Sujet Précédent Sujet Suivant

Rapport hijacktis

Résolu/Fermé
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010 - 12 nov. 2008 à 21:09
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 - 16 nov. 2008 à 12:22
Bonjour,
puriez vous regarder ce rapport , je soupçonne un virus .

merci pour votre aide .

50 réponses

Réponse 1 / 50
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 21:12
salut,


postes le rapport Stp .... ;)

0
Réponse 2 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 21:12
Logfile of HijackThis v1.99.1
Scan saved at 21:11:30, on 12/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoBho - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3641c8beefebde81.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe" /service (file missing)
0
Réponse 3 / 50
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 21:15
bien ....

Pas mal de chose en effet ....




commences par ceci :


Télécharges ToolBar S&D ( de Eric_71/Team IDN ) :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

* double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
* Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
* Choisis l'option 1 ( "recherche") et tapes "entrée" .
* Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
de son contenu dans ta prochaine réponse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
0
Réponse 4 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 21:16
ok merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 21:23
ok voila mon rapport
-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : BitDefender Firewall 12.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:83 Go)
D:\ (Local Disk) - FAT32 - Total:4 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( 12/11/2008|21:20 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-06-15-53-25
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-06-15-53-25.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-42-45
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-42-45.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-49-09
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-49-09.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-23-17-47-51
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-23-17-47-51.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-14
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-14.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-24
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-24.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-28-22-00-40
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-28-22-00-40.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-09-20-50-52
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-09-20-50-52.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-10-22-46-52
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-10-22-46-52.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\7_wonders_treasures_of_seven16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\escape_from_the_museum16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\home_sweet_home_216x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_encyclopedia16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\restoring_rhonda16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search_goog.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_hidden_object_show16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_pini_society16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtualvillagers16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\womens_murder_club_fr16x16.gif
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\zuma16x16.gif
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-French.ini
C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\GamesBar\OBGet.exe
C:\Program Files\GamesBar\uninst.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\GamesBar

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="about:blank"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 12/11/2008|21:22 - Option : [1]

-----------\\ Fin du rapport a 21:22:03,54
0
Réponse 6 / 50
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 21:25
bien ....


la suite :


Nettoyage avec ToolBar S&D :

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

Relances Toolbar-S&D en double-cliquant sur le raccourci.
-->Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".

Note : ne touches à rien lors de la suppression !

Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse
accompagné d'un nouveau rapport hijackthis pour analyse ...
0
Réponse 7 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 21:34
voila


-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : BitDefender Firewall 12.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:83 Go)
D:\ (Local Disk) - FAT32 - Total:4 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [2] ( 12/11/2008|21:27 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-06-15-53-25
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-06-15-53-25.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-42-45
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-42-45.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-49-09
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-49-09.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-23-17-47-51
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-23-17-47-51.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-14
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-14.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-24
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-24.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-28-22-00-40
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-28-22-00-40.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-09-20-50-52
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-09-20-50-52.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-10-22-46-52
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-10-22-46-52.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\7_wonders_treasures_of_seven16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\escape_from_the_museum16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\home_sweet_home_216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_encyclopedia16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\restoring_rhonda16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search_goog.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_hidden_object_show16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_pini_society16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtualvillagers16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\womens_murder_club_fr16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\zuma16x16.gif
Supprime! - C:\Program Files\GamesBar\Localization-French.ini
Supprime! - C:\Program Files\GamesBar\oberontb.dll
Supprime! - C:\Program Files\GamesBar\OBGet.exe
Supprime! - C:\Program Files\GamesBar\uninst.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\GamesBar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
Supprime! - C:\Program Files\GamesBar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 12/11/2008|21:22 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 12/11/2008|21:32 - Option : [2]

-----------\\ Fin du rapport a 21:32:19,65










Logfile of HijackThis v1.99.1
Scan saved at 21:32:45, on 12/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\ImNotfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoBho - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3641c8beefebde81.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe" /service (file missing)
0
Réponse 8 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 22:01
qui peut regarder mes rapports , j'ai perdu sek69 !!
merci
0
Réponse 9 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 22:22
bonjour
qui peut regarder mes rapports , j'ai perdu de vue sek69 et j'aimerais savoir si tout est ok !
merci pour votre aide
0
Réponse 10 / 50
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 22:24
bien .... continues avec ceci :


souligne>Télécharges Ad-remover ( de Cyrildu17 / C_XX ) sur ton bureau ( et pas ailleurs!) </souligne>:

http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

! Déconnectes toi et fermes toutes applications en cours !

* Cliques sur "Ad-R.exe" pour lancer l'installation et laisses les paramètres d'installe par défaut ( le bureau ) .
* ouvres le dossier le dossier "AD-Remover" : double cliques sur Ad-remover.bat pour lancer l'outil .
* Au menu principal choisi l'option "A" et laisses faire ...
--> Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 11 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 22:32
voila



F --------- Logfile of AD-Remover 1.0.3.3 by C_XX ---------

START at: 22:30:50 | 12/11/2008
ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
Internet Explorer: 7.0.5730.13
OPTION: Scan
EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
USER: HP_Propri‚taire | PC: NOM-EB85C523610
BOOT MODE: Normal
DRIVE(S): C:\
~> Systemdrive: C:\

