Rapport hijacktis

Résolu
chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention   -  
sKe69 Messages postés 21955 Statut Contributeur sécurité -
Bonjour,
puriez vous regarder ce rapport , je soupçonne un virus .

merci pour votre aide .
Configuration: Windows XP
Firefox 3.0.3

50 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Une suspicion de virus est évoquée sur Windows XP après l’analyse d’un rapport HijackThis et de scans externes, montrant de nombreuses entrées au démarrage et des services potentiellement indésirables. Des outils comme Malwarebytes ont signalé et isolé deux clés de registre liées à Adware.Gamesbar, mais n’ont trouvé aucun fichier malveillant, tandis que le balayage Kaspersky a relevé zéro virus. Le rapport HijackThis montre de nombreuses entrées au démarrage et des services variés, dont certains sont légitimes mais d’autres potentiellement indésirables, ce qui nécessite une analyse expérimentée avant toute suppression. En cas de doute persistant, il peut être utile de comparer les entrées HijackThis à une liste fiable et d'envisager une restauration système ou une réinstallation propre avec mises à jour.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    salut,

    postes le rapport Stp .... ;)

    0
  2. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    Logfile of HijackThis v1.99.1
    Scan saved at 21:11:30, on 12/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
    C:\Program Files\EoRezo\EoEngine.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\MESSEN~1\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoBho - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
    O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
    O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
    O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
    O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O11 - Options group: [TABS] Tabbed Browsing
    O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3641c8beefebde81.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe" /service (file missing)
    0
  3. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    bien ....

    Pas mal de chose en effet ....

    commences par ceci :

    Télécharges ToolBar S&D ( de Eric_71/Team IDN ) :
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    ( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )

    !! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

    * double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
    * Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
    * Choisis l'option 1 ( "recherche") et tapes "entrée" .
    * Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
    de son contenu dans ta prochaine réponse ...
    ( le rapport est en outre sauvegardé ici -> C:\TB.txt )
    0
  4. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    ok merci
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    ok voila mon rapport
    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Phoenix - Award BIOS v6.00PG
    USER : HP_Propriétaire ( Administrator )
    BOOT : Normal boot
    Antivirus : BitDefender Antivirus 12.0 (Activated)
    Firewall : BitDefender Firewall 12.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:144 Go (Free:83 Go)
    D:\ (Local Disk) - FAT32 - Total:4 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [1] ( 12/11/2008|21:20 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-06-15-53-25
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-06-15-53-25.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-42-45
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-42-45.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-49-09
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-49-09.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-23-17-47-51
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-23-17-47-51.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-14
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-14.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-24
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-24.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-28-22-00-40
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-28-22-00-40.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-09-20-50-52
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-09-20-50-52.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-10-22-46-52
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-10-22-46-52.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\7_wonders_treasures_of_seven16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\escape_from_the_museum16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\home_sweet_home_216x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_encyclopedia16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\restoring_rhonda16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search_goog.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_hidden_object_show16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_pini_society16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtualvillagers16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\womens_murder_club_fr16x16.gif
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\zuma16x16.gif
    C:\Program Files\GamesBar
    C:\Program Files\GamesBar\Localization-French.ini
    C:\Program Files\GamesBar\oberontb.dll
    C:\Program Files\GamesBar\OBGet.exe
    C:\Program Files\GamesBar\uninst.exe
    C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\GamesBar

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.msn.com/fr-fr"
    "Search Page"="https://www.google.com/?gws_rd=ssl"
    "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
    "SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Start Page"="about:blank"

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    1 - "C:\ToolBar SD\TB_1.txt" - 12/11/2008|21:22 - Option : [1]

    -----------\\ Fin du rapport a 21:22:03,54
    0
  7. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    bien ....

    la suite :

    Nettoyage avec ToolBar S&D :

    !! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

    Relances Toolbar-S&D en double-cliquant sur le raccourci.
    -->Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".

    Note : ne touches à rien lors de la suppression !

    Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse
    accompagné d'un nouveau rapport hijackthis pour analyse ...
    0
  8. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    voila

    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Phoenix - Award BIOS v6.00PG
    USER : HP_Propriétaire ( Administrator )
    BOOT : Normal boot
    Antivirus : BitDefender Antivirus 12.0 (Activated)
    Firewall : BitDefender Firewall 12.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:144 Go (Free:83 Go)
    D:\ (Local Disk) - FAT32 - Total:4 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [2] ( 12/11/2008|21:27 )

    -----------\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-06-15-53-25
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-06-15-53-25.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-42-45
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-42-45.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-49-09
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-09-16-49-09.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-23-17-47-51
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-01-23-17-47-51.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-14
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-14.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-24
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-03-23-20-25-24.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-28-22-00-40
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-06-28-22-00-40.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-09-20-50-52
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-09-20-50-52.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-10-22-46-52
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\08-07-10-22-46-52.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\4_elements16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\7_wonders_treasures_of_seven16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\about.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\action.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\arcade.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\buy.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\cards.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\deals.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\download.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\escape_from_the_museum16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\feedback.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\help.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\highlight.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\home_sweet_home_216x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\jigsaw.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\magic_encyclopedia16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mahjong.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\multiplayer.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\mygames.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\newGames.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\oberonconfig.xm_
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\obSearchHistory.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\partner.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_off.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\popup_on.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\puzzle.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\restoring_rhonda16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\search_goog.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sendafriend.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\sports.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_hidden_object_show16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\the_pini_society16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\trial.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\uninstall.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\update.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\virtualvillagers16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\webgame.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\womens_murder_club_fr16x16.gif
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\zuma16x16.gif
    Supprime! - C:\Program Files\GamesBar\Localization-French.ini
    Supprime! - C:\Program Files\GamesBar\oberontb.dll
    Supprime! - C:\Program Files\GamesBar\OBGet.exe
    Supprime! - C:\Program Files\GamesBar\uninst.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\GamesBar
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
    Supprime! - C:\Program Files\GamesBar

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://www.msn.com/fr-fr"
    "Search Page"="https://www.google.com/?gws_rd=ssl"
    "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
    "SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Start Page"="https://www.msn.com/fr-fr/"

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    1 - "C:\ToolBar SD\TB_1.txt" - 12/11/2008|21:22 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 12/11/2008|21:32 - Option : [2]

    -----------\\ Fin du rapport a 21:32:19,65

    Logfile of HijackThis v1.99.1
    Scan saved at 21:32:45, on 12/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
    C:\Program Files\EoRezo\EoEngine.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\MESSEN~1\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\IncrediMail\bin\ImNotfy.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoBho - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
    O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
    O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O11 - Options group: [TABS] Tabbed Browsing
    O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3641c8beefebde81.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe" /service (file missing)
    0
  9. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    qui peut regarder mes rapports , j'ai perdu sek69 !!
    merci
    0
  10. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    bonjour
    qui peut regarder mes rapports , j'ai perdu de vue sek69 et j'aimerais savoir si tout est ok !
    merci pour votre aide
    0
  11. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    bien .... continues avec ceci :

    souligne>Télécharges Ad-remover ( de Cyrildu17 / C_XX ) sur ton bureau ( et pas ailleurs!) </souligne>:

    http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

    ! Déconnectes toi et fermes toutes applications en cours !

    * Cliques sur "Ad-R.exe" pour lancer l'installation et laisses les paramètres d'installe par défaut ( le bureau ) .
    * ouvres le dossier le dossier "AD-Remover" : double cliques sur Ad-remover.bat pour lancer l'outil .
    * Au menu principal choisi l'option "A" et laisses faire ...
    --> Postes le rapport qui apparait à la fin .

