COPYFILES' INFSection:'Copy.Playlists'
INF: Found section 'DESTINATIONDIRS'.
Resolving destination: 49650.
Assigned destination: 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists\' to 'Copy.Playlists'.
Parsing 'COPYFILES' INFSection:'Copy.SyncPlaylists'
INF: Found section 'DESTINATIONDIRS'.
Resolving destination: 49750.
Assigned destination: 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\' to 'Copy.SyncPlaylists'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\01_Music_auto_rated_at_5_stars.wpl'. This file will be overwritten.
Copied file '01_Music_auto_rated_at_5_stars.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
Package 'MYMUSIC' is version '0.0.0.7'. This is 'newer' than the version currently installed.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\02_Music_added_in_the_last_month.wpl'. This file will be overwritten.
Copied file '02_Music_added_in_the_last_month.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\03_Music_rated_at_4_or_5_stars.wpl'. This file will be overwritten.
Copied file '03_Music_rated_at_4_or_5_stars.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\04_Music_played_in_the_last_month.wpl'. This file will be overwritten.
Copied file '04_Music_played_in_the_last_month.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\05_Pictures_taken_in_the_last_month.wpl'. This file will be overwritten.
Copied file '05_Pictures_taken_in_the_last_month.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\06_Pictures_rated_4_or_5_stars.wpl'. This file will be overwritten.
Copied file '06_Pictures_rated_4_or_5_stars.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\07_TV_recorded_in_the_last_week.wpl'. This file will be overwritten.
Copied file '07_TV_recorded_in_the_last_week.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\08_Video_rated_at_4_or_5_stars.wpl'. This file will be overwritten.
Copied file '08_Video_rated_at_4_or_5_stars.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\09_Music_played_the_most.wpl'. This file will be overwritten.
Copied file '09_Music_played_the_most.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\10_All_Music.wpl'. This file will be overwritten.
Copied file '10_All_Music.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\11_All_Pictures.wpl'. This file will be overwritten.
Copied file '11_All_Pictures.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\12_All_Video.wpl'. This file will be overwritten.
Copied file '12_All_Video.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
INF: Found section 'DEFAULTINSTALL.NT'.
Parsing Reg section:'SetRegKeys'.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer\Preferences,MyPlayLists,,C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists', result 0x0.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer\Preferences,MySyncPlayLists,,C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists', result 0x0.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer\Preferences,FirstTime,0x00010001,1', result 0x0.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer\Setup,PlaylistsVersion,,0.0.0.6', result 0x0.
Package install complete. Last result 0xd2af8.
Package 'MYMUSIC' is version '0.0.0.7'. This is 'newer' than the version currently installed.
Adding dependency type 'Definition' to registry.
SUCCESS: Package 'Sélection Windows Media par défaut'. Result: 0xd2af8.
======Installing component 'WMP11Setup'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\wmp11.exe /quiet /norestart /er'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb4.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb4.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmploc.dll'.
Package install complete. Last result 0x0.
SUCCESS: Package 'Lecteur Windows Media'. Result: 0x0.
======Installing component 'mymusic10'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\wmdbexport.exe '.
Package install complete. Last result 0x0.
SUCCESS: Package 'Migration de la bibliothèque multimédia'. Result: 0x0.
======Installing component 'MSDelta'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\WindowsXP-MSCompPackV1-x86.exe /quiet /norestart /er'.
Package install complete. Last result 0x0.
SUCCESS: Package 'MSDelta'. Result: 0x0.
======Installing component 'Appcompat Shim'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\wmpappcompat.exe /quiet /norestart /er'.
Package install complete. Last result 0xd2af8.
SUCCESS: Package 'Appcompat Shim pour WMP10'. Result: 0xd2af8.
======Installing component 'skins'.
InfParser: Set source directory 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP'.
INF: Found section 'DEFAULTINSTALL.NT5.1'.
Parsing CustomDestination INFSection:'WMP.Destination'
INF: Found section 'ProgramFilesDir'.
Assigned destination: 'C:\Program Files' for section 'WMP.Destination'
Added CustomDestination '49000' as 'C:\PROGRA~1'.