--------- [ PROCESSES ] ---------

\SystemRoot\System32\smss.exe [676]
\??\C:\WINDOWS\system32\csrss.exe [736]
\??\C:\WINDOWS\system32\winlogon.exe [764]
C:\WINDOWS\system32\services.exe [808]
C:\WINDOWS\system32\lsass.exe [820]
C:\WINDOWS\system32\Ati2evxx.exe [980]
C:\WINDOWS\system32\svchost.exe [1008]
C:\WINDOWS\system32\svchost.exe [1068]
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [1176]
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [1216]
C:\WINDOWS\System32\svchost.exe [1268]
C:\Program Files\Ahead\InCD\InCDsrv.exe [1288]
C:\WINDOWS\system32\svchost.exe [1448]
C:\WINDOWS\system32\svchost.exe [1572]
C:\WINDOWS\system32\spoolsv.exe [1708]
C:\WINDOWS\system32\Ati2evxx.exe [464]
C:\WINDOWS\Explorer.EXE [580]
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [608]
C:\WINDOWS\system32\svchost.exe [712]
C:\WINDOWS\system32\wdfmgr.exe [728]
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [1780]
C:\windows\system\hpsysdrv.exe [1792]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [1800]
C:\Program Files\iTunes\iTunesHelper.exe [1860]
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [1876]
C:\WINDOWS\system32\LVCOMSX.EXE [1888]
C:\Program Files\Logitech\Video\LogiTray.exe [1944]
C:\Program Files\QuickTime\qttask.exe [1964]
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe [1996]
C:\Program Files\Ahead\InCD\InCD.exe [2008]
C:\HP\KBD\KBD.EXE [2016]
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [132]
C:\Program Files\EoRezo\EoEngine.exe [256]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [1752]
C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe [316]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [448]
C:\Program Files\Logitech\Video\FxSvr2.exe [524]
C:\PROGRA~1\MESSEN~1\msmsgs.exe [1168]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [1516]
C:\WINDOWS\system32\ctfmon.exe [1132]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [1536]
C:\Program Files\IncrediMail\bin\IMApp.exe [1824]
C:\Program Files\iPod\bin\iPodService.exe [2076]
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2228]
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2244]
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2300]
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe [2496]
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN [2588]
C:\WINDOWS\System32\alg.exe [2824]
C:\WINDOWS\System32\svchost.exe [3016]
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [3848]
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe [1588]
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe [3512]
C:\Program Files\Windows Live\Messenger\usnsvc.exe [592]
C:\Program Files\IncrediMail\bin\IncMail.exe [2032]
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2552]
C:\Program Files\IncrediMail\bin\IncMail.exe [1332]
C:\Program Files\IncrediMail\bin\IncMail.exe [2284]
C:\Program Files\IncrediMail\bin\IncMail.exe [3632]
C:\WINDOWS\system32\wuauclt.exe [1016]
C:\WINDOWS\system32\wuauclt.exe [4008]

---------------------------- [~> 61]


+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND
+---------------------------------------------------------------------------+

Found ! - "Boonty Games"

+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND
+---------------------------------------------------------------------------+

"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND
+---------------------------------------------------------------------------+

[10/11/2008 16:15|d--------] C:\Program Files\EoRezo
[04/11/2007 01:12|d--------] C:\Program Files\Fichiers communs\BOONTY Shared
[12/11/2008 22:26|d--------] C:\Documents and Settings\HP_Propri‚taire\Application Data\EoRezo
[04/11/2007 01:12|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\t83y79ft.default\prefs.js :

~~~~ Mozilla FireFox version 3.0.3 ~~~~

Start Page : "https://www.google.fr/webhp?gws_rd=ssl"

+----------+


+---------------------------------------------------------------------------+


+---------- Added scan ...

+-----[HKLM\...\Run]

SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
hpsysdrv REG_SZ c:\windows\system\hpsysdrv.exe
ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
HPHUPD08 REG_SZ c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
HP Software Update REG_EXPAND_SZ C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
LogitechVideoRepair REG_SZ C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray REG_SZ C:\Program Files\Logitech\Video\LogiTray.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
Device Detector REG_SZ "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
InCD REG_SZ C:\Program Files\Ahead\InCD\InCD.exe
KBD REG_SZ C:\HP\KBD\KBD.EXE
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
BDAgent REG_SZ "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
BitDefender Antiphishing Helper REG_SZ "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
EoEngine REG_SZ "C:\Program Files\EoRezo\EoEngine.exe"

+-----[HKCU\...\Run]

MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
IncrediMail REG_SZ C:\Program Files\IncrediMail\bin\IncMail.exe /c
Nero PhotoShow Media Manager REG_SZ C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
LogitechSoftwareUpdate REG_SZ "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
MSMSGS REG_SZ "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
RegistryBooster 2 d’Uniblue REG_SZ C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

+-----[HKLM\...\Internet Explorer\MAIN]

Start Page : hxxp://www.msn.com/

+-----[HKCU\...\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+
+------------------------------- [ EOF - 158 lines ]
+---------------------------------------------------------------------------+

[ END at: 22:31:30 | 12/11/2008 ] - [ Time elapsed: 39.4 seconds ]
0
Réponse 12 / 50
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 22:34
ok ....


souligne>Nettoyage AD-Remover </souligne>:

! Déconnectes toi et fermes toutes applications en cours !

* Relances "Ad-remover" : au menu principal choisi l'option "B" .

--> le programme va travailler ...

* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse et attends la suite ...

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

/!\ Si le Bureau ne réapparait pas, presses Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\


0
Réponse 13 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 22:53
F --------- Logfile of AD-Remover 1.0.3.3 by C_XX ---------

START at: 22:37:24 | 12/11/2008
ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
Internet Explorer: 7.0.5730.13
OPTION: Clean
EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
USER: HP_Propri‚taire | PC: NOM-EB85C523610
BOOT MODE: Normal
DRIVE(S): C:\
~> Systemdrive: C:\

--------- [ PROCESSES ] ---------

\SystemRoot\System32\smss.exe [676]
\??\C:\WINDOWS\system32\csrss.exe [736]
\??\C:\WINDOWS\system32\winlogon.exe [764]
C:\WINDOWS\system32\services.exe [808]
C:\WINDOWS\system32\lsass.exe [820]
C:\WINDOWS\system32\Ati2evxx.exe [980]
C:\WINDOWS\system32\svchost.exe [1008]
C:\WINDOWS\system32\svchost.exe [1068]
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [1176]
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [1216]
C:\WINDOWS\System32\svchost.exe [1268]
C:\Program Files\Ahead\InCD\InCDsrv.exe [1288]
C:\WINDOWS\system32\svchost.exe [1448]
C:\WINDOWS\system32\svchost.exe [1572]
C:\WINDOWS\system32\spoolsv.exe [1708]
C:\WINDOWS\system32\Ati2evxx.exe [464]
C:\WINDOWS\Explorer.EXE [580]
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [608]
C:\WINDOWS\system32\svchost.exe [712]
C:\WINDOWS\system32\wdfmgr.exe [728]
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [1780]
C:\windows\system\hpsysdrv.exe [1792]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [1800]
C:\Program Files\iTunes\iTunesHelper.exe [1860]
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [1876]
C:\WINDOWS\system32\LVCOMSX.EXE [1888]
C:\Program Files\Logitech\Video\LogiTray.exe [1944]
C:\Program Files\QuickTime\qttask.exe [1964]
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe [1996]
C:\Program Files\Ahead\InCD\InCD.exe [2008]
C:\HP\KBD\KBD.EXE [2016]
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [132]
C:\Program Files\EoRezo\EoEngine.exe [256]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [1752]
C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe [316]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [448]
C:\Program Files\Logitech\Video\FxSvr2.exe [524]
C:\PROGRA~1\MESSEN~1\msmsgs.exe [1168]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [1516]
C:\WINDOWS\system32\ctfmon.exe [1132]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [1536]
C:\Program Files\IncrediMail\bin\IMApp.exe [1824]
C:\Program Files\iPod\bin\iPodService.exe [2076]
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2228]
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2244]
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2300]
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe [2496]
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN [2588]
C:\WINDOWS\System32\alg.exe [2824]
C:\WINDOWS\System32\svchost.exe [3016]
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [3848]
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe [1588]
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe [3512]
C:\Program Files\Windows Live\Messenger\usnsvc.exe [592]
C:\Program Files\IncrediMail\bin\IncMail.exe [2032]
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2552]
C:\Program Files\IncrediMail\bin\IncMail.exe [1332]
C:\Program Files\IncrediMail\bin\IncMail.exe [2284]
C:\Program Files\IncrediMail\bin\IncMail.exe [3632]
C:\WINDOWS\system32\wuauclt.exe [4008]
C:\WINDOWS\system32\notepad.exe [872]

---------------------------- [~> 61]


+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED
+---------------------------------------------------------------------------+

Deleted successfully ! - "Boonty Games"

+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED
+---------------------------------------------------------------------------+

"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED
+---------------------------------------------------------------------------+

[10/11/2008 16:15|d--------] C:\Program Files\EoRezo
[04/11/2007 01:12|d--------] C:\Program Files\Fichiers communs\BOONTY Shared
[12/11/2008 22:26|d--------] C:\Documents and Settings\HP_Propri‚taire\Application Data\EoRezo
[04/11/2007 01:12|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY

(!) ---- Temp files deleted.

(!) ---- Recycle bin emptied in all drives.



+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\t83y79ft.default\prefs.js :