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :
    "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    0
  12. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    voila

    F --------- Logfile of AD-Remover 1.0.3.3 by C_XX ---------

    START at: 22:30:50 | 12/11/2008
    ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
    Internet Explorer: 7.0.5730.13
    OPTION: Scan
    EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
    USER: HP_Propri‚taire | PC: NOM-EB85C523610
    BOOT MODE: Normal
    DRIVE(S): C:\
    ~> Systemdrive: C:\

    --------- [ PROCESSES ] ---------

    \SystemRoot\System32\smss.exe [676]
    \??\C:\WINDOWS\system32\csrss.exe [736]
    \??\C:\WINDOWS\system32\winlogon.exe [764]
    C:\WINDOWS\system32\services.exe [808]
    C:\WINDOWS\system32\lsass.exe [820]
    C:\WINDOWS\system32\Ati2evxx.exe [980]
    C:\WINDOWS\system32\svchost.exe [1008]
    C:\WINDOWS\system32\svchost.exe [1068]
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [1176]
    C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [1216]
    C:\WINDOWS\System32\svchost.exe [1268]
    C:\Program Files\Ahead\InCD\InCDsrv.exe [1288]
    C:\WINDOWS\system32\svchost.exe [1448]
    C:\WINDOWS\system32\svchost.exe [1572]
    C:\WINDOWS\system32\spoolsv.exe [1708]
    C:\WINDOWS\system32\Ati2evxx.exe [464]
    C:\WINDOWS\Explorer.EXE [580]
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [608]
    C:\WINDOWS\system32\svchost.exe [712]
    C:\WINDOWS\system32\wdfmgr.exe [728]
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [1780]
    C:\windows\system\hpsysdrv.exe [1792]
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [1800]
    C:\Program Files\iTunes\iTunesHelper.exe [1860]
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [1876]
    C:\WINDOWS\system32\LVCOMSX.EXE [1888]
    C:\Program Files\Logitech\Video\LogiTray.exe [1944]
    C:\Program Files\QuickTime\qttask.exe [1964]
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe [1996]
    C:\Program Files\Ahead\InCD\InCD.exe [2008]
    C:\HP\KBD\KBD.EXE [2016]
    C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [132]
    C:\Program Files\EoRezo\EoEngine.exe [256]
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [1752]
    C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe [316]
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [448]
    C:\Program Files\Logitech\Video\FxSvr2.exe [524]
    C:\PROGRA~1\MESSEN~1\msmsgs.exe [1168]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [1516]
    C:\WINDOWS\system32\ctfmon.exe [1132]
    C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [1536]
    C:\Program Files\IncrediMail\bin\IMApp.exe [1824]
    C:\Program Files\iPod\bin\iPodService.exe [2076]
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2228]
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2244]
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2300]
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe [2496]
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN [2588]
    C:\WINDOWS\System32\alg.exe [2824]
    C:\WINDOWS\System32\svchost.exe [3016]
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [3848]
    C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe [1588]
    C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe [3512]
    C:\Program Files\Windows Live\Messenger\usnsvc.exe [592]
    C:\Program Files\IncrediMail\bin\IncMail.exe [2032]
    C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2552]
    C:\Program Files\IncrediMail\bin\IncMail.exe [1332]
    C:\Program Files\IncrediMail\bin\IncMail.exe [2284]
    C:\Program Files\IncrediMail\bin\IncMail.exe [3632]
    C:\WINDOWS\system32\wuauclt.exe [1016]
    C:\WINDOWS\system32\wuauclt.exe [4008]

    ---------------------------- [~> 61]

    +---------------------------------------------------------------------------+
    +------------------------------- SERVICES FOUND
    +---------------------------------------------------------------------------+

    Found ! - "Boonty Games"

    +---------------------------------------------------------------------------+
    +------------------------------- REGISTRY ELEMENTS FOUND
    +---------------------------------------------------------------------------+

    "HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
    "HKEY_LOCAL_MACHINE\Software\Boonty"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES"
    "HKEY_CURRENT_USER\SOFTWARE\EoRezo"
    "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
    "HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
    "HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
    "HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
    "HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"

    +---------------------------------------------------------------------------+
    +------------------------------- FILES\FOLDERS FOUND
    +---------------------------------------------------------------------------+

    [10/11/2008 16:15|d--------] C:\Program Files\EoRezo
    [04/11/2007 01:12|d--------] C:\Program Files\Fichiers communs\BOONTY Shared
    [12/11/2008 22:26|d--------] C:\Documents and Settings\HP_Propri‚taire\Application Data\EoRezo
    [04/11/2007 01:12|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY

    +---------- Scanning prefs.js ... ( # Mozilla User Preferences )

    ...\t83y79ft.default\prefs.js :

    ~~~~ Mozilla FireFox version 3.0.3 ~~~~

    Start Page : "https://www.google.fr/webhp?gws_rd=ssl"

    +----------+

    +---------------------------------------------------------------------------+

    +---------- Added scan ...

    +-----[HKLM\...\Run]

    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    hpsysdrv REG_SZ c:\windows\system\hpsysdrv.exe
    ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    HPHUPD08 REG_SZ c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
    Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
    HP Software Update REG_EXPAND_SZ C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
    LogitechVideoRepair REG_SZ C:\Program Files\Logitech\Video\ISStart.exe
    LogitechVideoTray REG_SZ C:\Program Files\Logitech\Video\LogiTray.exe
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
    Device Detector REG_SZ "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
    InCD REG_SZ C:\Program Files\Ahead\InCD\InCD.exe
    KBD REG_SZ C:\HP\KBD\KBD.EXE
    Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    BDAgent REG_SZ "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
    BitDefender Antiphishing Helper REG_SZ "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
    EoEngine REG_SZ "C:\Program Files\EoRezo\EoEngine.exe"

    +-----[HKCU\...\Run]

    MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    IncrediMail REG_SZ C:\Program Files\IncrediMail\bin\IncMail.exe /c
    Nero PhotoShow Media Manager REG_SZ C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    LogitechSoftwareUpdate REG_SZ "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    MSMSGS REG_SZ "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
    swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
    RegistryBooster 2 d’Uniblue REG_SZ C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

    +-----[HKLM\...\Internet Explorer\MAIN]

    Start Page : hxxp://www.msn.com/

    +-----[HKCU\...\Internet Explorer\MAIN]

    Start Page : hxxp://fr.msn.com/

    +---------------------------------------------------------------------------+
    +------------------------------- [ EOF - 158 lines ]
    +---------------------------------------------------------------------------+

    [ END at: 22:31:30 | 12/11/2008 ] - [ Time elapsed: 39.4 seconds ]
    0
  13. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    ok ....

    souligne>Nettoyage AD-Remover </souligne>:

    ! Déconnectes toi et fermes toutes applications en cours !

    * Relances "Ad-remover" : au menu principal choisi l'option "B" .

    --> le programme va travailler ...

    * Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse et attends la suite ...