Added CustomDestination '49001' as 'C:\Program Files'.
Added CustomDestination '49002' as 'C:\PROGRA~1'.
INF: Found section 'WMPDirectory'.
Assigned destination: 'C:\Program Files\Windows Media Player' for section 'WMP.Destination'
Added CustomDestination '49300' as 'C:\PROGRA~1\WINDOW~2'.
Added CustomDestination '49301' as 'C:\Program Files\Windows Media Player'.
Added CustomDestination '49302' as 'C:\PROGRA~1\WINDOW~2'.
INF: Found section 'SkinDirectory'.
Assigned destination: 'C:\Program Files\Windows Media Player\Skins' for section 'WMP.Destination'
Added CustomDestination '49400' as 'C:\PROGRA~1\WINDOW~2\Skins'.
Added CustomDestination '49401' as 'C:\Program Files\Windows Media Player\Skins'.
Added CustomDestination '49402' as 'C:\PROGRA~1\WINDOW~2\Skins'.
INF: Found section 'DEFAULTINSTALL.NT5.1'.
Source location is:'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP'.
Parsing 'COPYFILES' INFSection:'Copy.Skin'
INF: Found section 'DESTINATIONDIRS'.
Resolving destination: 49400.
Assigned destination: 'C:\PROGRA~1\WINDOW~2\Skins\' to 'Copy.Skin'.
WMC_CopyFile: File 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\Revert.wmz' is newer than the installed version. This file will be installed.
Copied file 'Revert.wmz' to 'C:\PROGRA~1\WINDOW~2\Skins\'.
Parsing 'COPYFILES' INFSection:'Copy.INF'
INF: Found section 'DESTINATIONDIRS'.
Assigned destination: 'C:\WINDOWS\INF\' to 'Copy.INF'.
WMC_CopyFile: File 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\skins.inf' is newer than the installed version. This file will be installed.
Copied file 'skins.inf' to 'C:\WINDOWS\INF\'.
INF: Found section 'DEFAULTINSTALL.NT5.1'.
Parsing Reg section:'setskindir'.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer,SkinsDir,,C:\Program Files\Windows Media Player\Skins', result 0x0.
Parsing Reg section:'AddReg.Rename'.
Parsing Reg section:'AddReg.Uninst'.
Processed ADDREG line: 'HKCR,Software\Microsoft\Multimedia\Components\Installed\playback_skins\Uninstall,InstallFile,2,C:\WINDOWS\INF\skins.inf', result 0x0.
Processed ADDREG line: 'HKCR,Software\Microsoft\Multimedia\Components\Installed\playback_skins\Uninstall,InstallType,,advinf', result 0x0.
Package install complete. Last result 0xd2af8.
SUCCESS: Package 'Apparences du Lecteur Windows Media'. Result: 0xd2af8.
Setup complete. Result: '0xd2af8'.
System restore end point set.
Setup requires a reboot, but the parent application delayed this reboot.
Starting process 'C:\WINDOWS\inf\unregmp2.exe'.
Starting process 'C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wpd_ci.dll,DoCmd remove rescan'.
Package clean-up: Cleaning up files at 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\WMC0002.tmp\Rollup3.exe'.
merci de bien vouloir me venir en aide, car avast bien que les repérant, ne les suprime pas.
mon ordinateur a détecté 2 "cheval de troie"; j'ai découvert leur emplacement, mais seulement, je ne peux les supprimer car il y a un autre utilisateur de ce programme . J'ai trouvé aussi ce que je crois être "la carte d'identité du virus,que je vous envoie ci-dessous :
[*WMC Logging begun at 2007/12/24 - 19:18:04. Logging at level: '4'. OS is NT. OSVer is 5.1.2600.0.3119. System Lang is 1036. Prev version system is 10.0.0.3646. Setup version 11.0.5721.5146.]
Setup commandlines are C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\setup_wm.exe /NoMutex /Q /R:N.
Validation completed.
Setup beginning.
=====Building Install list.
Finished building install list. Result: '0x0'.
Previous setup was incomplete: this setup will run in Reinstall All mode.
=====Updating Install list for UI.