~~~~ Mozilla FireFox version 3.0.3 ~~~~

Start Page : "https://www.google.fr/webhp?gws_rd=ssl"

+----------+



+---------- Added scan ...

+-----[HKLM\...\Run]

SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
hpsysdrv REG_SZ c:\windows\system\hpsysdrv.exe
ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
HPHUPD08 REG_SZ c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
HP Software Update REG_EXPAND_SZ C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
LogitechVideoRepair REG_SZ C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray REG_SZ C:\Program Files\Logitech\Video\LogiTray.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
Device Detector REG_SZ "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
InCD REG_SZ C:\Program Files\Ahead\InCD\InCD.exe
KBD REG_SZ C:\HP\KBD\KBD.EXE
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
BDAgent REG_SZ "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
BitDefender Antiphishing Helper REG_SZ "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"

+-----[HKCU\...\Run]

MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
IncrediMail REG_SZ C:\Program Files\IncrediMail\bin\IncMail.exe /c
Nero PhotoShow Media Manager REG_SZ C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
LogitechSoftwareUpdate REG_SZ "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
MSMSGS REG_SZ "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
RegistryBooster 2 d’Uniblue REG_SZ C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

+-----[HKLM\...\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+-----[HKCU\...\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+---------------------------------------------------------------------------+
+------------------------------- [ EOF - 154 lines ]
+---------------------------------------------------------------------------+

[ END at: 22:50:01 | 12/11/2008 ] - [ Time elapsed: 12 minutes, 36 seconds ]











Logfile of HijackThis v1.99.1
Scan saved at 22:51:05, on 12/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3641c8beefebde81.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe" /service (file missing)
0
Réponse 14 / 50
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 22:58
bien .... on avance ....


1- Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
Lors de l'installation:
-choisis bien "francais" en langue .
-avant de cliquer sur le bouton "installer", décoches toutes les "options supplémentaires" sauf les 2 premières.


Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )


2- Rends toi sur ce site :

https://www.virustotal.com/gui/

Copies ce qui suit et colles le dans l'espace pour la recherche :
c:\program files\google\googletoolbar1.dll

Cliques sur Send File ( = " Envoyer le fichier " ).

Un rapport va s'élaborer ligne à ligne.

Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copies le dans ta prochaine réponse ( surtout le listing des AV )...

( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )



une fois posté , fais ceci stp :


3- Télécharges Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Fermes bien toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* cliques ensuite sur " Continue " pour lancer l'analyse ...


( Note : Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.)


-> laisses faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Postes le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : postes un rapport, puis l'autre dans la réponse suivante ... si tu essayes de poster les deux en même temps,
cela risque d'être trop long pour le forum ...
Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ...