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    /!\ Si le Bureau ne réapparait pas, presses Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\

    0
  14. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    F --------- Logfile of AD-Remover 1.0.3.3 by C_XX ---------

    START at: 22:37:24 | 12/11/2008
    ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
    Internet Explorer: 7.0.5730.13
    OPTION: Clean
    EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
    USER: HP_Propri‚taire | PC: NOM-EB85C523610
    BOOT MODE: Normal
    DRIVE(S): C:\
    ~> Systemdrive: C:\

    --------- [ PROCESSES ] ---------

    \SystemRoot\System32\smss.exe [676]
    \??\C:\WINDOWS\system32\csrss.exe [736]
    \??\C:\WINDOWS\system32\winlogon.exe [764]
    C:\WINDOWS\system32\services.exe [808]
    C:\WINDOWS\system32\lsass.exe [820]
    C:\WINDOWS\system32\Ati2evxx.exe [980]
    C:\WINDOWS\system32\svchost.exe [1008]
    C:\WINDOWS\system32\svchost.exe [1068]
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [1176]
    C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [1216]
    C:\WINDOWS\System32\svchost.exe [1268]
    C:\Program Files\Ahead\InCD\InCDsrv.exe [1288]
    C:\WINDOWS\system32\svchost.exe [1448]
    C:\WINDOWS\system32\svchost.exe [1572]
    C:\WINDOWS\system32\spoolsv.exe [1708]
    C:\WINDOWS\system32\Ati2evxx.exe [464]
    C:\WINDOWS\Explorer.EXE [580]
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [608]
    C:\WINDOWS\system32\svchost.exe [712]
    C:\WINDOWS\system32\wdfmgr.exe [728]
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [1780]
    C:\windows\system\hpsysdrv.exe [1792]
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [1800]
    C:\Program Files\iTunes\iTunesHelper.exe [1860]
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [1876]
    C:\WINDOWS\system32\LVCOMSX.EXE [1888]
    C:\Program Files\Logitech\Video\LogiTray.exe [1944]
    C:\Program Files\QuickTime\qttask.exe [1964]
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe [1996]
    C:\Program Files\Ahead\InCD\InCD.exe [2008]
    C:\HP\KBD\KBD.EXE [2016]
    C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [132]
    C:\Program Files\EoRezo\EoEngine.exe [256]
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [1752]
    C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe [316]
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [448]
    C:\Program Files\Logitech\Video\FxSvr2.exe [524]
    C:\PROGRA~1\MESSEN~1\msmsgs.exe [1168]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [1516]
    C:\WINDOWS\system32\ctfmon.exe [1132]
    C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [1536]
    C:\Program Files\IncrediMail\bin\IMApp.exe [1824]
    C:\Program Files\iPod\bin\iPodService.exe [2076]
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2228]
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2244]
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2300]
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe [2496]
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN [2588]
    C:\WINDOWS\System32\alg.exe [2824]
    C:\WINDOWS\System32\svchost.exe [3016]
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [3848]
    C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe [1588]
    C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe [3512]
    C:\Program Files\Windows Live\Messenger\usnsvc.exe [592]
    C:\Program Files\IncrediMail\bin\IncMail.exe [2032]
    C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2552]
    C:\Program Files\IncrediMail\bin\IncMail.exe [1332]
    C:\Program Files\IncrediMail\bin\IncMail.exe [2284]
    C:\Program Files\IncrediMail\bin\IncMail.exe [3632]
    C:\WINDOWS\system32\wuauclt.exe [4008]
    C:\WINDOWS\system32\notepad.exe [872]

    ---------------------------- [~> 61]

    +---------------------------------------------------------------------------+
    +------------------------------- SERVICES DELETED
    +---------------------------------------------------------------------------+

    Deleted successfully ! - "Boonty Games"

    +---------------------------------------------------------------------------+
    +------------------------------- REGISTRY ELEMENTS DELETED
    +---------------------------------------------------------------------------+

    "HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
    "HKEY_LOCAL_MACHINE\Software\Boonty"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
    "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES"
    "HKEY_CURRENT_USER\SOFTWARE\EoRezo"
    "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
    "HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
    "HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
    "HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
    "HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"

    +---------------------------------------------------------------------------+
    +------------------------------- FILES\FOLDERS DELETED
    +---------------------------------------------------------------------------+

    [10/11/2008 16:15|d--------] C:\Program Files\EoRezo
    [04/11/2007 01:12|d--------] C:\Program Files\Fichiers communs\BOONTY Shared
    [12/11/2008 22:26|d--------] C:\Documents and Settings\HP_Propri‚taire\Application Data\EoRezo
    [04/11/2007 01:12|d--------] C:\Documents and Settings\All Users\Application Data\BOONTY

    (!) ---- Temp files deleted.

    (!) ---- Recycle bin emptied in all drives.

    +---------- Scanning prefs.js ... ( # Mozilla User Preferences )

    ...\t83y79ft.default\prefs.js :

    ~~~~ Mozilla FireFox version 3.0.3 ~~~~

    Start Page : "https://www.google.fr/webhp?gws_rd=ssl"

    +----------+

    +---------- Added scan ...

    +-----[HKLM\...\Run]

    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    hpsysdrv REG_SZ c:\windows\system\hpsysdrv.exe
    ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    HPHUPD08 REG_SZ c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
    Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
    HP Software Update REG_EXPAND_SZ C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
    LogitechVideoRepair REG_SZ C:\Program Files\Logitech\Video\ISStart.exe
    LogitechVideoTray REG_SZ C:\Program Files\Logitech\Video\LogiTray.exe
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
    Device Detector REG_SZ "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
    InCD REG_SZ C:\Program Files\Ahead\InCD\InCD.exe
    KBD REG_SZ C:\HP\KBD\KBD.EXE
    Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    BDAgent REG_SZ "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
    BitDefender Antiphishing Helper REG_SZ "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"

    +-----[HKCU\...\Run]

    MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    IncrediMail REG_SZ C:\Program Files\IncrediMail\bin\IncMail.exe /c
    Nero PhotoShow Media Manager REG_SZ C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    LogitechSoftwareUpdate REG_SZ "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    MSMSGS REG_SZ "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
    swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
    RegistryBooster 2 d’Uniblue REG_SZ C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

    +-----[HKLM\...\Internet Explorer\MAIN]

    Start Page : hxxp://fr.msn.com/

    +-----[HKCU\...\Internet Explorer\MAIN]

    Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

    +---------------------------------------------------------------------------+
    +------------------------------- [ EOF - 154 lines ]
    +---------------------------------------------------------------------------+

    [ END at: 22:50:01 | 12/11/2008 ] - [ Time elapsed: 12 minutes, 36 seconds ]

    Logfile of HijackThis v1.99.1
    Scan saved at 22:51:05, on 12/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
    C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\MESSEN~1\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
    O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O11 - Options group: [TABS] Tabbed Browsing
    O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3641c8beefebde81.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe" /service (file missing)
    0
  15. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    bien .... on avance ....

    1- Télécharges : - CCleaner
    https://www.pcastuces.com/logitheque/ccleaner.htm
    Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
    Lors de l'installation:
    -choisis bien "francais" en langue .
    -avant de cliquer sur le bouton "installer", décoches toutes les "options supplémentaires" sauf les 2 premières.

    Un tuto ( aide ):
    http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

    ---> Utilisation:
    ! déconnectes toi et fermes toutes applications en cours !
    * vas dans "nettoyeur" : fait analyse puis nettoyage
    * vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

    ( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )

    2- Rends toi sur ce site :

    https://www.virustotal.com/gui/

    Copies ce qui suit et colles le dans l'espace pour la recherche :
    c:\program files\google\googletoolbar1.dll

    Cliques sur Send File ( = " Envoyer le fichier " ).

    Un rapport va s'élaborer ligne à ligne.

    Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.

    Sauvegarde le rapport avec le bloc-note.

    Copies le dans ta prochaine réponse ( surtout le listing des AV )...

    ( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )

    une fois posté , fais ceci stp :

    3- Télécharges Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

    -> http://images.malwareremoval.com/random/RSIT.exe

    ! Fermes bien toutes tes applications en cours !

    Double-clique sur " RSIT.exe " pour le lancer .

    -> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

    * Devant l'option "List files/folders created ..." , tu choisis : 2 months

    * cliques ensuite sur " Continue " pour lancer l'analyse ...

    ( Note : Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.)

    -> laisses faire le scan et ne touche pas au PC ...

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

    Postes le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

    Important : postes un rapport, puis l'autre dans la réponse suivante ... si tu essayes de poster les deux en même temps,
    cela risque d'être trop long pour le forum ...
    Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ...

    ( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
    0
  16. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    JE N4ARRIVE PAS A FAIRE UN COPIER COLLER POUR VIRUSTOTAL
    0
    1. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
       
      donne moi le lien ( l'url ) du rapport stp .... puis fais la suite
      0
  17. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    je vais faire la suite , mais je ne comprend pas ce que tu veus
    0
    1. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
       
      ok pas grave ... on fera sans .... la suite donc ....

      0
  18. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    info.txt logfile of random's system information tool 1.04 2008-11-12 23:39:32

    ======Uninstall list======

    -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\NuNInst.exe /UNINSTALL
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
    -->C:\WINDOWS\unmrw.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNNMP.exe /UNINSTALL
    -->C:\WINDOWS\UNNVEContent.exe /UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    ACDSee for PENTAX 2.0-->MsiExec.exe /I{D8320DD6-FE47-41DE-B116-4158B7AE3F37}
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Ad-remover-->C:\Program Files\Ad-remover\Uninstal.exe
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Ares 2.0.9-->"C:\Program Files\Ares\uninstall.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    Barre de confiance CM-CIC-->"C:\Program Files\BarreConfCMCIC\Setup.exe" -u
    BitDefender Total Security 2009-->MsiExec.exe /X{8ACF317C-CA66-4363-AEBF-A073B124AA1A}
    Budget pour les nuls-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Anuman Interactive\Budget pour les nuls\Uninst.isu"
    Cake Mania-->"C:\Program Files\Gamenext\Cake Mania\Uninstall.exe" "C:\Program Files\Gamenext\Cake Mania\install.log"
    Cartes de Visites-->C:\PROGRA~1\CARTES~1\UNWISE.EXE C:\PROGRA~1\CARTES~1\INSTALL.LOG
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Cryptext (Remove Only)-->rundll32 setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\ShellExt\Cryptext.inf
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    eMule Plus 1.2b-->"C:\Program Files\eMule\unins000.exe"
    Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
    Enjoy 6e-->C:\WINDOWS\Enjoy 6e Uninstaller.exe
    Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    Hijackthis Version Française 1.99.0.1-->"C:\Program Files\Hijackthis Version Française\unins000.exe"
    HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
    HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
    HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
    HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
    HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
    HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
    HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
    HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    IncrediMail Xe-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
    InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    iTunes-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{523E6F2A-2D59-4D91-90E8-6C49931C9F50}
    J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
    Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
    Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
    Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Movavi Video Converter 6-->MsiExec.exe /I{0D6EDECD-7523-4E74-BE25-4E1BFC073242}
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MP3 Player Utilities 3.68-->MsiExec.exe /I{D98BFAD2-0C90-47F4-9D69-2EFF21631884}
    MSNTweaker 1.0-->"C:\Program Files\MSNTweaker\unins000.exe"
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
    muvee autoProducer 4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C3D719A-92C7-4323-89CC-C937D0267B84}\setup.exe" -l0x40c
    muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{7B312BFD-6C04-4409-AB6F-DD41CCD67463}\setup.exe -runfromtemp -l0x040c -removeonly
    muvee corePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B0BD0D6-D7D1-4D49-9815-5A85081ECC45}\Setup.exe" -l0x40c
    muvee Photo-Centric stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7344B66-C8AA-4597-B73E-08BBF449EE26}\Setup.exe" -l0x40c
    Nero PhotoShow Deluxe 4-->"C:\Program Files\Nero\Nero PhotoShow 4\data\Xtras\Uninstall.exe"
    Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
    OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14}
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    PC-Doctor 5 for Windows-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{AB61A692-5543-4C48-979B-8CEA1C52FE9C} /l1036
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    PhotoDVD 2.6.2.0b-->"C:\Program Files\vso\PhotoDVD\unins000.exe"
    Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
    Picture Package-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x40c UNINSTALL
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    PS2-->C:\WINDOWS\system32\ps2.exe uninstall
    Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
    Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
    QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
    SA31xx Device Manager & Media Converter-->C:\Program Files\InstallShield Installation Information\{E572B060-C98B-4984-A48E-E4FA56265903}\setup.exe -runfromtemp -l0x040c -removeonly
    SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung Samples Installer-->"C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -runfromtemp -l0x040c -removeonly
    Sandlot Games Client Services 1.2.2-->"C:\Program Files\Fichiers communs\Sandlot Shared\unins000.exe"
    Savage 2.00e-->C:\Savage\Uninstall.exe
    Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
    Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
    Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
    Uniblue RegistryBooster 2-->"C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
    Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
    USB Storage Driver-->DelUIDrv.exe
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======Hosts File======

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

    ======Security center information======

    AV: BitDefender Antivirus
    FW: BitDefender Firewall

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Samsung\Samsung PC Studio 3\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=2f02
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\

    -----------------EOF-----------------
    0
  19. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by HP_Propriétaire at 2008-11-12 23:38:57
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 86 GB (58%) free of 148 GB
    Total RAM: 446 MB (27% free)

    HijackThis download failed

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{988B07F5-7392-455A-8A1F-64935CB8B6ED}]
    BHO Barre de Confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-30 2436160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-22 652784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
    {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-08-13 90112]
    {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - Barre de confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
    "hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-08 344064]
    "HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-02 49152]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2005-05-05 278528]
    "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [2005-05-12 49152]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
    "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
    "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-01-02 98304]
    "Device Detector"=C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe [2005-06-27 221184]
    "InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2005-07-25 1397760]
    "KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2008-10-03 716800]
    "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-08-10 69632]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072]
    "Nero PhotoShow Media Manager"=C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe [2007-02-08 229376]
    "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2007-05-07 20480]
    "LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
    "MSMSGS"=C:\PROGRA~1\MESSEN~1\msmsgs.exe [2008-04-14 1695232]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-15 68856]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "RegistryBooster 2 d’Uniblue "=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [2007-11-21 1902592]
    "AdobeUpdater"=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-11-12 2356088]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

    C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage
    OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-06-08 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======List of files/folders created in the last 2 months======