Finished updating install list.
Stopping service 'umwdf'.
Stopping service 'umwdf' succeeded.
Deletion of service : 'umwdf' succeeded.
=====Installing Install list. Last result: 0x0.
Installer: Preparing to set system restore point...
System restore point set.
Querying service 'WMPNetworkSvc'.
Querying service 'WMPNetworkSvc' failed.
======Installing component 'UMDF'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\umdf.exe /quiet /norestart /er'.
Package install complete. Last result 0x0.
SUCCESS: Package 'Infrastructure du pilote en mode Utilisateur'. Result: 0x0.
======Installing component 'WMFDist11Setup'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\wmfdist11.exe /quiet /norestart /er'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb0.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb0.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmadmod.dll'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb1.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb1.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmasf.dll'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb2.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb2.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmnetmgr.dll'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb3.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb3.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmvcore.dll'.
Registering DLL: 'c:\windows\system32\wmadmod.dll'.
Dll Registration: Succeeded for file 'c:\windows\system32\wmadmod.dll'.
Registering DLL: 'c:\windows\system32\wmnetmgr.dll'.
Dll Registration: Succeeded for file 'c:\windows\system32\wmnetmgr.dll'.
Registering DLL: 'c:\windows\system32\wmvcore.dll'.
Dll Registration: Succeeded for file 'c:\windows\system32\wmvcore.dll'.
Starting process 'C:\WINDOWS\system32\drmupgds.exe'.
Package install complete. Last result 0x0.
SUCCESS: Package 'Module d'exécution de format Windows Media'. Result: 0x0.
======Installing component 'DefaultPlaylist'.
InfParser: Set source directory 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP'.
INF: Found section 'DEFAULTINSTALL.NT'.
Parsing CustomDestination INFSection:'WMP.Destination'
INF: Found section 'ProgramFilesDir'.
Assigned destination: 'C:\Program Files' for section 'WMP.Destination'
Added CustomDestination '49000' as 'C:\PROGRA~1'.
Added CustomDestination '49001' as 'C:\Program Files'.
Added CustomDestination '49002' as 'C:\PROGRA~1'.
INF: Found section 'WMPDirectory'.
Assigned destination: 'C:\Program Files\Windows Media Player' for section 'WMP.Destination'
Added CustomDestination '49300' as 'C:\PROGRA~1\WINDOW~2'.
Added CustomDestination '49301' as 'C:\Program Files\Windows Media Player'.
Added CustomDestination '49302' as 'C:\PROGRA~1\WINDOW~2'.
INF: Found section 'Win9xDocsDir'.
Assigned destination: 'C:\Program Files\Wanadoo\imaginelapaix' for section 'WMP.Destination'
Added CustomDestination '49400' as 'C:\PROGRA~1\Wanadoo\IMAGIN~1'.
Added CustomDestination '49401' as 'C:\Program Files\Wanadoo\imaginelapaix'.
Added CustomDestination '49402' as 'C:\PROGRA~1\Wanadoo\IMAGIN~1'.
INF: Found section 'DocsDir'.
Assigned destination: 'C:\Documents and Settings\All Users\Documents' for section 'WMP.Destination'
Added CustomDestination '49500' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1'.
Added CustomDestination '49501' as 'C:\Documents and Settings\All Users\Documents'.
Added CustomDestination '49502' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1'.
INF: Found section 'CommonMusicDir'.
Assigned destination: 'C:\Documents and Settings\All Users\Documents\Ma musique' for section 'WMP.Destination'
Added CustomDestination '49600' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1'.
Added CustomDestination '49601' as 'C:\Documents and Settings\All Users\Documents\Ma musique'.
Added CustomDestination '49602' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1'.
INF: Found section 'MyPlaylistsDirectory'.
Assigned destination: 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists' for section 'WMP.Destination'
Added CustomDestination '49650' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists'.
Added CustomDestination '49651' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists'.
Added CustomDestination '49652' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists'.
INF: Found section 'MySyncPlaylistsDirectory'.
Assigned destination: 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists' for section 'WMP.Destination'
Added CustomDestination '49750' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists'.