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
0
Réponse 15 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 23:13
JE N4ARRIVE PAS A FAIRE UN COPIER COLLER POUR VIRUSTOTAL
0
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 23:31
donne moi le lien ( l'url ) du rapport stp .... puis fais la suite
0
Réponse 16 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 23:37
je vais faire la suite , mais je ne comprend pas ce que tu veus
0
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 23:41
ok pas grave ... on fera sans .... la suite donc ....

0
Réponse 17 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 23:42
info.txt logfile of random's system information tool 1.04 2008-11-12 23:39:32

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->C:\WINDOWS\unmrw.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee for PENTAX 2.0-->MsiExec.exe /I{D8320DD6-FE47-41DE-B116-4158B7AE3F37}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Ad-remover-->C:\Program Files\Ad-remover\Uninstal.exe
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ares 2.0.9-->"C:\Program Files\Ares\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Barre de confiance CM-CIC-->"C:\Program Files\BarreConfCMCIC\Setup.exe" -u
BitDefender Total Security 2009-->MsiExec.exe /X{8ACF317C-CA66-4363-AEBF-A073B124AA1A}
Budget pour les nuls-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Anuman Interactive\Budget pour les nuls\Uninst.isu"
Cake Mania-->"C:\Program Files\Gamenext\Cake Mania\Uninstall.exe" "C:\Program Files\Gamenext\Cake Mania\install.log"
Cartes de Visites-->C:\PROGRA~1\CARTES~1\UNWISE.EXE C:\PROGRA~1\CARTES~1\INSTALL.LOG
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Cryptext (Remove Only)-->rundll32 setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\ShellExt\Cryptext.inf
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eMule Plus 1.2b-->"C:\Program Files\eMule\unins000.exe"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Enjoy 6e-->C:\WINDOWS\Enjoy 6e Uninstaller.exe
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hijackthis Version Française 1.99.0.1-->"C:\Program Files\Hijackthis Version Française\unins000.exe"
HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
IncrediMail Xe-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{523E6F2A-2D59-4D91-90E8-6C49931C9F50}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Movavi Video Converter 6-->MsiExec.exe /I{0D6EDECD-7523-4E74-BE25-4E1BFC073242}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Player Utilities 3.68-->MsiExec.exe /I{D98BFAD2-0C90-47F4-9D69-2EFF21631884}
MSNTweaker 1.0-->"C:\Program Files\MSNTweaker\unins000.exe"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
muvee autoProducer 4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C3D719A-92C7-4323-89CC-C937D0267B84}\setup.exe" -l0x40c
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{7B312BFD-6C04-4409-AB6F-DD41CCD67463}\setup.exe -runfromtemp -l0x040c -removeonly
muvee corePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B0BD0D6-D7D1-4D49-9815-5A85081ECC45}\Setup.exe" -l0x40c
muvee Photo-Centric stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7344B66-C8AA-4597-B73E-08BBF449EE26}\Setup.exe" -l0x40c
Nero PhotoShow Deluxe 4-->"C:\Program Files\Nero\Nero PhotoShow 4\data\Xtras\Uninstall.exe"
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PC-Doctor 5 for Windows-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{AB61A692-5543-4C48-979B-8CEA1C52FE9C} /l1036
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PhotoDVD 2.6.2.0b-->"C:\Program Files\vso\PhotoDVD\unins000.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Picture Package-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x40c UNINSTALL
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
SA31xx Device Manager & Media Converter-->C:\Program Files\InstallShield Installation Information\{E572B060-C98B-4984-A48E-E4FA56265903}\setup.exe -runfromtemp -l0x040c -removeonly
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung Samples Installer-->"C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -runfromtemp -l0x040c -removeonly
Sandlot Games Client Services 1.2.2-->"C:\Program Files\Fichiers communs\Sandlot Shared\unins000.exe"
Savage 2.00e-->C:\Savage\Uninstall.exe
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
Uniblue RegistryBooster 2-->"C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
USB Storage Driver-->DelUIDrv.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Hosts File======

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

======Security center information======

AV: BitDefender Antivirus
FW: BitDefender Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\

-----------------EOF-----------------
0
Réponse 18 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
12 nov. 2008 à 23:44
Logfile of random's system information tool 1.04 (written by random/random)
Run by HP_Propriétaire at 2008-11-12 23:38:57
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 86 GB (58%) free of 148 GB
Total RAM: 446 MB (27% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{988B07F5-7392-455A-8A1F-64935CB8B6ED}]
BHO Barre de Confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-30 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-22 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-08-13 90112]
{55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - Barre de confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-08 344064]
"HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-02 49152]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2005-05-05 278528]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [2005-05-12 49152]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-01-02 98304]
"Device Detector"=C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe [2005-06-27 221184]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2005-07-25 1397760]
"KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2008-10-03 716800]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-08-10 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072]
"Nero PhotoShow Media Manager"=C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe [2007-02-08 229376]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2007-05-07 20480]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"MSMSGS"=C:\PROGRA~1\MESSEN~1\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-15 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RegistryBooster 2 d’Uniblue "=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [2007-11-21 1902592]
"AdobeUpdater"=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-11-12 2356088]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-06-08 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 2 months======

2008-11-12 23:38:57 ----D---- C:\rsit
2008-11-12 22:29:58 ----D---- C:\WINDOWS\LastGood
2008-11-12 22:29:02 ----D---- C:\Program Files\Ad-remover
2008-11-12 21:20:09 ----A---- C:\TB.txt
2008-11-12 21:19:09 ----D---- C:\ToolBar SD
2008-11-12 19:23:19 ----D---- C:\Program Files\Hijackthis Version Française
2008-11-10 16:18:00 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\WinRAR
2008-11-10 16:16:59 ----D---- C:\Program Files\WinRAR
2008-11-07 16:06:22 ----A---- C:\WINDOWS\system32\SONYHCY.DLL
2008-11-07 16:06:21 ----D---- C:\Drivers
2008-11-07 16:05:50 ----N---- C:\WINDOWS\system32\LTTWN12n.DLL
2008-11-07 16:05:49 ----N---- C:\WINDOWS\system32\lfmpg12n.dll
2008-11-07 16:05:49 ----N---- C:\WINDOWS\system32\lfgif12n.dll
2008-11-07 16:05:49 ----N---- C:\WINDOWS\system32\lfavi12n.dll
2008-11-07 16:05:31 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2008-11-07 16:04:42 ----D---- C:\Program Files\Sony Corporation
2008-11-06 17:26:09 ----D---- C:\Program Files\Ares
2008-11-06 11:44:51 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-27 17:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-25 22:40:41 ----D---- C:\WINDOWS\Prefetch
2008-10-25 22:35:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-25 22:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-25 22:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-25 22:34:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-25 22:34:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-25 22:34:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-25 22:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-25 22:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-25 22:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-25 22:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-25 22:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-10-25 22:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-25 22:32:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-25 22:32:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-25 22:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-25 22:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-25 22:24:41 ----D---- C:\WINDOWS\l2schemas
2008-10-25 22:24:40 ----D---- C:\WINDOWS\system32\fr
2008-10-25 22:24:39 ----D---- C:\WINDOWS\system32\bits
2008-10-25 22:19:49 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-25 22:07:26 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-25 22:05:40 ----D---- C:\WINDOWS\EHome
2008-10-24 19:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-24 18:13:43 ----D---- C:\Program Files\BarreConfCMCIC
2008-10-22 16:47:32 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2008-10-22 16:47:28 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2008-10-22 16:47:27 ----D---- C:\Program Files\PDFCreator
2008-10-20 22:19:51 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-10-20 22:19:20 ----D---- C:\Program Files\MSXML 6.0
2008-10-20 22:14:19 ----D---- C:\fe2da4543fcceb3a5d7a8983f4e96a
2008-10-20 22:13:51 ----D---- C:\321cba30f0657fa7089e4d
2008-10-16 22:06:27 ----D---- C:\a144fd872f5e91eae0d3
2008-10-16 22:06:00 ----RHD---- C:\AHCache
2008-10-16 22:05:46 ----D---- C:\77cfe7fd6628b47d3354cd703a838f62
2008-10-15 20:19:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-15 20:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 20:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-15 20:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-15 20:17:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-10-14 21:59:33 ----D---- C:\Program Files\Uniblue
2008-10-14 21:17:31 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Uniblue
2008-10-08 00:37:08 ----D---- C:\Program Files\FpTest
2008-09-29 16:23:19 ----A---- C:\WINDOWS\system32\muweb.dll
2008-09-29 16:23:19 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-09-29 16:23:18 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-09-28 14:26:13 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-28 14:17:06 ----D---- C:\Program Files\Messenger Plus! Live
2008-09-28 14:07:48 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-09-28 14:07:11 ----D---- C:\Program Files\Windows Live
2008-09-28 14:06:50 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-27 14:11:59 ----D---- C:\WINDOWS\system32\Adobe
2008-09-24 14:33:43 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\BitDefender
2008-09-24 14:33:32 ----D---- C:\Binaries
2008-09-24 14:32:13 ----D---- C:\Program Files\BitDefender
2008-09-24 14:32:13 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-09-24 14:30:17 ----D---- C:\Program Files\Fichiers communs\BitDefender
2008-09-21 19:56:57 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2
2008-09-21 19:52:09 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-09-21 19:51:41 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-21 19:51:41 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-21 19:51:41 ----A---- C:\WINDOWS\system32\java.exe
2008-09-16 21:01:07 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-09-16 21:01:07 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-09-16 21:01:06 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-09-16 21:01:05 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-09-16 21:01:05 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-09-16 21:01:03 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-09-16 21:01:02 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-09-16 21:01:02 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-09-16 21:01:01 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-09-16 21:01:00 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-09-16 21:00:59 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-09-16 21:00:59 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-09-16 21:00:58 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-09-16 21:00:57 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-09-16 21:00:55 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-09-16 21:00:54 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-09-16 21:00:53 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-09-16 21:00:53 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-09-16 21:00:52 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-09-16 21:00:51 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-09-16 21:00:49 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-09-16 21:00:49 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-09-16 21:00:48 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-09-16 21:00:46 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-09-16 21:00:45 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-09-16 21:00:45 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-09-16 21:00:44 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-09-16 21:00:43 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-09-16 21:00:43 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-09-16 21:00:42 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-09-16 21:00:42 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-09-16 21:00:35 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-09-16 21:00:24 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-09-16 20:59:52 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-09-16 20:59:45 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-09-16 20:59:45 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-09-16 20:59:35 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-09-16 20:59:34 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-09-16 20:59:32 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-09-16 20:59:30 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-09-16 20:59:26 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-09-16 20:59:26 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-09-16 20:59:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-09-16 20:59:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-09-16 20:59:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-09-16 20:59:23 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-09-16 20:59:22 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-09-16 20:59:21 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-09-16 20:59:14 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-09-16 20:59:13 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-09-16 20:59:13 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-09-16 20:59:12 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-09-16 20:59:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-09-16 20:59:11 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-09-16 20:59:10 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-09-16 20:59:09 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-09-16 20:59:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-09-16 20:59:00 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-09-16 20:54:41 ----HD---- C:\WINDOWS\msdownld.tmp
2008-09-16 20:54:06 ----D---- C:\WINDOWS\Logs
2008-09-16 20:01:12 ----D---- C:\Documents and Settings\All Users\Application Data\Tages
2008-09-16 03:51:09 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-16 03:50:40 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-16 03:50:40 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-16 03:50:30 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-16 03:50:28 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-16 03:50:25 ----N---- C:\WINDOWS\system32\slserv.exe
2008-09-16 03:50:25 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-09-16 03:50:25 ----N---- C:\WINDOWS\slrundll.exe
2008-09-16 03:50:24 ----N---- C:\WINDOWS\system32\slgen.dll
2008-09-16 03:50:24 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-09-16 03:50:24 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-09-16 03:50:15 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-16 03:50:10 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-09-16 03:50:07 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-16 03:50:03 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-16 03:50:02 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-16 03:50:00 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-16 03:50:00 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-16 03:50:00 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-16 03:49:49 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-16 03:49:41 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-09-16 03:49:28 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-16 03:49:28 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-16 03:49:27 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-16 03:49:27 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-16 03:49:20 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-16 03:49:20 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-16 03:48:34 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-16 03:48:33 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-16 03:48:33 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-16 03:48:33 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-16 03:48:27 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-09-16 03:47:53 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-16 03:47:48 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-16 03:47:45 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-16 03:47:45 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-16 03:47:45 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-16 03:47:44 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-16 03:47:23 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-16 03:47:01 ----A---- C:\WINDOWS\002892_.tmp
2008-09-16 03:47:00 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-09-16 03:46:54 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-16 03:46:54 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-16 03:46:54 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-16 03:46:54 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-16 03:46:53 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-16 03:46:53 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-16 03:46:53 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-16 03:46:53 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-16 03:46:42 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-16 03:46:42 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-16 03:46:41 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-16 03:46:34 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-16 03:46:21 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-16 03:46:20 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-16 03:46:17 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-16 03:46:14 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-16 03:46:13 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-09-16 03:45:51 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-15 20:31:23 ----D---- C:\Documents and Settings\All Users\Application Data\Player Metaboli
2008-09-15 14:34:34 ----D---- C:\WINDOWS\system32\logs
2008-09-14 10:31:55 ----A---- C:\WINDOWS\system32\msado15.dll
2008-09-14 10:31:54 ----AS---- C:\WINDOWS\system32\WINSKFR.DLL
2008-09-14 10:31:54 ----AS---- C:\WINDOWS\system32\VB6STKIT.DLL
2008-09-14 10:31:53 ----AS---- C:\WINDOWS\system32\stdftfr.dll
2008-09-14 10:31:39 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2008-09-14 10:31:39 ----AS---- C:\WINDOWS\system32\msjro.dll
2008-09-14 10:31:38 ----AS---- C:\WINDOWS\system32\MSDBRPTR.DLL
2008-09-14 10:31:38 ----AS---- C:\WINDOWS\system32\MSDBRPT.DLL
2008-09-14 10:31:37 ----AS---- C:\WINDOWS\system32\MSCMCFR.DLL
2008-09-14 10:31:37 ----AS---- C:\WINDOWS\system32\MSCC2FR.DLL
2008-09-14 10:31:37 ----AS---- C:\WINDOWS\system32\MSBIND.DLL
2008-09-14 10:31:36 ----AS---- C:\WINDOWS\system32\INETFR.DLL
2008-09-14 10:31:36 ----AS---- C:\WINDOWS\system32\ijl11.dll
2008-09-14 10:31:35 ----AS---- C:\WINDOWS\system32\hxvz.dll
2008-09-14 10:31:35 ----AS---- C:\WINDOWS\system32\glut32.dll
2008-09-14 10:31:34 ----AS---- C:\WINDOWS\system32\ftdbcf.dll
2008-09-14 10:31:34 ----AS---- C:\WINDOWS\system32\FLXGDFR.DLL
2008-09-14 10:31:33 ----AS---- C:\WINDOWS\system32\DBRPRFR.DLL
2008-09-14 10:31:33 ----AS---- C:\WINDOWS\system32\DBLSTFR.DLL
2008-09-14 10:31:33 ----AS---- C:\WINDOWS\system32\DBGRDFR.DLL
2008-09-14 10:31:33 ----AS---- C:\WINDOWS\system32\DATRPFR.DLL
2008-09-14 10:31:32 ----AS---- C:\WINDOWS\system32\DATGDFR.DLL
2008-09-14 10:31:30 ----AS---- C:\WINDOWS\system32\CMDLGFR.DLL
2008-09-14 10:31:30 ----AS---- C:\WINDOWS\system32\CMCTLFR.DLL
2008-09-14 10:31:30 ----AS---- C:\WINDOWS\system32\CMCT3FR.DLL
2008-09-14 10:31:30 ----AS---- C:\WINDOWS\system32\CMCT2FR.DLL
2008-09-14 10:31:28 ----AS---- C:\WINDOWS\system32\ADODCFR.DLL

======List of files/folders modified in the last 2 months======

2008-11-12 23:17:23 ----D---- C:\Program Files\Mozilla Firefox
2008-11-12 23:05:15 ----D---- C:\WINDOWS\Temp
2008-11-12 23:05:15 ----D---- C:\WINDOWS
2008-11-12 23:05:08 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-11-12 22:40:55 ----D---- C:\Program Files\Fichiers communs
2008-11-12 22:40:54 ----D---- C:\Program Files
2008-11-12 22:30:17 ----HD---- C:\WINDOWS\inf
2008-11-12 22:30:00 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 19:07:52 ----D---- C:\WINDOWS\system32\FxsTmp
2008-11-11 23:07:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-11 23:06:53 ----SHD---- C:\WINDOWS\Installer
2008-11-11 23:05:39 ----HD---- C:\Config.Msi
2008-11-11 17:58:49 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-09 17:57:05 ----D---- C:\WINDOWS\system32
2008-11-07 16:06:23 ----D---- C:\WINDOWS\system32\drivers
2008-11-07 16:06:21 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-07 16:06:11 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-11-07 15:55:52 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-06 11:49:48 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-06 11:46:35 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-05 16:17:45 ----D---- C:\WINDOWS\Tasks
2008-10-29 18:48:10 ----D---- C:\WINDOWS\security
2008-10-29 18:41:07 ----D---- C:\WINDOWS\system32\dllcache
2008-10-27 17:46:40 ----A---- C:\WINDOWS\bdagent.INI
2008-10-27 17:13:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-26 23:01:42 ----D---- C:\WINDOWS\Debug
2008-10-25 22:41:46 ----A---- C:\WINDOWS\win.ini
2008-10-25 22:39:53 ----D---- C:\WINDOWS\system32\Setup
2008-10-25 22:39:53 ----D---- C:\WINDOWS\AppPatch
2008-10-25 22:39:53 ----D---- C:\Program Files\Messenger
2008-10-25 22:39:52 ----D---- C:\WINDOWS\system32\wbem
2008-10-25 22:39:51 ----RSD---- C:\WINDOWS\Fonts
2008-10-25 22:26:08 ----D---- C:\WINDOWS\WinSxS
2008-10-25 22:25:21 ----D---- C:\WINDOWS\network diagnostic
2008-10-25 22:25:21 ----D---- C:\WINDOWS\ime
2008-10-25 22:25:20 ----D---- C:\WINDOWS\Help
2008-10-25 22:24:44 ----D---- C:\WINDOWS\system32\usmt
2008-10-25 22:24:44 ----D---- C:\WINDOWS\system32\fr-fr
2008-10-25 22:24:39 ----D---- C:\WINDOWS\PeerNet
2008-10-25 22:24:39 ----D---- C:\Program Files\Movie Maker
2008-10-25 22:19:39 ----D---- C:\WINDOWS\system32\Restore
2008-10-25 22:19:39 ----D---- C:\WINDOWS\system32\npp
2008-10-25 22:19:36 ----D---- C:\WINDOWS\msagent
2008-10-25 22:19:34 ----D---- C:\WINDOWS\srchasst
2008-10-25 22:19:34 ----D---- C:\Program Files\NetMeeting
2008-10-25 22:19:31 ----D---- C:\WINDOWS\system32\Com
2008-10-25 22:19:28 ----D---- C:\Program Files\Windows Media Player
2008-10-25 22:19:27 ----D---- C:\Program Files\Windows NT
2008-10-25 22:19:27 ----D---- C:\Program Files\Outlook Express
2008-10-25 22:19:21 ----D---- C:\Program Files\Fichiers communs\System
2008-10-25 22:18:55 ----D---- C:\WINDOWS\system32\oobe
2008-10-25 22:18:52 ----D---- C:\WINDOWS\system
2008-10-25 22:12:23 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-25 21:40:14 ----D---- C:\WINDOWS\system32\config
2008-10-20 22:35:37 ----RSD---- C:\WINDOWS\assembly
2008-10-15 20:18:59 ----D---- C:\Program Files\Internet Explorer
2008-10-15 20:18:44 ----D---- C:\WINDOWS\ie7updates
2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-14 21:59:36 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-11 21:09:39 ----A---- C:\Documents and Settings\HP_Propriétaire\Application Data\Printer.ini
2008-10-08 12:41:44 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe
2008-10-07 20:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-05 09:07:34 ----D---- C:\Program Files\Picasa2
2008-10-03 18:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-02 23:51:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-28 14:11:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-28 14:00:34 ----D---- C:\Program Files\MSN Messenger
2008-09-24 14:17:28 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-21 19:51:39 ----D---- C:\Program Files\Java
2008-09-16 21:01:10 ----D---- C:\WINDOWS\system32\DirectX
2008-09-16 20:58:56 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-16 19:37:46 ----D---- C:\temp
2008-09-13 20:40:28 ----D---- C:\Program Files\Gamenext
2008-09-13 15:05:25 ----D---- C:\Documents and Settings\All Users\Application Data\HipSoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 bdftdif;bdftdif; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-25 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-07-25 28672]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-06-22 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-09-16 278984]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-09-16 25416]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-20 2317696]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-08 1235968]
R3 bdfm;BDFM; C:\WINDOWS\system32\drivers\bdfm.sys [2008-08-12 108864]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-10-03 103944]
R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2008-08-12 228672]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys []
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2005-03-07 14408]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-01-04 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-05-20 9856]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-25 101504]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 607452]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-08 376832]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-22 168432]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-25 876032]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-10-03 393216]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2008-10-03 1527808]
R3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2005-05-05 327680]
R3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-25 876032]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE [2007-08-09 73728]
S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2007-03-20 263168]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-09-13 1247600]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------
0
Réponse 19 / 50
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
12 nov. 2008 à 23:56
bien ....


dans l'ordre :


1- tu as des traces de Norton qui trainent , il faut les nettoyer ainsi :
Télécharges Norton removal tool sur ton bureau :
ftp://ftp.symantec.com/public/francais/removal_tools/Norton_Removal_Tool.exe

Déconnectes toi .
Ensuite désinstalles Norton avec "Norton removal tool": tu doubles click dessus et te laisses guider ... il faut le désinstaller correctement ( fait la manipe 2 fois si possible ).

====================

2- souligne>Télécharges OTMoveIt3 (de Old_Timer) sur ton Bureau</souligne>.

http://oldtimer.geekstogo.com/OTMoveIt3.exe

! Déconnectes toi et fermes toute tes applications en cours !

Double cliques sur "OTMoveIt3.exe" pour ouvrir le prg .
Puis copies ce qui se trouve en citation ci-dessous, 


:Processes
explorer.exe

:Services

:Reg

:Files
C:\fe2da4543fcceb3a5d7a8983f4e96a 
C:\321cba30f0657fa7089e4d 
C:\a144fd872f5e91eae0d3 
C:\77cfe7fd6628b47d3354cd703a838f62 

:Commands
[emptytemp]
[start explorer]
[Reboot]



et colles le dans le cadre de gauche de OTMoveIt3 :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)

-> cliques sur MoveIt! pour lancer la suppression.
-> laisses travailler l'outil ...

( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)

-> une fois finis , un petite fenêtre s'ouvre : cliques sur " Yes " .

Ton PC va redémarrer de lui même ...

-->Postes le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
( " xxxx2008_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).


=======================

3- Télécharges cet outil de SiRi sur ton bureau :

http://siri.urz.free.fr/Softs/RHosts.exe
ou http://siri.urz.free.fr/RHosts.php


Double-cliquer dessus pour le lancer .

-> cliquer sur " Restore original Hosts " et attendre un court instant ...

( ps : c'est normal que rien ne se passe ... )

=======================

4- Télécharges MalwareByte's :
ici ftp://ftp.commentcamarche.com/download/mbam-setup.exe
ou ici : http://www.malwarebytes.org/mbam.php

* Installes le ( choisis bien "francais" ; ne modifies pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/ )

* Potasses le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).

! Déconnectes toi et fermes toutes applications en cours !

* Lances Malwarebyte's .

Fais un examen dit "rapide" ( sélectionnes bien tous tes disks avant le scan ! ).

--> Laisses le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifies que tous les objets infectés soient validés, puis cliques sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

Postes le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) accompagné d'un nouveau hijackthis pour analyse ...

===================

5- une fois ces deux rapports postés , refais un scan RSIT et postes le nouveau rapport "log.txt" obtenu et attends la suite .....

0
Réponse 20 / 50
chiquita38 Messages postés 238 Date d'inscription lundi 1 octobre 2007 Statut Membre Dernière intervention 8 juillet 2010
13 nov. 2008 à 00:20
Error: Unable to interpret <Processes> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\fe2da4543fcceb3a5d7a8983f4e96a moved successfully.
C:\321cba30f0657fa7089e4d\zh-TW moved successfully.
C:\321cba30f0657fa7089e4d\zh-CN moved successfully.
C:\321cba30f0657fa7089e4d\tr moved successfully.
C:\321cba30f0657fa7089e4d\sv moved successfully.
C:\321cba30f0657fa7089e4d\ru moved successfully.
C:\321cba30f0657fa7089e4d\pt-PT moved successfully.
C:\321cba30f0657fa7089e4d\pt-BR moved successfully.
C:\321cba30f0657fa7089e4d\pl moved successfully.
C:\321cba30f0657fa7089e4d\no moved successfully.
C:\321cba30f0657fa7089e4d\nl moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\zh-CHT moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\zh-CHS moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\tr moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\sv moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\ru moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\pt-PT moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\pt-BR moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\pl moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\no moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\nl moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\ko moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\ja moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\it moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\hu moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\he moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\fr moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\fi moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\es moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\en moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\el moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\de moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\da moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\cs moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks\ar moved successfully.
C:\321cba30f0657fa7089e4d\Langpacks moved successfully.
C:\321cba30f0657fa7089e4d\ko moved successfully.
C:\321cba30f0657fa7089e4d\ja moved successfully.
C:\321cba30f0657fa7089e4d\it moved successfully.
C:\321cba30f0657fa7089e4d\images moved successfully.
C:\321cba30f0657fa7089e4d\hu moved successfully.
C:\321cba30f0657fa7089e4d\he moved successfully.
C:\321cba30f0657fa7089e4d\fr moved successfully.
C:\321cba30f0657fa7089e4d\fi moved successfully.
C:\321cba30f0657fa7089e4d\es moved successfully.
C:\321cba30f0657fa7089e4d\en moved successfully.
C:\321cba30f0657fa7089e4d\el moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\zh-TW moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\zh-CN moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\tr moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\sv moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\ru moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\pt-PT moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\pt-BR moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\pl moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\no moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\nl moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\ko moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\ja moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\it moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\hu moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\he moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\fr moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\fi moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\es moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\en moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\el moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\de moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\da moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\cs moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx\ar moved successfully.
C:\321cba30f0657fa7089e4d\DotNetClientFx moved successfully.
C:\321cba30f0657fa7089e4d\de moved successfully.
C:\321cba30f0657fa7089e4d\da moved successfully.
C:\321cba30f0657fa7089e4d\cs moved successfully.
C:\321cba30f0657fa7089e4d\ar moved successfully.
C:\321cba30f0657fa7089e4d moved successfully.
C:\a144fd872f5e91eae0d3 moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\zh-TW moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\zh-CN moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\tr moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\sv moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\ru moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\pt-PT moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\pt-BR moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\pl moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\no moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\nl moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\zh-CHT moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\zh-CHS moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\tr moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\sv moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\ru moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\pt-PT moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\pt-BR moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\pl moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\no moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\nl moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\ko moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\ja moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\it moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\hu moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\he moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\fr moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\fi moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\es moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\en moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\el moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\de moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\da moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\cs moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\ar moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\ko moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\ja moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\it moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\images moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\hu moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\he moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\fr moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\fi moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\es moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\en moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\el moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\zh-TW moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\zh-CN moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\tr moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\sv moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\ru moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\pt-PT moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\pt-BR moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\pl moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\no moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\nl moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\ko moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\ja moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\it moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\hu moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\he moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\fr moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\fi moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\es moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\en moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\el moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\de moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\da moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\cs moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\ar moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\de moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\da moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\cs moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62\ar moved successfully.
C:\77cfe7fd6628b47d3354cd703a838f62 moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\689211B7.TMP scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IadHide4.dll scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\tmp00002b83\tmp00000000 scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 11132008_001010

Files moved on Reboot...
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\689211B7.TMP moved successfully.
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log moved successfully.
DllUnregisterServer procedure not found in C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IadHide4.dll
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IadHide4.dll NOT unregistered.
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IadHide4.dll moved successfully.
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully.
C:\WINDOWS\temp\tmp00002b83\tmp00000000 moved successfully.
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Accés au cloud
Dadou1968 -
loisou17 -

3 réponses