    2008-11-12 23:38:57 ----D---- C:\rsit
    2008-11-12 22:29:58 ----D---- C:\WINDOWS\LastGood
    2008-11-12 22:29:02 ----D---- C:\Program Files\Ad-remover
    2008-11-12 21:20:09 ----A---- C:\TB.txt
    2008-11-12 21:19:09 ----D---- C:\ToolBar SD
    2008-11-12 19:23:19 ----D---- C:\Program Files\Hijackthis Version Française
    2008-11-10 16:18:00 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\WinRAR
    2008-11-10 16:16:59 ----D---- C:\Program Files\WinRAR
    2008-11-07 16:06:22 ----A---- C:\WINDOWS\system32\SONYHCY.DLL
    2008-11-07 16:06:21 ----D---- C:\Drivers
    2008-11-07 16:05:50 ----N---- C:\WINDOWS\system32\LTTWN12n.DLL
    2008-11-07 16:05:49 ----N---- C:\WINDOWS\system32\lfmpg12n.dll
    2008-11-07 16:05:49 ----N---- C:\WINDOWS\system32\lfgif12n.dll
    2008-11-07 16:05:49 ----N---- C:\WINDOWS\system32\lfavi12n.dll
    2008-11-07 16:05:31 ----A---- C:\WINDOWS\system32\VB5DB.DLL
    2008-11-07 16:04:42 ----D---- C:\Program Files\Sony Corporation
    2008-11-06 17:26:09 ----D---- C:\Program Files\Ares
    2008-11-06 11:44:51 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-10-27 17:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-10-25 22:40:41 ----D---- C:\WINDOWS\Prefetch
    2008-10-25 22:35:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-10-25 22:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-25 22:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-25 22:34:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-25 22:34:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-25 22:34:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-10-25 22:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-10-25 22:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-10-25 22:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2008-10-25 22:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2008-10-25 22:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
    2008-10-25 22:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-10-25 22:32:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-10-25 22:32:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2008-10-25 22:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-10-25 22:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-10-25 22:24:41 ----D---- C:\WINDOWS\l2schemas
    2008-10-25 22:24:40 ----D---- C:\WINDOWS\system32\fr
    2008-10-25 22:24:39 ----D---- C:\WINDOWS\system32\bits
    2008-10-25 22:19:49 ----D---- C:\WINDOWS\ServicePackFiles
    2008-10-25 22:07:26 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-10-25 22:05:40 ----D---- C:\WINDOWS\EHome
    2008-10-24 19:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
    2008-10-24 18:13:43 ----D---- C:\Program Files\BarreConfCMCIC
    2008-10-22 16:47:32 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
    2008-10-22 16:47:28 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
    2008-10-22 16:47:27 ----D---- C:\Program Files\PDFCreator
    2008-10-20 22:19:51 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2008-10-20 22:19:20 ----D---- C:\Program Files\MSXML 6.0
    2008-10-20 22:14:19 ----D---- C:\fe2da4543fcceb3a5d7a8983f4e96a
    2008-10-20 22:13:51 ----D---- C:\321cba30f0657fa7089e4d
    2008-10-16 22:06:27 ----D---- C:\a144fd872f5e91eae0d3
    2008-10-16 22:06:00 ----RHD---- C:\AHCache
    2008-10-16 22:05:46 ----D---- C:\77cfe7fd6628b47d3354cd703a838f62
    2008-10-15 20:19:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
    2008-10-15 20:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-15 20:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
    2008-10-15 20:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
    2008-10-15 20:17:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
    2008-10-14 21:59:33 ----D---- C:\Program Files\Uniblue
    2008-10-14 21:17:31 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Uniblue
    2008-10-08 00:37:08 ----D---- C:\Program Files\FpTest
    2008-09-29 16:23:19 ----A---- C:\WINDOWS\system32\muweb.dll
    2008-09-29 16:23:19 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    2008-09-29 16:23:18 ----A---- C:\WINDOWS\system32\mucltui.dll
    2008-09-28 14:26:13 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2008-09-28 14:17:06 ----D---- C:\Program Files\Messenger Plus! Live
    2008-09-28 14:07:48 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-09-28 14:07:11 ----D---- C:\Program Files\Windows Live
    2008-09-28 14:06:50 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-09-27 14:11:59 ----D---- C:\WINDOWS\system32\Adobe
    2008-09-24 14:33:43 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\BitDefender
    2008-09-24 14:33:32 ----D---- C:\Binaries
    2008-09-24 14:32:13 ----D---- C:\Program Files\BitDefender
    2008-09-24 14:32:13 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
    2008-09-24 14:30:17 ----D---- C:\Program Files\Fichiers communs\BitDefender
    2008-09-21 19:56:57 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2
    2008-09-21 19:52:09 ----D---- C:\Program Files\OpenOffice.org 2.4
    2008-09-21 19:51:41 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-09-21 19:51:41 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-09-21 19:51:41 ----A---- C:\WINDOWS\system32\java.exe
    2008-09-16 21:01:07 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
    2008-09-16 21:01:07 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
    2008-09-16 21:01:06 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2008-09-16 21:01:05 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2008-09-16 21:01:05 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2008-09-16 21:01:03 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
    2008-09-16 21:01:02 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2008-09-16 21:01:02 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2008-09-16 21:01:01 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2008-09-16 21:01:00 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2008-09-16 21:00:59 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2008-09-16 21:00:59 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2008-09-16 21:00:58 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2008-09-16 21:00:57 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
    2008-09-16 21:00:55 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
    2008-09-16 21:00:54 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
    2008-09-16 21:00:53 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
    2008-09-16 21:00:53 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
    2008-09-16 21:00:52 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
    2008-09-16 21:00:51 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
    2008-09-16 21:00:49 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
    2008-09-16 21:00:49 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
    2008-09-16 21:00:48 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
    2008-09-16 21:00:46 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
    2008-09-16 21:00:45 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
    2008-09-16 21:00:45 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
    2008-09-16 21:00:44 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
    2008-09-16 21:00:43 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
    2008-09-16 21:00:43 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
    2008-09-16 21:00:42 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
    2008-09-16 21:00:42 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
    2008-09-16 21:00:35 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
    2008-09-16 21:00:24 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2008-09-16 20:59:52 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2008-09-16 20:59:45 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2008-09-16 20:59:45 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2008-09-16 20:59:35 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2008-09-16 20:59:34 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2008-09-16 20:59:32 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2008-09-16 20:59:30 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2008-09-16 20:59:26 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2008-09-16 20:59:26 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2008-09-16 20:59:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2008-09-16 20:59:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2008-09-16 20:59:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2008-09-16 20:59:23 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2008-09-16 20:59:22 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2008-09-16 20:59:21 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2008-09-16 20:59:14 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2008-09-16 20:59:13 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2008-09-16 20:59:13 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2008-09-16 20:59:12 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2008-09-16 20:59:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2008-09-16 20:59:11 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2008-09-16 20:59:10 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
    2008-09-16 20:59:09 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2008-09-16 20:59:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2008-09-16 20:59:00 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2008-09-16 20:54:41 ----HD---- C:\WINDOWS\msdownld.tmp
    2008-09-16 20:54:06 ----D---- C:\WINDOWS\Logs
    2008-09-16 20:01:12 ----D---- C:\Documents and Settings\All Users\Application Data\Tages
    2008-09-16 03:51:09 ----N---- C:\WINDOWS\system32\wlanapi.dll
    2008-09-16 03:50:40 ----N---- C:\WINDOWS\system32\tspkg.dll
    2008-09-16 03:50:40 ----N---- C:\WINDOWS\system32\tsgqec.dll
    2008-09-16 03:50:30 ----N---- C:\WINDOWS\system32\spupdwxp.exe
    2008-09-16 03:50:28 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
    2008-09-16 03:50:25 ----N---- C:\WINDOWS\system32\slserv.exe
    2008-09-16 03:50:25 ----N---- C:\WINDOWS\system32\slrundll.exe
    2008-09-16 03:50:25 ----N---- C:\WINDOWS\slrundll.exe
    2008-09-16 03:50:24 ----N---- C:\WINDOWS\system32\slgen.dll
    2008-09-16 03:50:24 ----N---- C:\WINDOWS\system32\slextspk.dll
    2008-09-16 03:50:24 ----N---- C:\WINDOWS\system32\slcoinst.dll
    2008-09-16 03:50:15 ----N---- C:\WINDOWS\system32\setupn.exe
    2008-09-16 03:50:10 ----N---- C:\WINDOWS\system32\s3gnb.dll
    2008-09-16 03:50:07 ----N---- C:\WINDOWS\system32\rhttpaa.dll
    2008-09-16 03:50:03 ----N---- C:\WINDOWS\system32\rasqec.dll
    2008-09-16 03:50:02 ----N---- C:\WINDOWS\system32\qutil.dll
    2008-09-16 03:50:00 ----N---- C:\WINDOWS\system32\qcliprov.dll
    2008-09-16 03:50:00 ----N---- C:\WINDOWS\system32\qagentrt.dll
    2008-09-16 03:50:00 ----N---- C:\WINDOWS\system32\qagent.dll
    2008-09-16 03:49:49 ----N---- C:\WINDOWS\system32\onex.dll
    2008-09-16 03:49:41 ----N---- C:\WINDOWS\system32\nv4_disp.dll
    2008-09-16 03:49:28 ----N---- C:\WINDOWS\system32\napstat.exe
    2008-09-16 03:49:28 ----N---- C:\WINDOWS\system32\napmontr.dll
    2008-09-16 03:49:27 ----N---- C:\WINDOWS\system32\napipsec.dll
    2008-09-16 03:49:27 ----N---- C:\WINDOWS\system32\mtxparhd.dll
    2008-09-16 03:49:20 ----N---- C:\WINDOWS\system32\msshavmsg.dll
    2008-09-16 03:49:20 ----N---- C:\WINDOWS\system32\mssha.dll
    2008-09-16 03:48:34 ----N---- C:\WINDOWS\system32\mmcperf.exe
    2008-09-16 03:48:33 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
    2008-09-16 03:48:33 ----N---- C:\WINDOWS\system32\mmcex.dll
    2008-09-16 03:48:33 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
    2008-09-16 03:48:27 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
    2008-09-16 03:47:53 ----N---- C:\WINDOWS\system32\l2gpstore.dll
    2008-09-16 03:47:48 ----N---- C:\WINDOWS\system32\kmsvc.dll
    2008-09-16 03:47:45 ----N---- C:\WINDOWS\system32\kbdpash.dll
    2008-09-16 03:47:45 ----N---- C:\WINDOWS\system32\kbdnepr.dll
    2008-09-16 03:47:45 ----N---- C:\WINDOWS\system32\kbdiultn.dll
    2008-09-16 03:47:44 ----N---- C:\WINDOWS\system32\kbdbhc.dll
    2008-09-16 03:47:23 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
    2008-09-16 03:47:01 ----A---- C:\WINDOWS\002892_.tmp
    2008-09-16 03:47:00 ----N---- C:\WINDOWS\system32\faxpatch.exe
    2008-09-16 03:46:54 ----N---- C:\WINDOWS\system32\eapsvc.dll
    2008-09-16 03:46:54 ----N---- C:\WINDOWS\system32\eapqec.dll
    2008-09-16 03:46:54 ----N---- C:\WINDOWS\system32\eappprxy.dll
    2008-09-16 03:46:54 ----N---- C:\WINDOWS\system32\eapphost.dll
    2008-09-16 03:46:53 ----N---- C:\WINDOWS\system32\eappgnui.dll
    2008-09-16 03:46:53 ----N---- C:\WINDOWS\system32\eappcfg.dll
    2008-09-16 03:46:53 ----N---- C:\WINDOWS\system32\eapp3hst.dll
    2008-09-16 03:46:53 ----N---- C:\WINDOWS\system32\eapolqec.dll
    2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3ui.dll
    2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3svc.dll
    2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3msm.dll
    2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
    2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3dlg.dll
    2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3cfg.dll
    2008-09-16 03:46:47 ----N---- C:\WINDOWS\system32\dot3api.dll
    2008-09-16 03:46:42 ----N---- C:\WINDOWS\system32\dimsroam.dll
    2008-09-16 03:46:42 ----N---- C:\WINDOWS\system32\dimsntfy.dll
    2008-09-16 03:46:41 ----N---- C:\WINDOWS\system32\dhcpqec.dll
    2008-09-16 03:46:34 ----N---- C:\WINDOWS\system32\credssp.dll
    2008-09-16 03:46:21 ----N---- C:\WINDOWS\system32\bitsprx4.dll
    2008-09-16 03:46:20 ----N---- C:\WINDOWS\system32\azroles.dll
    2008-09-16 03:46:17 ----N---- C:\WINDOWS\system32\ativtmxx.dll
    2008-09-16 03:46:14 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
    2008-09-16 03:46:13 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
    2008-09-16 03:45:51 ----N---- C:\WINDOWS\system32\aaclient.dll
    2008-09-15 20:31:23 ----D---- C:\Documents and Settings\All Users\Application Data\Player Metaboli
    2008-09-15 14:34:34 ----D---- C:\WINDOWS\system32\logs
    2008-09-14 10:31:55 ----A---- C:\WINDOWS\system32\msado15.dll
    2008-09-14 10:31:54 ----AS---- C:\WINDOWS\system32\WINSKFR.DLL
    2008-09-14 10:31:54 ----AS---- C:\WINDOWS\system32\VB6STKIT.DLL
    2008-09-14 10:31:53 ----AS---- C:\WINDOWS\system32\stdftfr.dll
    2008-09-14 10:31:39 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2008-09-14 10:31:39 ----AS---- C:\WINDOWS\system32\msjro.dll
    2008-09-14 10:31:38 ----AS---- C:\WINDOWS\system32\MSDBRPTR.DLL
    2008-09-14 10:31:38 ----AS---- C:\WINDOWS\system32\MSDBRPT.DLL
    2008-09-14 10:31:37 ----AS---- C:\WINDOWS\system32\MSCMCFR.DLL
    2008-09-14 10:31:37 ----AS---- C:\WINDOWS\system32\MSCC2FR.DLL
    2008-09-14 10:31:37 ----AS---- C:\WINDOWS\system32\MSBIND.DLL
    2008-09-14 10:31:36 ----AS---- C:\WINDOWS\system32\INETFR.DLL
    2008-09-14 10:31:36 ----AS---- C:\WINDOWS\system32\ijl11.dll
    2008-09-14 10:31:35 ----AS---- C:\WINDOWS\system32\hxvz.dll
    2008-09-14 10:31:35 ----AS---- C:\WINDOWS\system32\glut32.dll
    2008-09-14 10:31:34 ----AS---- C:\WINDOWS\system32\ftdbcf.dll
    2008-09-14 10:31:34 ----AS---- C:\WINDOWS\system32\FLXGDFR.DLL
    2008-09-14 10:31:33 ----AS---- C:\WINDOWS\system32\DBRPRFR.DLL
    2008-09-14 10:31:33 ----AS---- C:\WINDOWS\system32\DBLSTFR.DLL
    2008-09-14 10:31:33 ----AS---- C:\WINDOWS\system32\DBGRDFR.DLL
    2008-09-14 10:31:33 ----AS---- C:\WINDOWS\system32\DATRPFR.DLL
    2008-09-14 10:31:32 ----AS---- C:\WINDOWS\system32\DATGDFR.DLL
    2008-09-14 10:31:30 ----AS---- C:\WINDOWS\system32\CMDLGFR.DLL
    2008-09-14 10:31:30 ----AS---- C:\WINDOWS\system32\CMCTLFR.DLL
    2008-09-14 10:31:30 ----AS---- C:\WINDOWS\system32\CMCT3FR.DLL
    2008-09-14 10:31:30 ----AS---- C:\WINDOWS\system32\CMCT2FR.DLL
    2008-09-14 10:31:28 ----AS---- C:\WINDOWS\system32\ADODCFR.DLL

    ======List of files/folders modified in the last 2 months======

    2008-11-12 23:17:23 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-12 23:05:15 ----D---- C:\WINDOWS\Temp
    2008-11-12 23:05:15 ----D---- C:\WINDOWS
    2008-11-12 23:05:08 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-11-12 22:40:55 ----D---- C:\Program Files\Fichiers communs
    2008-11-12 22:40:54 ----D---- C:\Program Files
    2008-11-12 22:30:17 ----HD---- C:\WINDOWS\inf
    2008-11-12 22:30:00 ----HD---- C:\WINDOWS\$hf_mig$
    2008-11-12 19:07:52 ----D---- C:\WINDOWS\system32\FxsTmp
    2008-11-11 23:07:19 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-11 23:06:53 ----SHD---- C:\WINDOWS\Installer
    2008-11-11 23:05:39 ----HD---- C:\Config.Msi
    2008-11-11 17:58:49 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-11-09 17:57:05 ----D---- C:\WINDOWS\system32
    2008-11-07 16:06:23 ----D---- C:\WINDOWS\system32\drivers
    2008-11-07 16:06:21 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-11-07 16:06:11 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2008-11-07 15:55:52 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-11-06 11:49:48 ----D---- C:\WINDOWS\SoftwareDistribution
    2008-11-06 11:46:35 ----D---- C:\WINDOWS\system32\CatRoot
    2008-11-05 16:17:45 ----D---- C:\WINDOWS\Tasks
    2008-10-29 18:48:10 ----D---- C:\WINDOWS\security
    2008-10-29 18:41:07 ----D---- C:\WINDOWS\system32\dllcache
    2008-10-27 17:46:40 ----A---- C:\WINDOWS\bdagent.INI
    2008-10-27 17:13:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-26 23:01:42 ----D---- C:\WINDOWS\Debug
    2008-10-25 22:41:46 ----A---- C:\WINDOWS\win.ini
    2008-10-25 22:39:53 ----D---- C:\WINDOWS\system32\Setup
    2008-10-25 22:39:53 ----D---- C:\WINDOWS\AppPatch
    2008-10-25 22:39:53 ----D---- C:\Program Files\Messenger
    2008-10-25 22:39:52 ----D---- C:\WINDOWS\system32\wbem
    2008-10-25 22:39:51 ----RSD---- C:\WINDOWS\Fonts
    2008-10-25 22:26:08 ----D---- C:\WINDOWS\WinSxS
    2008-10-25 22:25:21 ----D---- C:\WINDOWS\network diagnostic
    2008-10-25 22:25:21 ----D---- C:\WINDOWS\ime
    2008-10-25 22:25:20 ----D---- C:\WINDOWS\Help
    2008-10-25 22:24:44 ----D---- C:\WINDOWS\system32\usmt
    2008-10-25 22:24:44 ----D---- C:\WINDOWS\system32\fr-fr
    2008-10-25 22:24:39 ----D---- C:\WINDOWS\PeerNet
    2008-10-25 22:24:39 ----D---- C:\Program Files\Movie Maker
    2008-10-25 22:19:39 ----D---- C:\WINDOWS\system32\Restore
    2008-10-25 22:19:39 ----D---- C:\WINDOWS\system32\npp
    2008-10-25 22:19:36 ----D---- C:\WINDOWS\msagent
    2008-10-25 22:19:34 ----D---- C:\WINDOWS\srchasst
    2008-10-25 22:19:34 ----D---- C:\Program Files\NetMeeting
    2008-10-25 22:19:31 ----D---- C:\WINDOWS\system32\Com
    2008-10-25 22:19:28 ----D---- C:\Program Files\Windows Media Player
    2008-10-25 22:19:27 ----D---- C:\Program Files\Windows NT
    2008-10-25 22:19:27 ----D---- C:\Program Files\Outlook Express
    2008-10-25 22:19:21 ----D---- C:\Program Files\Fichiers communs\System
    2008-10-25 22:18:55 ----D---- C:\WINDOWS\system32\oobe
    2008-10-25 22:18:52 ----D---- C:\WINDOWS\system
    2008-10-25 22:12:23 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-10-25 21:40:14 ----D---- C:\WINDOWS\system32\config
    2008-10-20 22:35:37 ----RSD---- C:\WINDOWS\assembly
    2008-10-15 20:18:59 ----D---- C:\Program Files\Internet Explorer
    2008-10-15 20:18:44 ----D---- C:\WINDOWS\ie7updates
    2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll
    2008-10-14 21:59:36 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-10-11 21:09:39 ----A---- C:\Documents and Settings\HP_Propriétaire\Application Data\Printer.ini
    2008-10-08 12:41:44 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe
    2008-10-07 20:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-05 09:07:34 ----D---- C:\Program Files\Picasa2
    2008-10-03 18:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
    2008-10-02 23:51:24 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-09-28 14:11:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2008-09-28 14:00:34 ----D---- C:\Program Files\MSN Messenger
    2008-09-24 14:17:28 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-09-21 19:51:39 ----D---- C:\Program Files\Java
    2008-09-16 21:01:10 ----D---- C:\WINDOWS\system32\DirectX
    2008-09-16 20:58:56 ----D---- C:\WINDOWS\Microsoft.NET
    2008-09-16 19:37:46 ----D---- C:\temp
    2008-09-13 20:40:28 ----D---- C:\Program Files\Gamenext
    2008-09-13 15:05:25 ----D---- C:\Documents and Settings\All Users\Application Data\HipSoft

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
    R1 bdftdif;bdftdif; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
    R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
    R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-25 29696]
    R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-07-25 28672]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-06-22 5632]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-09-16 278984]
    R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-09-16 25416]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-20 2317696]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-08 1235968]
    R3 bdfm;BDFM; C:\WINDOWS\system32\drivers\bdfm.sys [2008-08-12 108864]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-10-03 103944]
    R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2008-08-12 228672]
    R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys []
    R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2005-03-07 14408]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-01-04 47360]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-05-20 9856]
    R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-25 101504]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
    S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 607452]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S4 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-08 376832]
    R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-22 168432]
    R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-25 876032]
    R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-10-03 393216]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
    R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2008-10-03 1527808]
    R3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2005-05-05 327680]
    R3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-25 876032]
    S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE [2007-08-09 73728]
    S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2007-03-20 263168]
    S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
    S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-09-13 1247600]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
    0
  20. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    bien ....

    dans l'ordre :

    1- tu as des traces de Norton qui trainent , il faut les nettoyer ainsi :
    Télécharges Norton removal tool sur ton bureau :
    ftp://ftp.symantec.com/public/francais/removal_tools/Norton_Removal_Tool.exe

    Déconnectes toi .
    Ensuite désinstalles Norton avec "Norton removal tool": tu doubles click dessus et te laisses guider ... il faut le désinstaller correctement ( fait la manipe 2 fois si possible ).

    ====================

    2- souligne>Télécharges OTMoveIt3 (de Old_Timer) sur ton Bureau</souligne>.

    http://oldtimer.geekstogo.com/OTMoveIt3.exe

    ! Déconnectes toi et fermes toute tes applications en cours !

    Double cliques sur "OTMoveIt3.exe" pour ouvrir le prg .
    Puis copies ce qui se trouve en citation ci-dessous,

    :Processes
    explorer.exe
    
    :Services
    
    :Reg
    
    :Files
    C:\fe2da4543fcceb3a5d7a8983f4e96a 
    C:\321cba30f0657fa7089e4d 
    C:\a144fd872f5e91eae0d3 
    C:\77cfe7fd6628b47d3354cd703a838f62 
    
    :Commands
    [emptytemp]
    [start explorer]
    [Reboot]


    et colles le dans le cadre de gauche de OTMoveIt3 :
    Paste Instructions for items to be moved.
    (ne touche à rien d'autre !)

    -> cliques sur MoveIt! pour lancer la suppression.
    -> laisses travailler l'outil ...

    ( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)

    -> une fois finis , un petite fenêtre s'ouvre : cliques sur " Yes " .

    Ton PC va redémarrer de lui même ...

    -->Postes le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
    ( " xxxx2008_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).

    =======================

    3- Télécharges cet outil de SiRi sur ton bureau :

    http://siri.urz.free.fr/Softs/RHosts.exe
    ou http://siri.urz.free.fr/RHosts.php

    Double-cliquer dessus pour le lancer .

    -> cliquer sur " Restore original Hosts " et attendre un court instant ...

    ( ps : c'est normal que rien ne se passe ... )

    =======================

    4- Télécharges MalwareByte's :
    ici ftp://ftp.commentcamarche.com/download/mbam-setup.exe
    ou ici : http://www.malwarebytes.org/mbam.php

    * Installes le ( choisis bien "francais" ; ne modifies pas les paramètres d'installe ) et mets le à jour .

    (NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/ )

    * Potasses le tuto pour te familiariser avec le prg :
    https://forum.pcastuces.com/sujet.asp?f=31&s=3
    ( cela dis, il est très simple d'utilisation ).

    ! Déconnectes toi et fermes toutes applications en cours !

    * Lances Malwarebyte's .

    Fais un examen dit "rapide" ( sélectionnes bien tous tes disks avant le scan ! ).

    --> Laisses le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
    --> à la fin tu cliques sur "résultat" .
    --> Vérifies que tous les objets infectés soient validés, puis cliques sur " suppression " .

    Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

    Postes le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) accompagné d'un nouveau hijackthis pour analyse ...

    ===================

    5- une fois ces deux rapports postés , refais un scan RSIT et postes le nouveau rapport "log.txt" obtenu et attends la suite .....

    0
  21. chiquita38 Messages postés 236 Date d'inscription   Statut Membre Dernière intervention  
     
    Error: Unable to interpret <Processes> in the current context!
    Error: Unable to interpret <explorer.exe> in the current context!
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    C:\fe2da4543fcceb3a5d7a8983f4e96a moved successfully.
    C:\321cba30f0657fa7089e4d\zh-TW moved successfully.
    C:\321cba30f0657fa7089e4d\zh-CN moved successfully.
    C:\321cba30f0657fa7089e4d\tr moved successfully.
    C:\321cba30f0657fa7089e4d\sv moved successfully.
    C:\321cba30f0657fa7089e4d\ru moved successfully.
    C:\321cba30f0657fa7089e4d\pt-PT moved successfully.
    C:\321cba30f0657fa7089e4d\pt-BR moved successfully.
    C:\321cba30f0657fa7089e4d\pl moved successfully.
    C:\321cba30f0657fa7089e4d\no moved successfully.
    C:\321cba30f0657fa7089e4d\nl moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\zh-CHT moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\zh-CHS moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\tr moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\sv moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\ru moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\pt-PT moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\pt-BR moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\pl moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\no moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\nl moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\ko moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\ja moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\it moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\hu moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\he moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\fr moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\fi moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\es moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\en moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\el moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\de moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\da moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\cs moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks\ar moved successfully.
    C:\321cba30f0657fa7089e4d\Langpacks moved successfully.
    C:\321cba30f0657fa7089e4d\ko moved successfully.
    C:\321cba30f0657fa7089e4d\ja moved successfully.
    C:\321cba30f0657fa7089e4d\it moved successfully.
    C:\321cba30f0657fa7089e4d\images moved successfully.
    C:\321cba30f0657fa7089e4d\hu moved successfully.
    C:\321cba30f0657fa7089e4d\he moved successfully.
    C:\321cba30f0657fa7089e4d\fr moved successfully.
    C:\321cba30f0657fa7089e4d\fi moved successfully.
    C:\321cba30f0657fa7089e4d\es moved successfully.
    C:\321cba30f0657fa7089e4d\en moved successfully.
    C:\321cba30f0657fa7089e4d\el moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\zh-TW moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\zh-CN moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\tr moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\sv moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\ru moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\pt-PT moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\pt-BR moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\pl moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\no moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\nl moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\ko moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\ja moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\it moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\hu moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\he moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\fr moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\fi moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\es moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\en moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\el moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\de moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\da moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\cs moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx\ar moved successfully.
    C:\321cba30f0657fa7089e4d\DotNetClientFx moved successfully.
    C:\321cba30f0657fa7089e4d\de moved successfully.
    C:\321cba30f0657fa7089e4d\da moved successfully.
    C:\321cba30f0657fa7089e4d\cs moved successfully.
    C:\321cba30f0657fa7089e4d\ar moved successfully.
    C:\321cba30f0657fa7089e4d moved successfully.
    C:\a144fd872f5e91eae0d3 moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\zh-TW moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\zh-CN moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\tr moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\sv moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\ru moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\pt-PT moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\pt-BR moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\pl moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\no moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\nl moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\zh-CHT moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\zh-CHS moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\tr moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\sv moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\ru moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\pt-PT moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\pt-BR moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\pl moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\no moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\nl moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\ko moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\ja moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\it moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\hu moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\he moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\fr moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\fi moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\es moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\en moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\el moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\de moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\da moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\cs moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks\ar moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\Langpacks moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\ko moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\ja moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\it moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\images moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\hu moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\he moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\fr moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\fi moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\es moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\en moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\el moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\zh-TW moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\zh-CN moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\tr moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\sv moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\ru moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\pt-PT moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\pt-BR moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\pl moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\no moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\nl moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\ko moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\ja moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\it moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\hu moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\he moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\fr moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\fi moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\es moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\en moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\el moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\de moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\da moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\cs moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx\ar moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\DotNetClientFx moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\de moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\da moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\cs moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62\ar moved successfully.
    C:\77cfe7fd6628b47d3354cd703a838f62 moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\689211B7.TMP scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IadHide4.dll scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\tmp00002b83\tmp00000000 scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 11132008_001010

    Files moved on Reboot...
    C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\689211B7.TMP moved successfully.
    C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log moved successfully.
    DllUnregisterServer procedure not found in C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IadHide4.dll
    C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IadHide4.dll NOT unregistered.
    C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\IadHide4.dll moved successfully.
    C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log moved successfully.
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully.
    C:\WINDOWS\temp\tmp00002b83\tmp00000000 moved successfully.
    0
  • 1
  • 2
  • 3