Added CustomDestination '49751' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists'.
Added CustomDestination '49752' as 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists'.
INF: Found section 'DEFAULTINSTALL.NT'.
Source location is:'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP'.
Parsing 'COPYFILES' INFSection:'Copy.Playlists'
INF: Found section 'DESTINATIONDIRS'.
Resolving destination: 49650.
Assigned destination: 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists\' to 'Copy.Playlists'.
Parsing 'COPYFILES' INFSection:'Copy.SyncPlaylists'
INF: Found section 'DESTINATIONDIRS'.
Resolving destination: 49750.
Assigned destination: 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\' to 'Copy.SyncPlaylists'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\01_Music_auto_rated_at_5_stars.wpl'. This file will be overwritten.
Copied file '01_Music_auto_rated_at_5_stars.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
Package 'MYMUSIC' is version '0.0.0.7'. This is 'newer' than the version currently installed.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\02_Music_added_in_the_last_month.wpl'. This file will be overwritten.
Copied file '02_Music_added_in_the_last_month.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\03_Music_rated_at_4_or_5_stars.wpl'. This file will be overwritten.
Copied file '03_Music_rated_at_4_or_5_stars.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\04_Music_played_in_the_last_month.wpl'. This file will be overwritten.
Copied file '04_Music_played_in_the_last_month.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\05_Pictures_taken_in_the_last_month.wpl'. This file will be overwritten.
Copied file '05_Pictures_taken_in_the_last_month.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\06_Pictures_rated_4_or_5_stars.wpl'. This file will be overwritten.
Copied file '06_Pictures_rated_4_or_5_stars.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\07_TV_recorded_in_the_last_week.wpl'. This file will be overwritten.
Copied file '07_TV_recorded_in_the_last_week.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\08_Video_rated_at_4_or_5_stars.wpl'. This file will be overwritten.
Copied file '08_Video_rated_at_4_or_5_stars.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\09_Music_played_the_most.wpl'. This file will be overwritten.
Copied file '09_Music_played_the_most.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\10_All_Music.wpl'. This file will be overwritten.
Copied file '10_All_Music.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\11_All_Pictures.wpl'. This file will be overwritten.
Copied file '11_All_Pictures.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
WMC_CopyFile: Could not find file version for 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\12_All_Video.wpl'. This file will be overwritten.
Copied file '12_All_Video.wpl' to 'C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists\'.
INF: Found section 'DEFAULTINSTALL.NT'.
Parsing Reg section:'SetRegKeys'.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer\Preferences,MyPlayLists,,C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sample Playlists', result 0x0.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer\Preferences,MySyncPlayLists,,C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1\Sync Playlists', result 0x0.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer\Preferences,FirstTime,0x00010001,1', result 0x0.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer\Setup,PlaylistsVersion,,0.0.0.6', result 0x0.
Package install complete. Last result 0xd2af8.
Package 'MYMUSIC' is version '0.0.0.7'. This is 'newer' than the version currently installed.
Adding dependency type 'Definition' to registry.
SUCCESS: Package 'Sélection Windows Media par défaut'. Result: 0xd2af8.
======Installing component 'WMP11Setup'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\wmp11.exe /quiet /norestart /er'.
File replacement for 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb4.tmp' queued in non-admin file cache.
Reboot requested due to 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\setb4.tmp' file clean-up.
Reboot fix succeeded for file 'c:\windows\system32\wmploc.dll'.
Package install complete. Last result 0x0.
SUCCESS: Package 'Lecteur Windows Media'. Result: 0x0.
======Installing component 'mymusic10'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\wmdbexport.exe '.
Package install complete. Last result 0x0.
SUCCESS: Package 'Migration de la bibliothèque multimédia'. Result: 0x0.
======Installing component 'MSDelta'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\WindowsXP-MSCompPackV1-x86.exe /quiet /norestart /er'.
Package install complete. Last result 0x0.
SUCCESS: Package 'MSDelta'. Result: 0x0.
======Installing component 'Appcompat Shim'.
Starting process 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\wmpappcompat.exe /quiet /norestart /er'.
Package install complete. Last result 0xd2af8.
SUCCESS: Package 'Appcompat Shim pour WMP10'. Result: 0xd2af8.
======Installing component 'skins'.
InfParser: Set source directory 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP'.
INF: Found section 'DEFAULTINSTALL.NT5.1'.
Parsing CustomDestination INFSection:'WMP.Destination'
INF: Found section 'ProgramFilesDir'.
Assigned destination: 'C:\Program Files' for section 'WMP.Destination'
Added CustomDestination '49000' as 'C:\PROGRA~1'.
Added CustomDestination '49001' as 'C:\Program Files'.
Added CustomDestination '49002' as 'C:\PROGRA~1'.
INF: Found section 'WMPDirectory'.
Assigned destination: 'C:\Program Files\Windows Media Player' for section 'WMP.Destination'
Added CustomDestination '49300' as 'C:\PROGRA~1\WINDOW~2'.
Added CustomDestination '49301' as 'C:\Program Files\Windows Media Player'.
Added CustomDestination '49302' as 'C:\PROGRA~1\WINDOW~2'.
INF: Found section 'SkinDirectory'.
Assigned destination: 'C:\Program Files\Windows Media Player\Skins' for section 'WMP.Destination'
Added CustomDestination '49400' as 'C:\PROGRA~1\WINDOW~2\Skins'.
Added CustomDestination '49401' as 'C:\Program Files\Windows Media Player\Skins'.
Added CustomDestination '49402' as 'C:\PROGRA~1\WINDOW~2\Skins'.
INF: Found section 'DEFAULTINSTALL.NT5.1'.
Source location is:'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP'.
Parsing 'COPYFILES' INFSection:'Copy.Skin'
INF: Found section 'DESTINATIONDIRS'.
Resolving destination: 49400.
Assigned destination: 'C:\PROGRA~1\WINDOW~2\Skins\' to 'Copy.Skin'.
WMC_CopyFile: File 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\Revert.wmz' is newer than the installed version. This file will be installed.
Copied file 'Revert.wmz' to 'C:\PROGRA~1\WINDOW~2\Skins\'.
Parsing 'COPYFILES' INFSection:'Copy.INF'
INF: Found section 'DESTINATIONDIRS'.
Assigned destination: 'C:\WINDOWS\INF\' to 'Copy.INF'.
WMC_CopyFile: File 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\IXP000.TMP\skins.inf' is newer than the installed version. This file will be installed.
Copied file 'skins.inf' to 'C:\WINDOWS\INF\'.
INF: Found section 'DEFAULTINSTALL.NT5.1'.
Parsing Reg section:'setskindir'.
Processed ADDREG line: 'HKLM,SOFTWARE\Microsoft\MediaPlayer,SkinsDir,,C:\Program Files\Windows Media Player\Skins', result 0x0.
Parsing Reg section:'AddReg.Rename'.
Parsing Reg section:'AddReg.Uninst'.
Processed ADDREG line: 'HKCR,Software\Microsoft\Multimedia\Components\Installed\playback_skins\Uninstall,InstallFile,2,C:\WINDOWS\INF\skins.inf', result 0x0.
Processed ADDREG line: 'HKCR,Software\Microsoft\Multimedia\Components\Installed\playback_skins\Uninstall,InstallType,,advinf', result 0x0.
Package install complete. Last result 0xd2af8.
SUCCESS: Package 'Apparences du Lecteur Windows Media'. Result: 0xd2af8.
Setup complete. Result: '0xd2af8'.
System restore end point set.
Setup requires a reboot, but the parent application delayed this reboot.
Starting process 'C:\WINDOWS\inf\unregmp2.exe'.
Starting process 'C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wpd_ci.dll,DoCmd remove rescan'.
Package clean-up: Cleaning up files at 'C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\WMC0002.tmp\Rollup3.exe'.
merci de bien vouloir me venir en aide, car avast bien que les repérant, ne les suprime pas.
A voir également:
- Sos, cheval de troie win32
- Antivirus cheval de troie gratuit - Télécharger - Antivirus & Antimalwares
- Être à cheval entre deux choses - Forum Études / Formation High-Tech
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Cheval de troie virus comment le supprimer - Forum Antivirus
- Télécharger win32 valide pour windows 7 gratuit - Forum Windows
43 réponses
Recharge hijackthis
============================= HITJACKTHIS ===============================
HijackThis
• Télécharger HijackThis ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
• Installer HijackThis en acceptant les paramètres par défaut.
(afin de conserver les sauvegardes qu'il fait) et en le renommant Monjack
• Fermer toutes les applications
• Lancer hitjackthis
----------------------- Fixer des lignes HitjackThis -------------------
Relancer Hitjackthis
• Fixer cette/ces lignes
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\win logon.exe
O4 - HKCU\..\Run: [swg] C:\WINDOWS\system32\regsvr32.exe
• Pour fixer cette/ces lignes.
• Cliquer sur la petite case à gauche de chaque ligne à fixer.
• Une fois cette/ces lignes cochées, cliquer sur le bouton en bas FIX CHECKED
• Fermer et relancer HitJackThis
• Copier/Coller le nouveau rapport sur le forum.
============================= HITJACKTHIS ===============================
HijackThis
• Télécharger HijackThis ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
• Installer HijackThis en acceptant les paramètres par défaut.
(afin de conserver les sauvegardes qu'il fait) et en le renommant Monjack
• Fermer toutes les applications
• Lancer hitjackthis
----------------------- Fixer des lignes HitjackThis -------------------
Relancer Hitjackthis
• Fixer cette/ces lignes
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\LEROYI~1\LOCALS~1\Temp\win logon.exe
O4 - HKCU\..\Run: [swg] C:\WINDOWS\system32\regsvr32.exe
• Pour fixer cette/ces lignes.
• Cliquer sur la petite case à gauche de chaque ligne à fixer.
• Une fois cette/ces lignes cochées, cliquer sur le bouton en bas FIX CHECKED
• Fermer et relancer HitJackThis
• Copier/Coller le nouveau rapport sur le forum.
De rien ;-)
==============
Ce problème
Je reprend le relais de ma fille Lou ( bien plus douée que moi en informatique) pour continuer à t'embêter un p'tit peu .
Il y a une fenêtre qui s'ouvre systématiquement lors de la mise en route de l'ordi sur la page d'acceuil et qui ressemble à ça :
Aucun nom de DLL spécifié
Utilisation : regsvr32(/u)(/s)(/n)(/i)
(commande)) nom de DLL
/u- Désinscrit le serveur
/s- Mode silencieux
/i- Appelle DLL Install et transmet commande facultative . Utilisé avec /u
/n- Ne pas appeler DLL Register Serveur .
Utiliser cette option avec /i
Que dois-je faire avec ça ?
Peux-tu m'aider, s'il te plaît .
Terminé ? (je pense que oui)
_
==============
Ce problème
Je reprend le relais de ma fille Lou ( bien plus douée que moi en informatique) pour continuer à t'embêter un p'tit peu .
Il y a une fenêtre qui s'ouvre systématiquement lors de la mise en route de l'ordi sur la page d'acceuil et qui ressemble à ça :
Aucun nom de DLL spécifié
Utilisation : regsvr32(/u)(/s)(/n)(/i)
(commande)) nom de DLL
/u- Désinscrit le serveur
/s- Mode silencieux
/i- Appelle DLL Install et transmet commande facultative . Utilisé avec /u
/n- Ne pas appeler DLL Register Serveur .
Utiliser cette option avec /i
Que dois-je faire avec ça ?
Peux-tu m'aider, s'il te plaît .
Terminé ? (je pense que oui)
_
merci pour ton conseil dont je laisserai l'application à Lou qui rentre demain soir du lycée et qui est bien plus férue que moi en informatique ...
A +
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:37:08, on 08/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
C:\PROGRA~1\MESSAG~1\Demon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\Wanadoo\taskbaricon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\LEROY ISABELLE\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Philips ToUcam Camera\GameCam SE\Program\RFTray.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [PadTouch] "C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\LEROY ISABELLE\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: officejet 6100.lnk = ?
O4 - Global Startup: Reality Fusion GameCam SE.lnk = ?
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe