HIjackthis

Fermé
CaptainZack - 22 nov. 2008 à 14:21
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 15 déc. 2008 à 22:18
Bonjour,

Mon ordinateur depuis peu est super lent mais juste sur internet, Genre mon débit a baisser de moitié.
Deplus des page de pub s'ouvre sur firefox quand je navigue sur internet alors qu'avant tous fonctionnait nickel.
J'ai fait un scan avec HijackThis, je met le Copier/Coller si quelqu'un pourrait m'aider ;) merci

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:12:34, on 22/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\WebCam\M1000\M1000Mnt.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
F:\Soirée pétanque\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SteamKeyFr\SteamKeyFr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\documents and settings\waelkens\local settings\application data\kmaik.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.aldi.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [M1000Mnt] M1000Rmv.exe /StartStillMnt
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Soirée pétanque\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SteamKeyFr] "C:\Program Files\SteamKeyFr\SteamKeyFr.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [TrueDownloaderAutoStart] C:\Program Files\TrueDownloader\TrueDownloader.exe /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Valve\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [kmaik] "c:\documents and settings\waelkens\local settings\application data\kmaik.exe" kmaik
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Download with TrueDownloader! - C:\Program Files\TrueDownloader\TrueDownloader.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.aldi.com/
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106243543703
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - http://phpadsnew.merco6.com/libraries/SOPCORE.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

59 réponses

Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 nov. 2008 à 15:52
Bonjour,

Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
pour télécharger navilog1.exe.

Choisis Enregistrer

et enregistre-le sur ton bureau.

Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).


Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 4 et valide.

Le fix va te demander de saisir le nom de fichier.
Saisis ce qui est en gras ci-dessous et rien d'autre puis valide:

 kmaik


Le fix va te demander de le resaisir, fais-le et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais-le toi-même)
Au redémarrage de ton PC, choisis ta session habituelle si nécessaire.
Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaître


Poste le rapport (cleannavi..txt)

S:Si ton bureau ne réapparaît pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Cela te fera apparaître ton bureau

================
Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
CaptainZack
22 nov. 2008 à 16:53
WOuha ok Merci je fais sa tout de suite
0
CaptainZack
22 nov. 2008 à 17:11
Clean Navipromo version 3.6.9 commencé le 22/11/2008 à 16:58:24,90

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "waelkens"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS


Mode suppression par méthode manuelle

Nom du fichier saisi : kmaik

Nettoyage exécuté au redémarrage de l'ordinateur

*** Recherche, création sauvegardes et suppression ***

* Suppression dans "C:\WINDOWS\system32" *


* Suppression dans "C:\Documents and Settings\waelkens\locals~1\applic~1" *


kmaik.exe trouvé !
Copie kmaik.exe réalisée avec succès !
kmaik.exe supprimé !

kmaik.dat trouvé !
Copie kmaik.dat réalisée avec succès !
kmaik.dat supprimé !

kmaik_nav.dat trouvé !
Copie kmaik_nav.dat réalisée avec succès !
kmaik_nav.dat supprimé !

kmaik_navps.dat trouvé !
Copie kmaik_navps.dat réalisée avec succès !
kmaik_navps.dat supprimé !

* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\waelkens\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\waelkens\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\waelkens\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\waelkens\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


qlllslsqaf.dat trouvé !
Copie qlllslsqaf.dat réalisée avec succès !
qlllslsqaf.dat supprimé !

qlllslsqaf_nav.dat trouvé !
Copie qlllslsqaf_nav.dat réalisée avec succès !
qlllslsqaf_nav.dat supprimé !

qlllslsqaf_navps.dat trouvé !
Copie qlllslsqaf_navps.dat réalisée avec succès !
qlllslsqaf_navps.dat supprimé !


* Dans "C:\Documents and Settings\waelkens\locals~1\applic~1" *


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 22/11/2008 à 17:04:12,45 ***




Voila pour le rapport cleannavi.txt
Je fais la deuxième partie maintenant
0
CaptainZack
22 nov. 2008 à 17:17
Le contenu de log.txt :







Logfile of random's system information tool 1.04 (written by random/random)
Run by waelkens at 2008-11-22 17:11:20
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 6 GB (8%) free of 76 GB
Total RAM: 1023 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:11:26, on 22/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\WebCam\M1000\M1000Mnt.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
F:\Soirée pétanque\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SteamKeyFr\SteamKeyFr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\ISO\RSIT.exe
D:\Program Files\Trend Micro\HijackThis\waelkens.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.aldi.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [M1000Mnt] M1000Rmv.exe /StartStillMnt
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Soirée pétanque\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SteamKeyFr] "C:\Program Files\SteamKeyFr\SteamKeyFr.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [TrueDownloaderAutoStart] C:\Program Files\TrueDownloader\TrueDownloader.exe /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Valve\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Download with TrueDownloader! - C:\Program Files\TrueDownloader\TrueDownloader.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.aldi.com/
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106243543703
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - http://phpadsnew.merco6.com/libraries/SOPCORE.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
0
CaptainZack
22 nov. 2008 à 17:20
INfo.txt







info.txt logfile of random's system information tool 1.04 2008-11-22 17:11:32

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->MsiExec /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9744AE38-1CC6-414F-96CE-0643AEE30A9B}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9744AE38-1CC6-414F-96CE-0643AEE30A9B}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uninstall.exe"
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
AGEIA PhysX v7.07.09-->MsiExec.exe /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6}
Agere Systems PCI Soft Modem-->agrsmdel
AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe"
AOL (France)-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
AOL Auto-diagnostic-->C:\Program Files\TechCity Solutions\AOLSAV\uninstall.exe
AOL Coach Version 1.0(Build:20040229.1 fr)-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
AOL Toolbar-->"C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG"
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASAPI-->MsiExec.exe /X{8A7E941F-2BB4-47D0-B732-8AE5F3513B68}
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BeClean-->"D:\Program Files\BeClean\unins000.exe"
Bibliothèques GTK+ 2.6.9 rev a (supprimer uniquement)-->C:\Program Files\Common Files\GTK\2.0\uninst.exe
BitComet 0.59-->C:\Program Files\BitComet\uninst.exe
BlueSoleil-->MsiExec.exe /X{996D8BB8-9B47-46C7-92DC-DCCE64467AB8}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Client Hack 1.9.2g-->C:\WINDOWS\iun6002.exe "C:\Program Files\World of Warcraft\irunin.ini"
C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Combined Community Codec Pack 2008-01-24-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{17E57E89-DDB3-4f76-9AF1-A8E01CC633E4}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB887797-->C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Creative Removable Disk Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
Creative Zen Micro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D944236D-7992-41D6-8257-930B5832F1CC}\SETUP.EXE" -l0x40c /remove
Creatix V.92 Data Fax Modem-->agrsmdel
Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
DeviceControl-->MsiExec.exe /I{EABE2A27-9452-472E-9389-EFF410E956E1}
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivXG400-->"C:\WINDOWS\IPUI_DivXG400.exe" /U /D
Dofus 1.25.0-->C:\Program Files\Dofus\uninstall.exe
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
Ecran de veille AOL Photos-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
eMule-->"D:\Program Files\eMule\Uninstall.exe"
Encyclopédie Microsoft Encarta 2005-->MsiExec.exe /I{05460044-64A6-4248-A026-9745C1E9E159}
EPSON Copy Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x40c ADDREMOVEDLG
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}\setup.exe" -l0x40c MyUninstall
EPSON PhotoQuicker3.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2EFE303-A594-11D5-95EB-005004BC1C65}\setup.exe" uninstuninstuninstuninstuninst
EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall
EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\setup.exe" -l0x40c UNINSTALL
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
EZ Plug-N-Go-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{54D4B4F1-AA60-4FE2-AA9F-3794DEC9399A}\Setup.exe" -l0x40c
EZPhoto Browser-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A393E43-9F1B-4B4D-AFC3-E4B6663F6DD3}\Setup.exe" -l0x40c
EZPhoto Panorama-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B473BAC8-6A90-4D53-96C9-97A759A76EE8}\Setup.exe" -l0x40c
EZPhoto Tools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED8F2441-E5B9-4F48-82AD-759C17A68ADB}\Setup.exe" -l0x40c
EZShowtime MMS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FB2EF0E-0254-4B7E-98C9-7F83E0C5E6C2}\Setup.exe" -l0x40c
EZSuite 2.0 For BestOn-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76fa3956-dacc-4bd8-9a2b-784892226332}\Setup.exe" -l0x40c
EZVideo Mail-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8D4B52-52E5-41EF-9C43-8CDF1527DDFD}\Setup.exe" -l0x40c
fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
FLV Player-->"C:\WINDOWS\FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Generic USB CardReader 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9 -wUninst
Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"D:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
ImgBurn (Remove Only)-->"C:\Program Files\ImgBurn\uninstall.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
K-Lite Mega Codec Pack 3.9.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
Logiciel Kodak EasyShare-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_12e9250\Setup.exe /APR-REMOVE
Ludiclub.com-->C:\WINDOWS\system32\GKSUI20.EXE C:\Program Files\Ludiclub\Uninstall1FD4.DAT
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
MAGIX Photos sur CD & DVD 2.0-->F:\MAGIX\Photos_sur_CD_DVD2\instslct.exe
MAGIX Photos sur CD & DVD 4.0 deLuxe-->C:\MAGIX\Photos_sur_CD_DVD4_dlx\instslct.exe
Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft ActiveSync 3.7-->"C:\WINDOWS\ISUN040C.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"
Microsoft AutoRoute 2005-->MsiExec.exe /I{67E4EE98-59F4-4220-89A6-A20AF5BEC689}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Photo Premium 10-->"C:\Program Files\Fichiers communs\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM
Microsoft PowerPoint Viewer 97-->C:\Program Files\PowerPoint Viewer\setup\install.exe
Microsoft SQL Server Compact 3.5 Design Tools FRA-->MsiExec.exe /X{043ECF7B-4724-4F7B-8A9D-BC22719E95F7}
Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB}
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}
Module de connectivité AOL-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
Module linguistique Microsoft .NET Framework 3.5 - fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
MovieXone 4.0-->MsiExec.exe /I{2D03966F-8347-4C9A-BA82-16278495A27B}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.17)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MP3 Player Utilities 3.68-->MsiExec.exe /I{7784A172-61F1-445E-8368-601607E0DD22}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst
Navigateur Orange-->C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl
navigating.de POI-Warner GoPal Edition-->"C:\WINDOWS\suinsta4001.exe" C:\Program Files\POI-Warner GoPal Edition\suninstall.dat
navigating.de POI-Warner POI-Data-->"C:\WINDOWS\suinsta4001.exe" C:\Program Files\POI-Warner POI-Data\suninstall.dat
Navilog1 3.6.9-->"C:\Program Files\Navilog1\unins000.exe"
Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID=""
netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
Oblivion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
Panda ActiveScan-->C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall
PowerCinema 4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
PowerDirector-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Prey Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6E70A7A-2A2F-4E3E-B99A-C4B488314306}\setup.exe" -l0x40c -removeonly
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Rippack v3 beta 16.1-->"C:\Program Files\Rippackv3\Uninstall.exe" "C:\Program Files\Rippackv3\install.log"
RT2500 USB Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490B6EF-5A48-40B7-A9E0-D3B886D17A29}\setup.exe" -l0x40c -removeonly
Samsung Media Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe" -l0x40c
ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP H:\
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Singles-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5628829F-3318-4DDA-988D-D301832F1611}\setup.exe"
skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Skype 3.0-->"C:\Program Files\Skype\Phone\unins000.exe"
Skype add-on for IE-->rundll32 "C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll",FriendlyUnregisterServer 0
Smart Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E02403C-C469-4937-9B94-7DF9F78888FA}\Setup.exe" -l0x40c
Sony Media Manager 2.2-->MsiExec.exe /X{878D2EB2-2D55-42A9-955E-1E08F28529FD}
SpeechRedist-->MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpySubtract-->c:\Program Files\interMute\SpySubtract\SpySub.exe -uninstall
staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SteamKeyFr-->MsiExec.exe /I{AFBF6A33-DA20-4739-91D9-24EE1B2485C2}
SUPER © Version 2008.bld.33 (Sep 2, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
System Requirements Lab-->C:\Program Files\Fichiers communs\SystemRequirementsLab\Uninstall.exe
tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
TuneUp Utilities 2006-->MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
USB2.0 Web Camera-->C:\WINDOWS\System\M1000Rmv.exe
Utilitaire de sauvegarde Windows-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
videon-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{261D0486-9127-4071-BA1D-FE784310752E}\Setup.exe" -l0x40c
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
W83L518D-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD815603-AB71-4CFB-B3AC-522298037ACC}\Setup.exe" -l0x40c
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Yahoo! ¤u¨ã¦C-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S

======Hosts File======

127.0.0.1 preymaster.humanhead.com
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081121-0]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ESTsoft\ALZip\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 nov. 2008 à 18:41
Re,

tu as été infecté par CID. Comment tu l'as éradiqué ?

=========================================

Ouvre ce lien (merci a S!RI pour ce programme). http://siri.urz.free.fr/Fix/SmitfraudFix.php
et télécharge SmitfraudFix.exe.

Regarde le tuto
Exécute le en choisissant l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
CaptainZack
22 nov. 2008 à 19:41
Re !

Alors je ne savais pas que j'ai été infecter par CID.
Je sais que j'ai eu des problème de virus avant, que j'ai régler avec de simple scan anti virus je pense, enfin sa remonte a loin donc je sais pas trop :s ^^

donc voila pour le rapport :



SmitFraudFix v2.376

Rapport fait à 19:33:12,79, 22/11/2008
Executé à partir de C:\Documents and Settings\waelkens\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\WebCam\M1000\M1000Mnt.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
F:\Soirée pétanque\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SteamKeyFr\SteamKeyFr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\config.ini PRESENT !
C:\WINDOWS\Tasks\At?.job PRESENT !
C:\WINDOWS\Tasks\At??.job PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\tdssservers.dat détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssadw.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssinit.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssl.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdsslog.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssmain.dll détecté, utilisez un scanner de Rootkit

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\waelkens


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\waelkens\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\waelkens\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\waelkens\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: VIA Rhine III Fast Ethernet Adapter
DNS Server Search Order: 192.168.1.1

Description: VIA Rhine III Fast Ethernet Adapter
DNS Server Search Order: 192.168.1.1

Description: RT2500 USB Wireless LAN Card
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{5117914C-15EB-4FDF-854E-08858678B038}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{C2132D90-9662-445E-ADDC-1CE46A312C21}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{FB6DEAFC-9202-4679-8981-772AF369289F}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5117914C-15EB-4FDF-854E-08858678B038}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{FB6DEAFC-9202-4679-8981-772AF369289F}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5117914C-15EB-4FDF-854E-08858678B038}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{FB6DEAFC-9202-4679-8981-772AF369289F}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{FB6DEAFC-9202-4679-8981-772AF369289F}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


Par contre internet n'est plus aussi lent depuis que j'ai utiliser navilog.
merci de ton aide.

merci de ton aide !
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 nov. 2008 à 21:28
Re,

il y a plus ennuyeux que navipromo.

==================================

Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum

================================
supprime (si il existe Combofix.exe sur ton Bureau ainsi que le répertoire Qoobox à la racine du disque, en général C:\Qoobox).

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le Bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

en particulier installe la Console de récupération.

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
CaptainZack
23 nov. 2008 à 12:43
OUla, donc apparemment je suis encore infecter par CID ?

Rapport de SmitFraud :

SmitFraudFix v2.376

Rapport fait à 11:48:58,10, 23/11/2008
Executé à partir de C:\Documents and Settings\waelkens\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost
127.0.0.1 preymaster.humanhead.com
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\config.ini supprimé
C:\WINDOWS\Tasks\At?.job supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{C2132D90-9662-445E-ADDC-1CE46A312C21}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{FB6DEAFC-9202-4679-8981-772AF369289F}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5117914C-15EB-4FDF-854E-08858678B038}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{FB6DEAFC-9202-4679-8981-772AF369289F}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5117914C-15EB-4FDF-854E-08858678B038}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{FB6DEAFC-9202-4679-8981-772AF369289F}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{FB6DEAFC-9202-4679-8981-772AF369289F}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin











---------------------------------------------------------------------------------------






Rapport Combofix :



omboFix 08-11-22.02 - waelkens 2008-11-23 12:31:46.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.587 [GMT 1:00]
Lancé depuis: d:\iso\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\waelkens\Application Data\inst.exe
c:\program files\INSTALL.LOG
c:\windows\Downloaded Program Files\setup.inf
c:\windows\ktd32.atm
c:\windows\system32\Bank.dll
c:\windows\system32\rnaph.dll
c:\windows\system32\tdssadw.dll
c:\windows\system32\TDSSerrors.log
c:\windows\system32\tdssinit.dll
c:\windows\system32\tdssl.dll
c:\windows\system32\tdsslog.dll
c:\windows\system32\tdssmain.dll
c:\windows\system32\tdssserf.dll
c:\windows\system32\tdssserf1.dll
c:\windows\system32\tdssservers.dat

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-23 au 2008-11-23 ))))))))))))))))))))))))))))))))))))
.

2008-11-22 19:33 . 2008-11-23 11:49 3,820 --a------ c:\windows\system32\tmp.reg
2008-11-22 19:32 . 2008-11-22 19:34 <REP> d-------- c:\documents and settings\waelkens\SmitfraudFix
2008-11-22 19:32 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe
2008-11-22 19:32 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe
2008-11-22 19:32 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe
2008-11-22 19:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\o4Patch.exe
2008-11-22 19:32 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe
2008-11-22 19:32 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe
2008-11-22 19:32 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe
2008-11-22 19:32 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe
2008-11-22 19:32 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe
2008-11-22 19:32 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe
2008-11-22 17:11 . 2008-11-22 17:11 <REP> d-------- C:\rsit
2008-11-22 16:56 . 2008-11-22 17:04 <REP> d-------- c:\program files\Navilog1
2008-11-22 03:26 . 2008-11-22 03:26 <REP> d-------- c:\documents and settings\All Users\Application Data\Blizzard
2008-11-21 17:42 . 2008-11-21 17:42 <REP> d-------- C:\Logs
2008-11-20 09:56 . 2008-11-20 09:56 <REP> d-------- c:\program files\Lavasoft
2008-11-20 09:56 . 2008-11-20 09:57 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-16 20:56 . 2008-11-20 15:41 <REP> d-------- c:\program files\adslTV
2008-11-16 20:56 . 2008-11-16 20:56 <REP> d-------- c:\documents and settings\waelkens\Application Data\vlc
2008-11-15 18:27 . 2008-11-15 18:27 <REP> d-------- c:\documents and settings\All Users\Application Data\2DBoy
2008-11-14 22:24 . 2008-11-14 22:24 118 --a------ c:\windows\system32\MRT.INI
2008-11-13 17:46 . 2008-11-13 17:46 <REP> d-------- c:\documents and settings\waelkens\OngameNetwork
2008-11-11 08:36 . 2008-11-11 08:36 <REP> d-------- C:\Medion
2008-11-02 08:25 . 2008-11-02 08:25 2,425 --ah----- C:\mxfilerelatedcache.mxc2
2008-11-02 08:25 . 2008-11-02 08:25 1,520 --a------ C:\yannickk_1.avd
2008-10-25 12:55 . 2008-10-25 12:55 86,016 --a------ C:\yannickk.ifo
2008-10-25 12:55 . 2008-10-25 12:55 161 --a------ C:\yannickk.rpk
2008-10-25 12:55 . 2008-10-25 12:55 19 --a------ C:\yannickk.lst
2008-10-25 12:50 . 2008-10-25 12:55 555,194,368 --a------ C:\yannickk_1.vob
2008-10-24 19:03 . 2008-10-24 19:03 0 --a------ c:\windows\DXT108.tmp
2008-10-24 19:03 . 2008-10-24 19:03 0 --a------ c:\windows\DXT107.tmp
2008-10-24 19:03 . 2008-10-24 19:03 0 --a------ c:\windows\DXT106.tmp
2008-10-24 19:03 . 2008-10-24 19:03 0 --a------ c:\windows\DXT105.tmp
2008-10-24 19:03 . 2008-10-24 19:03 0 --a------ c:\windows\DXT104.tmp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-23 11:31 --------- d-----w c:\program files\Wanadoo
2008-11-23 10:54 --------- d-----w c:\documents and settings\waelkens\Application Data\Skype
2008-11-23 08:15 17,408 ----a-w c:\windows\system32\drivers\USBCRFT.SYS
2008-11-22 18:33 5,632 -csha-w c:\program files\Thumbs.db
2008-11-21 10:39 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment
2008-11-21 10:11 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-20 14:18 --------- d-----w c:\documents and settings\waelkens\Application Data\Orbit
2008-11-20 08:56 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2008-11-20 08:51 --------- d-----w c:\documents and settings\waelkens\Application Data\Lavasoft
2008-11-17 14:35 46,162 ----a-w c:\documents and settings\waelkens\Application Data\wklnhst.dat
2008-11-14 22:20 --------- d-----w c:\program files\DivX
2008-11-07 21:22 --------- d-----w c:\program files\Mozilla Thunderbird
2008-11-05 18:00 --------- d-----w c:\documents and settings\waelkens\Application Data\uTorrent
2008-11-05 11:23 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2008-10-29 12:41 --------- d-----w c:\program files\RomStation
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-21 13:16 --------- d-----w c:\program files\Morgan
2008-10-18 12:22 209,636 ----a-w c:\windows\IPUI_DivXG400.exe
2008-10-18 12:20 --------- d-----w c:\program files\Rippackv3
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-16 12:51 --------- d-----w c:\documents and settings\waelkens\Application Data\FileZilla
2008-10-16 10:52 --------- d-----w c:\documents and settings\waelkens\Application Data\Apple Computer
2008-10-15 17:08 --------- d-----w c:\program files\DaemonTools_WhenUSave_Installer
2008-10-15 17:07 --------- d-----w c:\program files\Kodak
2008-10-15 16:40 --------- d-----w c:\program files\eRightSoft
2008-10-15 15:49 --------- d-----w c:\program files\BitComet
2008-10-15 09:49 --------- d-----w c:\program files\iTunes
2008-10-15 09:49 --------- d-----w c:\program files\iPod
2008-10-15 09:49 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-15 09:48 --------- d-----w c:\program files\Bonjour
2008-10-15 09:47 --------- d-----w c:\program files\QuickTime
2008-10-15 09:46 --------- d-----w c:\program files\Fichiers communs\Apple
2008-10-15 09:44 --------- d-----w c:\program files\Apple Software Update
2008-10-02 14:49 --------- d-----w c:\program files\Warcraft III
2008-10-01 11:01 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-30 14:30 98,304 ----a-w c:\windows\DUMPc8fd.tmp
2008-09-30 14:28 98,304 ----a-w c:\windows\DUMP3718.tmp
2008-09-28 06:41 --------- d-----w c:\program files\Combined Community Codec Pack
2008-09-26 13:44 --------- d-----w c:\documents and settings\waelkens\Application Data\Dev-Cpp
2008-09-26 13:02 --------- d-----w c:\documents and settings\waelkens\Application Data\codeblocks
2008-09-26 11:56 --------- d-----w c:\program files\Microsoft Visual Studio 9.0
2008-09-26 11:56 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-09-24 09:14 --------- d-----w c:\program files\Messenger Plus! Live
2008-09-23 17:56 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Corporation
2008-09-23 17:48 --------- d-----w c:\program files\Guitar Pro 5
2008-09-23 17:48 --------- d-----w c:\program files\Garena
2008-09-23 17:47 --------- d-----w c:\program files\Sports Interactive
2008-09-23 17:46 --------- d-----w c:\program files\eMule
2008-09-23 14:47 --------- d-----w c:\program files\Dofus
2008-09-19 21:55 200,704 -c--a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 -c--a-w c:\windows\system32\libdivx.dll
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-29 19:06 1,350,664 ----a-w c:\windows\system32\msxml6.dll
2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-06-09 08:26 85,944 -c--a-w c:\documents and settings\waelkens\Application Data\GDIPFONTCACHEV1.DAT
2007-11-18 14:15 47,360 -c--a-w c:\documents and settings\waelkens\Application Data\pcouffin.sys
2007-05-21 11:11 47 -c--a-w c:\documents and settings\waelkens\fixsize.cmd
2007-04-04 20:30 95,232 -c--a-w c:\documents and settings\waelkens\filechop.exe
2007-03-08 23:10 18,690 -c--a-w c:\documents and settings\waelkens\make-multi.exe
2007-02-25 12:00 1 -c--a-w c:\documents and settings\waelkens\SI.bin
2006-07-28 08:30 88,102 -c--a-w c:\program files\Aug2006_xinput_x64.cab
2006-07-28 08:30 47,018 -c--a-w c:\program files\Aug2006_xinput_x86.cab
2006-07-28 08:30 41,995 -c--a-w c:\program files\dxdllreg_x86.cab
2006-07-28 08:30 183,863 -c--a-w c:\program files\Aug2006_XACT_x64.cab
2006-07-28 08:30 138,195 -c--a-w c:\program files\Aug2006_XACT_x86.cab
2006-07-28 07:32 82,338 -c--a-w c:\program files\dxupdate.cab
2006-07-28 07:32 2,248,984 -c--a-w c:\program files\dsetup32.dll
2006-07-28 07:31 484,632 -c--a-w c:\program files\DXSETUP.exe
2006-07-28 07:30 74,520 -c--a-w c:\program files\DSETUP.dll
2006-06-05 23:07 31 -c----w c:\documents and settings\waelkens\getfile.dat
2006-05-31 05:39 181,745 -c----w c:\program files\JUN2006_XACT_x64.cab
2006-05-31 05:39 134,631 -c----w c:\program files\JUN2006_XACT_x86.cab
2006-03-31 11:56 917,318 -c----w c:\program files\Apr2006_MDX1_x86.cab
2006-03-31 11:56 87,989 -c----w c:\program files\Apr2006_xinput_x64.cab
2006-03-31 11:56 46,898 -c----w c:\program files\Apr2006_xinput_x86.cab
2006-03-31 11:56 4,163,518 -c----w c:\program files\Apr2006_MDX1_x86_Archive.cab
2006-03-31 11:56 180,021 -c----w c:\program files\Apr2006_XACT_x64.cab
2006-03-31 11:56 133,991 -c----w c:\program files\Apr2006_XACT_x86.cab
2006-03-31 11:56 1,398,718 -c----w c:\program files\Apr2006_d3dx9_30_x64.cab
2006-03-31 11:56 1,116,109 -c----w c:\program files\Apr2006_d3dx9_30_x86.cab
2006-02-16 13:05 278,528 -c--a-w c:\program files\Fichiers communs\FDEUnInstaller.exe
2006-02-03 08:00 179,247 -c----w c:\program files\Feb2006_XACT_x64.cab
2006-02-03 08:00 133,297 -c----w c:\program files\Feb2006_XACT_x86.cab
2006-02-03 08:00 1,363,684 -c----w c:\program files\Feb2006_d3dx9_29_x64.cab
2006-02-03 08:00 1,085,608 -c----w c:\program files\Feb2006_d3dx9_29_x86.cab
2005-12-05 17:31 86,925 -c----w c:\program files\Oct2005_xinput_x64.cab
2005-12-05 17:31 46,247 -c----w c:\program files\Oct2005_xinput_x86.cab
2005-12-05 17:31 1,358,864 -c----w c:\program files\Dec2005_d3dx9_28_x64.cab
2005-01-25 16:24 8 -csh--r c:\windows\system32\F2A38CDCBF.sys
2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2005-01-25 16:24 5,744 -csha-w c:\windows\system32\KGyGaAvL.sys
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-03-16 12:30 216,064 --sh--r c:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-12-09 1937408]
"SteamKeyFr"="c:\program files\SteamKeyFr\SteamKeyFr.exe" [2004-01-28 212992]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-01-12 25367592]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856]
"WOOKIT"="c:\progra~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 401491]
"TrueDownloaderAutoStart"="c:\program files\TrueDownloader\TrueDownloader.exe" [2005-02-20 520258]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"Steam"="d:\program files\Valve\Steam\Steam.exe" [2008-10-15 1410296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AOLDialer"="c:\program files\Fichiers communs\AOL\ACS\AOLDial.exe" [2004-04-08 496752]
"PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2005-02-04 118926]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="c:\progra~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"Adobe Photo Downloader"="f:\soirée pétanque\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 132624]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"Dit"="Dit.exe" [2004-07-20 c:\windows\Dit.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2006-07-16 626176]
Logiciel Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-06-21 282624]
SpySubtract.lnk - c:\program files\interMute\SpySubtract\SpySub.exe [2007-03-18 1187840]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoBandCustomize"= 0 (0x0)
"NoMovingBands"= 0 (0x0)
"NoCloseDragDropBands"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{FA010552-4A27-4cb1-A1BB-3E2D697F1639}"= "c:\program files\interMute\SpySubtract\sshook.dll" [2007-03-18 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.l3acm"= c:\windows\system32\l3codecp.acm
"MSACM.CEGSM"= mobilev.acm
"VIDC.FFDS"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"c:\\Documents and Settings\\waelkens\\Bureau\\yannicl\\programme C C++\\eMule0.49b\\emule.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Warcraft
"4670:TCP"= 4670:TCP:emule port
"4671:UDP"= 4671:UDP:emule portudp
"3724:TCP"= 3724:TCP:BLIZZARD

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-30 78416]
R1 cpuidlep;CpuIdle Pro System Driver;c:\windows\system32\drivers\cpuidlep.sys [2008-05-01 4484]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-30 20560]
R2 UxTuneUp;Extension de conception TuneUp;c:\windows\System32\svchost.exe -k netsvcs [2005-01-20 14336]
R3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2005-02-05 802048]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2005-01-20 1272000]
R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [2005-01-20 19928]
S2 FILESpy;FILESpy;\??\c:\program files\Softwin\BitDefender9\filespy.sys []
S3 AIDA32Driver;AIDA32Driver;\??\c:\program files\AIDA32 - Personal System Information\aida32.sys [2004-02-23 3584]
S3 CardReaderFilter;Card Reader Filter;\??\c:\windows\system32\Drivers\USBCRFT.SYS [2005-01-20 17408]
S3 lac97inf;lac97inf;\??\c:\docume~1\waelkens\LOCALS~1\Temp\lac97inf.sys []
S3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\Drivers\M1000KNT.sys [2007-01-10 274567]
S3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [2004-01-23 13952]
S3 PPortJoystick;Parallel Port Joystick device driver;c:\windows\system32\drivers\PPortJoy.sys [2004-01-23 28800]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ac68d9a-f886-11da-a67e-001109df929d}]
\Shell\AutoRun\command - L:\PreyStub.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5bd32168-dd23-11db-a8d2-001109df929d}]
\Shell\AutoRun\command - K:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{925fa382-1aac-11db-a6cd-001109df929d}]
\Shell\AutoRun\command - M:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca5651a3-8e67-11da-a58f-001109df929d}]
\Shell\AutoRun\command - livebox.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'

2008-11-23 c:\windows\Tasks\AF65D5EA91324F1E.job
- c:\docume~1\waelkens\applic~1\cdromw~1\BLEH LITE BAIT.exe []

2008-11-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-11-21 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2006-10-06 06:27]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl
HKLM-Run-M1000Mnt - M1000Rmv.exe


.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\waelkens\Application Data\Mozilla\Firefox\Profiles\vrvfhw56.default\
FF -: plugin - c:\documents and settings\waelkens\Application Data\Mozilla\Firefox\Profiles\vrvfhw56.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF -: plugin - c:\program files\ma-config.com\nphardwaredetection.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPMyrMus.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF -: plugin - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-23 12:33:29
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TrueDownloaderAutoStart = c:\program files\TrueDownloader\TrueDownloader.exe /silent??????????????&?O?p?t?i?o?n?s???i?e?r?????????????????P?a?n?i?e?r???s?i?o?n? ?:???????????????M?o?t? ?d?e? ?p?a?s?s?e?:???????????????h?e?u?r?e?(?s?)?????a?i?s???????????????S?u?p?p?r?.? ?U?R?L???e

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\rsaenh.dll

- - - - - - - > 'lsass.exe'(788)
c:\windows\system32\msprivs.dll
c:\windows\system32\rsaenh.dll
.
Heure de fin: 2008-11-23 12:35:07
ComboFix-quarantined-files.txt 2008-11-23 11:34:36

Avant-CF: 7 907 942 400 octets libres
Après-CF: 7,916,593,152 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

324 --- E O F --- 2008-11-14 21:24:20
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
23 nov. 2008 à 12:55
Re,

effectivement, toujours l'infection Cid :


Télécharge Lop S&D ici :

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Double-clique dessus pour lancer l'installation

Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau

Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:lopR.txt )
0
CaptainZack
23 nov. 2008 à 14:32
Re,
Voila le rapport

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : waelkens ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081122-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:68 Go (Free:8 Go)
E:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
F:\ (Local Disk) - NTFS - Total:149 Go (Free:20 Go)
G:\ (CD or DVD)
H:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
I:\ (CD or DVD)
K:\ (USB)
L:\ (USB)
M:\ (USB)
O:\ (CD or DVD)
P:\ (CD or DVD)
S:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 23/11/2008|14:25 )

--------------------\\ Listing des dossiers dans APPLIC~1

[25/01/2005|17:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[26/01/2005|13:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[05/02/2005|18:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[20/01/2005|14:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[20/01/2005|18:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[26/01/2005|19:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[30/09/2008|15:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[26/01/2005|11:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[25/01/2005|16:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[26/01/2005|13:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[15/10/2008|10:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[15/11/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2DBoy
[24/03/2007|06:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[09/12/2007|05:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[26/01/2005|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/12/2007|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/12/2007|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/07/2008|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[22/11/2008|03:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[29/11/2007|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[13/03/2007|09:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CakeBowsBrowseBall
[21/04/2006|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[06/02/2006|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/11/2007|01:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro
[03/11/2007|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[27/05/2006|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[14/06/2007|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[17/02/2006|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESTsoft
[12/09/2006|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/09/2006|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/02/2008|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[20/11/2008|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03/11/2007|17:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[22/09/2008|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[24/01/2006|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/07/2008|00:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[02/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[20/11/2008|09:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/09/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Corporation
[26/09/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[26/01/2005|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[29/01/2006|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/07/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[20/01/2005|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[21/01/2007|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[18/11/2007|09:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[11/02/2006|14:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[03/04/2007|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22/07/2006|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trojan Remover
[24/01/2006|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[26/01/2005|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[05/01/2007|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/03/2008|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[27/07/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[28/07/2008|05:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[25/01/2005|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[26/01/2005|13:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[05/02/2005|18:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[20/01/2005|14:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/01/2005|18:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[26/01/2005|19:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/01/2005|11:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[25/01/2005|16:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[26/01/2005|13:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[20/01/2005|14:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/01/2005|19:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[12/07/2007|02:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[24/04/2006|18:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[29/01/2006|12:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

[01/04/2006|13:12] C:\DOCUME~1\waelkens\APPLIC~1\.gaim
[15/12/2007|12:34] C:\DOCUME~1\waelkens\APPLIC~1\ACAMPREF
[04/01/2008|22:56] C:\DOCUME~1\waelkens\APPLIC~1\Adobe
[20/02/2006|10:16] C:\DOCUME~1\waelkens\APPLIC~1\AdobeUM
[04/11/2006|06:18] C:\DOCUME~1\waelkens\APPLIC~1\Ahead
[26/01/2005|13:08] C:\DOCUME~1\waelkens\APPLIC~1\AOL
[16/10/2008|11:52] C:\DOCUME~1\waelkens\APPLIC~1\Apple Computer
[25/01/2006|06:05] C:\DOCUME~1\waelkens\APPLIC~1\ArcSoft
[01/05/2008|21:48] C:\DOCUME~1\waelkens\APPLIC~1\ATI
[26/01/2006|21:47] C:\DOCUME~1\waelkens\APPLIC~1\Azureus
[12/03/2007|22:43] C:\DOCUME~1\waelkens\APPLIC~1\BitDownload
[31/05/2008|10:47] C:\DOCUME~1\waelkens\APPLIC~1\BSplayer
[13/04/2008|22:02] C:\DOCUME~1\waelkens\APPLIC~1\BSplayer Pro
[12/03/2007|23:01] C:\DOCUME~1\waelkens\APPLIC~1\CdromWait
[26/09/2008|14:02] C:\DOCUME~1\waelkens\APPLIC~1\codeblocks
[12/02/2007|13:00] C:\DOCUME~1\waelkens\APPLIC~1\CyberLink
[04/11/2007|00:05] C:\DOCUME~1\waelkens\APPLIC~1\DAEMON Tools Pro
[26/12/2007|14:50] C:\DOCUME~1\waelkens\APPLIC~1\DataCast
[26/09/2008|14:44] C:\DOCUME~1\waelkens\APPLIC~1\Dev-Cpp
[31/03/2007|07:52] C:\DOCUME~1\waelkens\APPLIC~1\DivX
[12/03/2006|07:23] C:\DOCUME~1\waelkens\APPLIC~1\DMCache
[03/11/2007|17:27] C:\DOCUME~1\waelkens\APPLIC~1\Droppix
[19/09/2008|04:31] C:\DOCUME~1\waelkens\APPLIC~1\EPSON
[17/02/2006|21:07] C:\DOCUME~1\waelkens\APPLIC~1\ESTsoft
[16/10/2008|13:51] C:\DOCUME~1\waelkens\APPLIC~1\FileZilla
[03/05/2007|19:51] C:\DOCUME~1\waelkens\APPLIC~1\GetRightToGo
[15/09/2006|11:31] C:\DOCUME~1\waelkens\APPLIC~1\Google
[25/03/2008|18:07] C:\DOCUME~1\waelkens\APPLIC~1\gtk-2.0
[04/11/2006|23:25] C:\DOCUME~1\waelkens\APPLIC~1\Help
[20/01/2005|14:33] C:\DOCUME~1\waelkens\APPLIC~1\Identities
[14/02/2006|23:04] C:\DOCUME~1\waelkens\APPLIC~1\IDM
[14/06/2007|18:37] C:\DOCUME~1\waelkens\APPLIC~1\ImgBurn
[28/01/2007|11:57] C:\DOCUME~1\waelkens\APPLIC~1\InstallShield
[18/03/2007|11:53] C:\DOCUME~1\waelkens\APPLIC~1\InterMute
[21/04/2006|18:46] C:\DOCUME~1\waelkens\APPLIC~1\InterTrust
[20/11/2008|09:51] C:\DOCUME~1\waelkens\APPLIC~1\Lavasoft
[31/03/2007|06:46] C:\DOCUME~1\waelkens\APPLIC~1\Leadertech
[20/01/2005|18:50] C:\DOCUME~1\waelkens\APPLIC~1\Macromedia
[15/10/2007|18:21] C:\DOCUME~1\waelkens\APPLIC~1\Magix
[29/11/2007|13:02] C:\DOCUME~1\waelkens\APPLIC~1\Media Player Classic
[14/07/2008|11:55] C:\DOCUME~1\waelkens\APPLIC~1\Microsoft
[26/08/2008|20:56] C:\DOCUME~1\waelkens\APPLIC~1\Mozilla
[20/11/2008|15:18] C:\DOCUME~1\waelkens\APPLIC~1\Orbit
[02/07/2008|11:01] C:\DOCUME~1\waelkens\APPLIC~1\Real
[06/11/2007|20:59] C:\DOCUME~1\waelkens\APPLIC~1\Screenshot Sender
[28/01/2007|11:39] C:\DOCUME~1\waelkens\APPLIC~1\SecuROM
[06/06/2007|15:01] C:\DOCUME~1\waelkens\APPLIC~1\Shareaza
[18/03/2007|11:00] C:\DOCUME~1\waelkens\APPLIC~1\Simply Super Software
[23/11/2008|11:54] C:\DOCUME~1\waelkens\APPLIC~1\Skype
[11/11/2007|20:01] C:\DOCUME~1\waelkens\APPLIC~1\Sony
[31/05/2008|10:47] C:\DOCUME~1\waelkens\APPLIC~1\Sports Interactive
[25/01/2005|16:45] C:\DOCUME~1\waelkens\APPLIC~1\Sun
[05/06/2006|20:51] C:\DOCUME~1\waelkens\APPLIC~1\System Requirements Lab
[24/01/2006|20:41] C:\DOCUME~1\waelkens\APPLIC~1\Talkback
[19/07/2006|22:06] C:\DOCUME~1\waelkens\APPLIC~1\teamspeak2
[01/03/2007|18:02] C:\DOCUME~1\waelkens\APPLIC~1\Thunderbird
[24/01/2006|20:12] C:\DOCUME~1\waelkens\APPLIC~1\TuneUp Software
[05/11/2008|19:00] C:\DOCUME~1\waelkens\APPLIC~1\uTorrent
[09/12/2007|14:06] C:\DOCUME~1\waelkens\APPLIC~1\Viewpoint
[16/11/2008|20:56] C:\DOCUME~1\waelkens\APPLIC~1\vlc
[18/11/2007|15:15] C:\DOCUME~1\waelkens\APPLIC~1\Vso
[16/03/2006|20:07] C:\DOCUME~1\waelkens\APPLIC~1\Xfire
[28/07/2008|05:56] C:\DOCUME~1\waelkens\APPLIC~1\Yahoo!
[26/01/2005|13:08] C:\DOCUME~1\waelkens\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[23/11/2008 14:00][--ah-----] C:\WINDOWS\tasks\AF65D5EA91324F1E.job
[18/11/2008 07:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[21/11/2008 17:29][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[23/11/2008 12:35][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AF65D5EA91324F1E.job )=( c:\docume~1\waelkens\applic~1\cdromw~1\BLEHLITEBAIT.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[02/07/2008|10:48] C:\Program Files\7-Zip
[21/04/2006|18:46] C:\Program Files\Adobe
[20/11/2008|15:41] C:\Program Files\adslTV
[31/05/2008|10:47] C:\Program Files\AdVantage
[07/03/2008|18:49] C:\Program Files\AGEIA Technologies
[25/01/2005|17:31] C:\Program Files\Ahead
[26/03/2007|20:19] C:\Program Files\AIDA32 - Personal System Information
[20/01/2008|16:01] C:\Program Files\AIST
[03/11/2007|19:57] C:\Program Files\Alcohol Soft
[31/08/2007|19:55] C:\Program Files\Alwil Software
[25/01/2006|06:07] C:\Program Files\AOL 9.0
[26/01/2005|13:08] C:\Program Files\AOL Compagnon
[03/05/2007|20:02] C:\Program Files\AOL Toolbar
[15/10/2008|10:44] C:\Program Files\Apple Software Update
[05/02/2006|20:04] C:\Program Files\ASCII
[10/07/2008|11:54] C:\Program Files\ATI Technologies
[27/07/2008|11:47] C:\Program Files\Audacity
[02/05/2006|15:52] C:\Program Files\AV VCS 3.0
[07/05/2007|10:36] C:\Program Files\AvantGo Connect
[11/02/2008|19:18] C:\Program Files\AviSynth 2.5
[10/01/2007|18:06] C:\Program Files\Beston
[15/10/2008|16:49] C:\Program Files\BitComet
[08/09/2007|11:23] C:\Program Files\BitDownload
[15/10/2008|10:48] C:\Program Files\Bonjour
[10/02/2006|16:37] C:\Program Files\CA
[20/01/2005|17:50] C:\Program Files\Cardreader Software
[28/09/2008|07:41] C:\Program Files\Combined Community Codec Pack
[01/05/2008|11:29] C:\Program Files\Common Files
[20/01/2005|14:31] C:\Program Files\ComPlus Applications
[24/10/2006|22:20] C:\Program Files\Creative
[05/02/2005|18:40] C:\Program Files\CyberLink
[14/04/2008|11:25] C:\Program Files\DAEMON Tools Pro
[15/10/2008|18:08] C:\Program Files\DaemonTools_WhenUSave_Installer
[17/04/2006|12:40] C:\Program Files\directx
[14/11/2008|23:20] C:\Program Files\DivX
[23/09/2008|15:47] C:\Program Files\Dofus
[28/03/2007|13:15] C:\Program Files\DVD Decrypter
[10/06/2006|16:01] C:\Program Files\Eidos
[02/03/2008|13:51] C:\Program Files\Elaborate Bytes
[07/03/2008|19:04] C:\Program Files\Electronic Arts
[23/09/2008|18:46] C:\Program Files\eMule
[26/01/2005|10:23] C:\Program Files\Encarta
[14/07/2007|08:36] C:\Program Files\EPSON
[15/10/2008|17:40] C:\Program Files\eRightSoft
[23/11/2008|12:32] C:\Program Files\Fichiers communs
[26/04/2007|23:04] C:\Program Files\FLV Player
[03/11/2006|00:58] C:\Program Files\Futuremark
[10/07/2006|18:02] C:\Program Files\GameShadow
[23/09/2008|18:48] C:\Program Files\Garena
[06/02/2007|19:45] C:\Program Files\Google
[24/02/2007|11:05] C:\Program Files\Gothic III
[31/05/2008|10:46] C:\Program Files\Gpotato.eu
[23/09/2008|18:48] C:\Program Files\Guitar Pro 5
[25/03/2007|20:50] C:\Program Files\Home Cinema
[19/11/2007|20:38] C:\Program Files\ImgBurn
[21/11/2008|11:11] C:\Program Files\InstallShield Installation Information
[20/01/2005|15:49] C:\Program Files\Intel
[18/03/2007|11:53] C:\Program Files\interMute
[12/03/2006|20:30] C:\Program Files\Internet Download Manager
[18/10/2008|22:23] C:\Program Files\Internet Explorer
[15/10/2008|10:49] C:\Program Files\iPod
[25/10/2006|10:50] C:\Program Files\iPod(2)
[04/11/2007|13:14] C:\Program Files\ISOpen
[15/10/2008|10:49] C:\Program Files\iTunes
[25/10/2006|10:50] C:\Program Files\iTunes(2)
[29/11/2007|17:06] C:\Program Files\IVT Corporation
[11/07/2008|11:45] C:\Program Files\Java
[08/03/2007|22:25] C:\Program Files\JeffProd
[08/09/2007|17:17] C:\Program Files\Jeux classiques
[02/07/2008|11:03] C:\Program Files\K-Lite Codec Pack
[15/10/2008|18:07] C:\Program Files\Kodak
[20/11/2008|09:56] C:\Program Files\Lavasoft
[26/01/2005|13:08] C:\Program Files\Learn2.com
[09/06/2007|21:53] C:\Program Files\LeechGet 2007
[26/07/2007|11:27] C:\Program Files\LitexMedia
[21/09/2008|12:33] C:\Program Files\Ludiclub
[22/09/2008|17:21] C:\Program Files\ma-config.com
[30/11/2007|20:14] C:\Program Files\MagicISO
[26/12/2007|14:46] C:\Program Files\MarkAny
[03/06/2007|18:32] C:\Program Files\Maxis
[26/01/2005|19:10] C:\Program Files\Medion
[17/08/2008|00:19] C:\Program Files\Messenger
[24/09/2008|10:14] C:\Program Files\Messenger Plus! Live
[03/02/2007|22:57] C:\Program Files\MessengerPlus! 3
[17/04/2006|12:40] C:\Program Files\Microids
[07/05/2007|10:36] C:\Program Files\Microsoft ActiveSync
[26/01/2005|10:25] C:\Program Files\Microsoft AutoRoute
[20/01/2005|14:33] C:\Program Files\microsoft frontpage
[16/01/2007|20:58] C:\Program Files\Microsoft Games
[26/01/2005|10:19] C:\Program Files\Microsoft Money 2005
[10/09/2008|20:13] C:\Program Files\Microsoft Office
[14/07/2008|00:14] C:\Program Files\Microsoft SDKs
[11/11/2007|20:01] C:\Program Files\Microsoft SQL Server
[14/07/2008|00:19] C:\Program Files\Microsoft SQL Server Compact Edition
[14/07/2008|00:19] C:\Program Files\Microsoft Synchronization Services
[05/02/2005|17:04] C:\Program Files\Microsoft Visual Studio
[26/09/2008|12:56] C:\Program Files\Microsoft Visual Studio 9.0
[03/05/2007|20:02] C:\Program Files\Microsoft Works
[26/01/2005|10:13] C:\Program Files\Microsoft Works Suite 2005
[21/10/2008|14:16] C:\Program Files\Morgan
[11/02/2008|19:36] C:\Program Files\Movie Maker
[23/11/2008|14:22] C:\Program Files\Mozilla Firefox
[07/11/2008|22:22] C:\Program Files\Mozilla Thunderbird
[11/03/2007|15:08] C:\Program Files\MP3 Player Utilities 3.68
[14/07/2008|00:10] C:\Program Files\MSBuild
[10/09/2008|20:12] C:\Program Files\MSECache
[14/03/2006|20:05] C:\Program Files\MSN
[20/01/2005|14:31] C:\Program Files\MSN Gaming Zone
[16/11/2006|21:52] C:\Program Files\MSXML 4.0
[14/07/2008|00:09] C:\Program Files\MSXML 6.0
[14/04/2007|08:08] C:\Program Files\Multi_Media_France
[22/12/2007|08:02] C:\Program Files\Musicmatch
[26/01/2005|19:43] C:\Program Files\muvee Technologies
[22/11/2008|17:04] C:\Program Files\Navilog1
[19/08/2007|14:14] C:\Program Files\Navirad_UserTool
[25/02/2007|01:59] C:\Program Files\NetBattle
[01/09/2006|16:25] C:\Program Files\NetMeeting
[21/01/2007|19:37] C:\Program Files\Ocean Technology
[05/02/2005|17:50] C:\Program Files\OfficeUpdate11
[13/06/2007|21:05] C:\Program Files\Outlook Express
[11/11/2007|23:45] C:\Program Files\PaintStar
[16/06/2008|18:32] C:\Program Files\Picture It! Premium 10
[07/05/2007|11:17] C:\Program Files\POI-Warner GoPal Edition
[07/05/2007|11:33] C:\Program Files\POI-Warner POI-Data
[10/06/2007|19:41] C:\Program Files\PokerStars
[21/01/2007|22:30] C:\Program Files\PowerPoint Viewer
[16/01/2007|17:57] C:\Program Files\Project64 1.6
[15/10/2008|10:47] C:\Program Files\QuickTime
[26/01/2005|19:29] C:\Program Files\RALINK
[26/01/2005|11:44] C:\Program Files\Real
[14/07/2008|00:10] C:\Program Files\Reference Assemblies
[18/10/2008|13:20] C:\Program Files\Rippackv3
[11/07/2006|00:15] C:\Program Files\Rockstar Games
[29/10/2008|13:41] C:\Program Files\RomStation
[20/10/2006|18:43] C:\Program Files\RPG Maker 2003Projet 1
[03/11/2006|11:45] C:\Program Files\S2SaTstrat
[04/04/2007|15:50] C:\Program Files\SAGEM
[25/02/2007|01:58] C:\Program Files\SAGEM(2)
[26/12/2007|14:45] C:\Program Files\Samsung
[12/02/2007|15:04] C:\Program Files\Securitoo
[14/07/2006|09:16] C:\Program Files\SEIKO EPSON Corp
[20/01/2005|14:32] C:\Program Files\Services en ligne
[09/07/2008|18:37] C:\Program Files\Sierra On-Line
[03/02/2006|13:47] C:\Program Files\Singles
[21/01/2007|21:47] C:\Program Files\Skype
[14/06/2007|14:48] C:\Program Files\SlySoft
[05/10/2006|16:53] C:\Program Files\Smart Projects
[03/05/2007|20:02] C:\Program Files\Softwin
[03/01/2008|14:33] C:\Program Files\Soldier of Fortune II - Double Helix
[22/12/2007|08:05] C:\Program Files\Sony
[11/11/2007|19:58] C:\Program Files\Sony Setup
[23/09/2008|18:47] C:\Program Files\Sports Interactive
[24/08/2006|15:15] C:\Program Files\Spybot - Search & Destroy
[19/08/2007|14:12] C:\Program Files\Spyware-Secure
[22/08/2006|15:15] C:\Program Files\SteamKeyFr
[27/07/2008|11:46] C:\Program Files\Steinberg
[26/01/2005|13:08] C:\Program Files\TechCity Solutions
[12/03/2007|23:58] C:\Program Files\The All-Seeing Eye
[19/10/2006|18:49] C:\Program Files\The Game Creators
[18/11/2007|10:04] C:\Program Files\The Witcher
[26/01/2007|18:15] C:\Program Files\THQ
[09/06/2007|22:10] C:\Program Files\TrueDownloader
[06/07/2007|16:28] C:\Program Files\TuneUp Utilities 2006
[11/11/2007|20:01] C:\Program Files\Uninstall Information
[16/02/2006|22:08] C:\Program Files\UnrealTournament
[27/04/2007|18:30] C:\Program Files\uTorrent
[14/07/2008|13:50] C:\Program Files\Valve
[21/04/2007|11:00] C:\Program Files\VideoLAN
[25/09/2006|16:04] C:\Program Files\VideoMach-2.7.2
[21/01/2007|22:30] C:\Program Files\VideoMach-3.3.4
[26/01/2005|13:08] C:\Program Files\Viewpoint
[09/05/2008|08:50] C:\Program Files\VirtualDJ
[03/05/2007|20:02] C:\Program Files\VuPassword
[23/11/2008|12:37] C:\Program Files\Wanadoo
[02/10/2008|15:49] C:\Program Files\Warcraft III
[31/05/2008|10:47] C:\Program Files\Webteh
[21/10/2006|11:09] C:\Program Files\WinAVI MP4 Converter
[20/01/2005|17:43] C:\Program Files\Winbond Electronics Corp
[20/01/2005|14:36] C:\Program Files\Windows Journal Viewer
[15/03/2008|10:06] C:\Program Files\Windows Live
[10/01/2007|17:56] C:\Program Files\Windows Media Components
[05/01/2007|22:23] C:\Program Files\Windows Media Connect
[02/03/2008|13:53] C:\Program Files\Windows Media Connect 2
[30/07/2008|14:01] C:\Program Files\Windows Media Player
[21/03/2007|20:24] C:\Program Files\Windows NT
[29/04/2006|12:02] C:\Program Files\WindowsUpdate
[19/08/2007|14:13] C:\Program Files\WinDriver Ghost
[17/02/2006|20:23] C:\Program Files\WinISO
[07/06/2007|18:51] C:\Program Files\WinRAR
[27/02/2007|06:27] C:\Program Files\wmv_vcm
[05/02/2005|18:14] C:\Program Files\X10 Hardware
[20/01/2005|14:33] C:\Program Files\xerox
[21/01/2007|22:30] C:\Program Files\Xfire
[27/07/2008|19:52] C:\Program Files\Yahoo!
[31/05/2008|10:45] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[14/06/2007|16:04] C:\Program Files\Fichiers communs\Adobe
[25/01/2005|17:30] C:\Program Files\Fichiers communs\Ahead
[26/01/2005|13:08] C:\Program Files\Fichiers communs\AOL
[05/02/2005|19:54] C:\Program Files\Fichiers communs\aolshare
[15/10/2008|10:46] C:\Program Files\Fichiers communs\Apple
[19/10/2006|18:50] C:\Program Files\Fichiers communs\Bcgsoft
[21/11/2008|11:39] C:\Program Files\Fichiers communs\Blizzard Entertainment
[20/01/2005|17:43] C:\Program Files\Fichiers communs\Borland Shared
[26/01/2005|10:16] C:\Program Files\Fichiers communs\Designer
[08/02/2006|21:48] C:\Program Files\Fichiers communs\DirectX
[14/07/2006|08:56] C:\Program Files\Fichiers communs\EPSON
[30/09/2006|15:36] C:\Program Files\Fichiers communs\InstallShield
[25/01/2005|16:25] C:\Program Files\Fichiers communs\Java
[27/02/2008|15:23] C:\Program Files\Fichiers communs\Kodak
[03/11/2007|17:27] C:\Program Files\Fichiers communs\LightScribe
[15/10/2007|16:58] C:\Program Files\Fichiers communs\MAGIX Shared
[18/10/2008|14:48] C:\Program Files\Fichiers communs\Microsoft Shared
[20/01/2005|14:32] C:\Program Files\Fichiers communs\MSSoap
[26/01/2005|19:43] C:\Program Files\Fichiers communs\muvee Technologies
[18/03/2006|18:00] C:\Program Files\Fichiers communs\NSV
[26/01/2005|13:08] C:\Program Files\Fichiers communs\Nullsoft
[20/01/2005|15:26] C:\Program Files\Fichiers communs\ODBC
[14/07/2007|08:39] C:\Program Files\Fichiers communs\Python
[02/07/2008|11:01] C:\Program Files\Fichiers communs\Real
[20/01/2005|14:32] C:\Program Files\Fichiers communs\Services
[21/01/2007|21:47] C:\Program Files\Fichiers communs\Skype
[06/06/2006|10:02] C:\Program Files\Fichiers communs\Softwin
[20/01/2005|15:26] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|21:05] C:\Program Files\Fichiers communs\System
[05/06/2006|20:51] C:\Program Files\Fichiers communs\SystemRequirementsLab
[15/03/2008|10:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[20/11/2008|09:56] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 70 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\waelkens\APPLIC~1\CDROMW~1

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\waelkens\APPLIC~1\cdromw~1
C:\DOCUME~1\waelkens\APPLIC~1\Bitdownload
C:\DOCUME~1\waelkens\APPLIC~1\BitDownload
C:\DOCUME~1\waelkens\APPLIC~1\BitDownload\Data
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload.TRC
C:\Program Files\BitDownload\ZM
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\WINDOWS\Tasks\AF65D5EA91324F1E.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Comp Bib Bird]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\waelkens\\APPLIC~1\\CDROMW~1\\Camp Mail.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 73 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-23 14:26:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1407

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]

--------------------\\ ROGUES ..

C:\PROGRA~1\Spyware-Secure

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010425_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010425_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010426_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010426_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010428_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010428_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010429_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010429_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010430_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010430_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123643_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123643_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123644_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123644_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123650_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123650_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123934_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123934_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123935_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123935_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123937_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123937_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123938_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123938_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124330_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124330_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124331_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124331_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124337_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124337_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124344_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124344_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124349_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124349_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124350_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124350_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124356_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124356_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124402_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124402_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124403_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124403_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124427_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124427_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124428_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124428_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124434_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124434_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124435_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124435_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124441_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124441_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131037_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131037_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131038_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131038_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131042_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131042_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131043_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131043_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131354_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131354_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131355_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131355_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131401_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131401_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131402_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131402_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131403_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131403_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131404_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131404_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Mes documents\Mes fichiers reçus\Corona DJ - Move The Sound (Crack Dub Mix).mp3


[F:7][D:1]-> C:\DOCUME~1\waelkens\LOCALS~1\Temp
[F:281][D:0]-> C:\DOCUME~1\waelkens\Cookies
[F:76][D:12]-> C:\DOCUME~1\waelkens\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 23/11/2008|14:29 - Option : [1]

--------------------\\ Fin du rapport a 14:29:04
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
23 nov. 2008 à 15:47
RE,


Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,

Nouvelle tâche, tape explorer.exe et valide )
0
CaptainZack
23 nov. 2008 à 15:55
Re,


--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : waelkens ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081122-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:68 Go (Free:8 Go)
E:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
F:\ (Local Disk) - NTFS - Total:149 Go (Free:40 Go)
G:\ (CD or DVD)
H:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
I:\ (CD or DVD)
K:\ (USB)
L:\ (USB)
M:\ (USB)
O:\ (CD or DVD)
P:\ (CD or DVD)
S:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 23/11/2008|15:48 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\waelkens\APPLIC~1\BitDownload\Data
Supprime! - C:\Program Files\BitDownload\BitDownload.TRC
Supprime! - C:\Program Files\BitDownload\ZM
Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG
Supprime! - C:\WINDOWS\Tasks\AF65D5EA91324F1E.job
Supprime! - C:\DOCUME~1\waelkens\APPLIC~1\cdromw~1
Supprime! - C:\DOCUME~1\waelkens\APPLIC~1\Bitdownload
Supprime! - C:\Program Files\BitDownload
Supprime! - C:\Program Files\Multi_Media_France
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\waelkens\APPLIC~1\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[25/01/2005|17:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[26/01/2005|13:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[05/02/2005|18:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[20/01/2005|14:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[20/01/2005|18:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[26/01/2005|19:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[30/09/2008|15:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[26/01/2005|11:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[25/01/2005|16:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[26/01/2005|13:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[15/10/2008|10:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[15/11/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2DBoy
[24/03/2007|06:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[09/12/2007|05:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[26/01/2005|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/12/2007|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/12/2007|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/07/2008|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[22/11/2008|03:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[29/11/2007|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[13/03/2007|09:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CakeBowsBrowseBall
[21/04/2006|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[06/02/2006|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/11/2007|01:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro
[03/11/2007|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[27/05/2006|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[14/06/2007|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[17/02/2006|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESTsoft
[12/09/2006|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/09/2006|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/02/2008|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[20/11/2008|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03/11/2007|17:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[22/09/2008|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[24/01/2006|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/07/2008|00:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[02/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[20/11/2008|09:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/09/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Corporation
[26/09/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[26/01/2005|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[29/01/2006|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/07/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[20/01/2005|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[21/01/2007|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[18/11/2007|09:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[11/02/2006|14:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[03/04/2007|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22/07/2006|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trojan Remover
[24/01/2006|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[05/01/2007|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/03/2008|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[27/07/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[28/07/2008|05:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[25/01/2005|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[26/01/2005|13:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[05/02/2005|18:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[20/01/2005|14:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/01/2005|18:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[26/01/2005|19:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/01/2005|11:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[25/01/2005|16:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[26/01/2005|13:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[20/01/2005|14:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/01/2005|19:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[12/07/2007|02:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[24/04/2006|18:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[29/01/2006|12:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

[01/04/2006|13:12] C:\DOCUME~1\waelkens\APPLIC~1\.gaim
[15/12/2007|12:34] C:\DOCUME~1\waelkens\APPLIC~1\ACAMPREF
[04/01/2008|22:56] C:\DOCUME~1\waelkens\APPLIC~1\Adobe
[20/02/2006|10:16] C:\DOCUME~1\waelkens\APPLIC~1\AdobeUM
[04/11/2006|06:18] C:\DOCUME~1\waelkens\APPLIC~1\Ahead
[26/01/2005|13:08] C:\DOCUME~1\waelkens\APPLIC~1\AOL
[16/10/2008|11:52] C:\DOCUME~1\waelkens\APPLIC~1\Apple Computer
[25/01/2006|06:05] C:\DOCUME~1\waelkens\APPLIC~1\ArcSoft
[01/05/2008|21:48] C:\DOCUME~1\waelkens\APPLIC~1\ATI
[26/01/2006|21:47] C:\DOCUME~1\waelkens\APPLIC~1\Azureus
[31/05/2008|10:47] C:\DOCUME~1\waelkens\APPLIC~1\BSplayer
[13/04/2008|22:02] C:\DOCUME~1\waelkens\APPLIC~1\BSplayer Pro
[26/09/2008|14:02] C:\DOCUME~1\waelkens\APPLIC~1\codeblocks
[12/02/2007|13:00] C:\DOCUME~1\waelkens\APPLIC~1\CyberLink
[04/11/2007|00:05] C:\DOCUME~1\waelkens\APPLIC~1\DAEMON Tools Pro
[26/12/2007|14:50] C:\DOCUME~1\waelkens\APPLIC~1\DataCast
[26/09/2008|14:44] C:\DOCUME~1\waelkens\APPLIC~1\Dev-Cpp
[31/03/2007|07:52] C:\DOCUME~1\waelkens\APPLIC~1\DivX
[12/03/2006|07:23] C:\DOCUME~1\waelkens\APPLIC~1\DMCache
[03/11/2007|17:27] C:\DOCUME~1\waelkens\APPLIC~1\Droppix
[19/09/2008|04:31] C:\DOCUME~1\waelkens\APPLIC~1\EPSON
[17/02/2006|21:07] C:\DOCUME~1\waelkens\APPLIC~1\ESTsoft
[16/10/2008|13:51] C:\DOCUME~1\waelkens\APPLIC~1\FileZilla
[03/05/2007|19:51] C:\DOCUME~1\waelkens\APPLIC~1\GetRightToGo
[15/09/2006|11:31] C:\DOCUME~1\waelkens\APPLIC~1\Google
[25/03/2008|18:07] C:\DOCUME~1\waelkens\APPLIC~1\gtk-2.0
[04/11/2006|23:25] C:\DOCUME~1\waelkens\APPLIC~1\Help
[20/01/2005|14:33] C:\DOCUME~1\waelkens\APPLIC~1\Identities
[14/02/2006|23:04] C:\DOCUME~1\waelkens\APPLIC~1\IDM
[14/06/2007|18:37] C:\DOCUME~1\waelkens\APPLIC~1\ImgBurn
[28/01/2007|11:57] C:\DOCUME~1\waelkens\APPLIC~1\InstallShield
[18/03/2007|11:53] C:\DOCUME~1\waelkens\APPLIC~1\InterMute
[21/04/2006|18:46] C:\DOCUME~1\waelkens\APPLIC~1\InterTrust
[20/11/2008|09:51] C:\DOCUME~1\waelkens\APPLIC~1\Lavasoft
[31/03/2007|06:46] C:\DOCUME~1\waelkens\APPLIC~1\Leadertech
[20/01/2005|18:50] C:\DOCUME~1\waelkens\APPLIC~1\Macromedia
[15/10/2007|18:21] C:\DOCUME~1\waelkens\APPLIC~1\Magix
[29/11/2007|13:02] C:\DOCUME~1\waelkens\APPLIC~1\Media Player Classic
[14/07/2008|11:55] C:\DOCUME~1\waelkens\APPLIC~1\Microsoft
[26/08/2008|20:56] C:\DOCUME~1\waelkens\APPLIC~1\Mozilla
[20/11/2008|15:18] C:\DOCUME~1\waelkens\APPLIC~1\Orbit
[02/07/2008|11:01] C:\DOCUME~1\waelkens\APPLIC~1\Real
[06/11/2007|20:59] C:\DOCUME~1\waelkens\APPLIC~1\Screenshot Sender
[28/01/2007|11:39] C:\DOCUME~1\waelkens\APPLIC~1\SecuROM
[06/06/2007|15:01] C:\DOCUME~1\waelkens\APPLIC~1\Shareaza
[18/03/2007|11:00] C:\DOCUME~1\waelkens\APPLIC~1\Simply Super Software
[23/11/2008|11:54] C:\DOCUME~1\waelkens\APPLIC~1\Skype
[11/11/2007|20:01] C:\DOCUME~1\waelkens\APPLIC~1\Sony
[31/05/2008|10:47] C:\DOCUME~1\waelkens\APPLIC~1\Sports Interactive
[25/01/2005|16:45] C:\DOCUME~1\waelkens\APPLIC~1\Sun
[05/06/2006|20:51] C:\DOCUME~1\waelkens\APPLIC~1\System Requirements Lab
[24/01/2006|20:41] C:\DOCUME~1\waelkens\APPLIC~1\Talkback
[19/07/2006|22:06] C:\DOCUME~1\waelkens\APPLIC~1\teamspeak2
[01/03/2007|18:02] C:\DOCUME~1\waelkens\APPLIC~1\Thunderbird
[24/01/2006|20:12] C:\DOCUME~1\waelkens\APPLIC~1\TuneUp Software
[05/11/2008|19:00] C:\DOCUME~1\waelkens\APPLIC~1\uTorrent
[16/11/2008|20:56] C:\DOCUME~1\waelkens\APPLIC~1\vlc
[18/11/2007|15:15] C:\DOCUME~1\waelkens\APPLIC~1\Vso
[16/03/2006|20:07] C:\DOCUME~1\waelkens\APPLIC~1\Xfire
[28/07/2008|05:56] C:\DOCUME~1\waelkens\APPLIC~1\Yahoo!
[26/01/2005|13:08] C:\DOCUME~1\waelkens\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[18/11/2008 07:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[21/11/2008 17:29][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[23/11/2008 12:35][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[02/07/2008|10:48] C:\Program Files\7-Zip
[21/04/2006|18:46] C:\Program Files\Adobe
[20/11/2008|15:41] C:\Program Files\adslTV
[31/05/2008|10:47] C:\Program Files\AdVantage
[07/03/2008|18:49] C:\Program Files\AGEIA Technologies
[25/01/2005|17:31] C:\Program Files\Ahead
[26/03/2007|20:19] C:\Program Files\AIDA32 - Personal System Information
[20/01/2008|16:01] C:\Program Files\AIST
[03/11/2007|19:57] C:\Program Files\Alcohol Soft
[31/08/2007|19:55] C:\Program Files\Alwil Software
[25/01/2006|06:07] C:\Program Files\AOL 9.0
[26/01/2005|13:08] C:\Program Files\AOL Compagnon
[03/05/2007|20:02] C:\Program Files\AOL Toolbar
[15/10/2008|10:44] C:\Program Files\Apple Software Update
[05/02/2006|20:04] C:\Program Files\ASCII
[10/07/2008|11:54] C:\Program Files\ATI Technologies
[27/07/2008|11:47] C:\Program Files\Audacity
[02/05/2006|15:52] C:\Program Files\AV VCS 3.0
[07/05/2007|10:36] C:\Program Files\AvantGo Connect
[11/02/2008|19:18] C:\Program Files\AviSynth 2.5
[10/01/2007|18:06] C:\Program Files\Beston
[15/10/2008|16:49] C:\Program Files\BitComet
[15/10/2008|10:48] C:\Program Files\Bonjour
[10/02/2006|16:37] C:\Program Files\CA
[20/01/2005|17:50] C:\Program Files\Cardreader Software
[28/09/2008|07:41] C:\Program Files\Combined Community Codec Pack
[01/05/2008|11:29] C:\Program Files\Common Files
[20/01/2005|14:31] C:\Program Files\ComPlus Applications
[24/10/2006|22:20] C:\Program Files\Creative
[05/02/2005|18:40] C:\Program Files\CyberLink
[14/04/2008|11:25] C:\Program Files\DAEMON Tools Pro
[15/10/2008|18:08] C:\Program Files\DaemonTools_WhenUSave_Installer
[17/04/2006|12:40] C:\Program Files\directx
[14/11/2008|23:20] C:\Program Files\DivX
[23/09/2008|15:47] C:\Program Files\Dofus
[28/03/2007|13:15] C:\Program Files\DVD Decrypter
[10/06/2006|16:01] C:\Program Files\Eidos
[02/03/2008|13:51] C:\Program Files\Elaborate Bytes
[07/03/2008|19:04] C:\Program Files\Electronic Arts
[23/09/2008|18:46] C:\Program Files\eMule
[26/01/2005|10:23] C:\Program Files\Encarta
[14/07/2007|08:36] C:\Program Files\EPSON
[15/10/2008|17:40] C:\Program Files\eRightSoft
[23/11/2008|12:32] C:\Program Files\Fichiers communs
[26/04/2007|23:04] C:\Program Files\FLV Player
[03/11/2006|00:58] C:\Program Files\Futuremark
[10/07/2006|18:02] C:\Program Files\GameShadow
[23/09/2008|18:48] C:\Program Files\Garena
[06/02/2007|19:45] C:\Program Files\Google
[24/02/2007|11:05] C:\Program Files\Gothic III
[31/05/2008|10:46] C:\Program Files\Gpotato.eu
[23/09/2008|18:48] C:\Program Files\Guitar Pro 5
[25/03/2007|20:50] C:\Program Files\Home Cinema
[19/11/2007|20:38] C:\Program Files\ImgBurn
[21/11/2008|11:11] C:\Program Files\InstallShield Installation Information
[20/01/2005|15:49] C:\Program Files\Intel
[18/03/2007|11:53] C:\Program Files\interMute
[12/03/2006|20:30] C:\Program Files\Internet Download Manager
[18/10/2008|22:23] C:\Program Files\Internet Explorer
[15/10/2008|10:49] C:\Program Files\iPod
[25/10/2006|10:50] C:\Program Files\iPod(2)
[04/11/2007|13:14] C:\Program Files\ISOpen
[15/10/2008|10:49] C:\Program Files\iTunes
[25/10/2006|10:50] C:\Program Files\iTunes(2)
[29/11/2007|17:06] C:\Program Files\IVT Corporation
[11/07/2008|11:45] C:\Program Files\Java
[08/03/2007|22:25] C:\Program Files\JeffProd
[08/09/2007|17:17] C:\Program Files\Jeux classiques
[02/07/2008|11:03] C:\Program Files\K-Lite Codec Pack
[15/10/2008|18:07] C:\Program Files\Kodak
[20/11/2008|09:56] C:\Program Files\Lavasoft
[26/01/2005|13:08] C:\Program Files\Learn2.com
[09/06/2007|21:53] C:\Program Files\LeechGet 2007
[26/07/2007|11:27] C:\Program Files\LitexMedia
[21/09/2008|12:33] C:\Program Files\Ludiclub
[22/09/2008|17:21] C:\Program Files\ma-config.com
[30/11/2007|20:14] C:\Program Files\MagicISO
[26/12/2007|14:46] C:\Program Files\MarkAny
[03/06/2007|18:32] C:\Program Files\Maxis
[26/01/2005|19:10] C:\Program Files\Medion
[17/08/2008|00:19] C:\Program Files\Messenger
[24/09/2008|10:14] C:\Program Files\Messenger Plus! Live
[03/02/2007|22:57] C:\Program Files\MessengerPlus! 3
[17/04/2006|12:40] C:\Program Files\Microids
[07/05/2007|10:36] C:\Program Files\Microsoft ActiveSync
[26/01/2005|10:25] C:\Program Files\Microsoft AutoRoute
[20/01/2005|14:33] C:\Program Files\microsoft frontpage
[16/01/2007|20:58] C:\Program Files\Microsoft Games
[26/01/2005|10:19] C:\Program Files\Microsoft Money 2005
[10/09/2008|20:13] C:\Program Files\Microsoft Office
[14/07/2008|00:14] C:\Program Files\Microsoft SDKs
[11/11/2007|20:01] C:\Program Files\Microsoft SQL Server
[14/07/2008|00:19] C:\Program Files\Microsoft SQL Server Compact Edition
[14/07/2008|00:19] C:\Program Files\Microsoft Synchronization Services
[05/02/2005|17:04] C:\Program Files\Microsoft Visual Studio
[26/09/2008|12:56] C:\Program Files\Microsoft Visual Studio 9.0
[03/05/2007|20:02] C:\Program Files\Microsoft Works
[26/01/2005|10:13] C:\Program Files\Microsoft Works Suite 2005
[21/10/2008|14:16] C:\Program Files\Morgan
[11/02/2008|19:36] C:\Program Files\Movie Maker
[23/11/2008|14:22] C:\Program Files\Mozilla Firefox
[07/11/2008|22:22] C:\Program Files\Mozilla Thunderbird
[11/03/2007|15:08] C:\Program Files\MP3 Player Utilities 3.68
[14/07/2008|00:10] C:\Program Files\MSBuild
[10/09/2008|20:12] C:\Program Files\MSECache
[14/03/2006|20:05] C:\Program Files\MSN
[20/01/2005|14:31] C:\Program Files\MSN Gaming Zone
[16/11/2006|21:52] C:\Program Files\MSXML 4.0
[14/07/2008|00:09] C:\Program Files\MSXML 6.0
[22/12/2007|08:02] C:\Program Files\Musicmatch
[26/01/2005|19:43] C:\Program Files\muvee Technologies
[22/11/2008|17:04] C:\Program Files\Navilog1
[19/08/2007|14:14] C:\Program Files\Navirad_UserTool
[25/02/2007|01:59] C:\Program Files\NetBattle
[01/09/2006|16:25] C:\Program Files\NetMeeting
[21/01/2007|19:37] C:\Program Files\Ocean Technology
[05/02/2005|17:50] C:\Program Files\OfficeUpdate11
[13/06/2007|21:05] C:\Program Files\Outlook Express
[11/11/2007|23:45] C:\Program Files\PaintStar
[16/06/2008|18:32] C:\Program Files\Picture It! Premium 10
[07/05/2007|11:17] C:\Program Files\POI-Warner GoPal Edition
[07/05/2007|11:33] C:\Program Files\POI-Warner POI-Data
[10/06/2007|19:41] C:\Program Files\PokerStars
[21/01/2007|22:30] C:\Program Files\PowerPoint Viewer
[16/01/2007|17:57] C:\Program Files\Project64 1.6
[15/10/2008|10:47] C:\Program Files\QuickTime
[26/01/2005|19:29] C:\Program Files\RALINK
[26/01/2005|11:44] C:\Program Files\Real
[14/07/2008|00:10] C:\Program Files\Reference Assemblies
[18/10/2008|13:20] C:\Program Files\Rippackv3
[11/07/2006|00:15] C:\Program Files\Rockstar Games
[29/10/2008|13:41] C:\Program Files\RomStation
[20/10/2006|18:43] C:\Program Files\RPG Maker 2003Projet 1
[03/11/2006|11:45] C:\Program Files\S2SaTstrat
[04/04/2007|15:50] C:\Program Files\SAGEM
[25/02/2007|01:58] C:\Program Files\SAGEM(2)
[26/12/2007|14:45] C:\Program Files\Samsung
[12/02/2007|15:04] C:\Program Files\Securitoo
[14/07/2006|09:16] C:\Program Files\SEIKO EPSON Corp
[20/01/2005|14:32] C:\Program Files\Services en ligne
[09/07/2008|18:37] C:\Program Files\Sierra On-Line
[03/02/2006|13:47] C:\Program Files\Singles
[21/01/2007|21:47] C:\Program Files\Skype
[14/06/2007|14:48] C:\Program Files\SlySoft
[05/10/2006|16:53] C:\Program Files\Smart Projects
[03/05/2007|20:02] C:\Program Files\Softwin
[03/01/2008|14:33] C:\Program Files\Soldier of Fortune II - Double Helix
[22/12/2007|08:05] C:\Program Files\Sony
[11/11/2007|19:58] C:\Program Files\Sony Setup
[23/09/2008|18:47] C:\Program Files\Sports Interactive
[24/08/2006|15:15] C:\Program Files\Spybot - Search & Destroy
[19/08/2007|14:12] C:\Program Files\Spyware-Secure
[22/08/2006|15:15] C:\Program Files\SteamKeyFr
[27/07/2008|11:46] C:\Program Files\Steinberg
[26/01/2005|13:08] C:\Program Files\TechCity Solutions
[12/03/2007|23:58] C:\Program Files\The All-Seeing Eye
[19/10/2006|18:49] C:\Program Files\The Game Creators
[18/11/2007|10:04] C:\Program Files\The Witcher
[26/01/2007|18:15] C:\Program Files\THQ
[09/06/2007|22:10] C:\Program Files\TrueDownloader
[06/07/2007|16:28] C:\Program Files\TuneUp Utilities 2006
[11/11/2007|20:01] C:\Program Files\Uninstall Information
[16/02/2006|22:08] C:\Program Files\UnrealTournament
[27/04/2007|18:30] C:\Program Files\uTorrent
[14/07/2008|13:50] C:\Program Files\Valve
[21/04/2007|11:00] C:\Program Files\VideoLAN
[25/09/2006|16:04] C:\Program Files\VideoMach-2.7.2
[21/01/2007|22:30] C:\Program Files\VideoMach-3.3.4
[09/05/2008|08:50] C:\Program Files\VirtualDJ
[03/05/2007|20:02] C:\Program Files\VuPassword
[23/11/2008|12:37] C:\Program Files\Wanadoo
[02/10/2008|15:49] C:\Program Files\Warcraft III
[31/05/2008|10:47] C:\Program Files\Webteh
[21/10/2006|11:09] C:\Program Files\WinAVI MP4 Converter
[20/01/2005|17:43] C:\Program Files\Winbond Electronics Corp
[20/01/2005|14:36] C:\Program Files\Windows Journal Viewer
[15/03/2008|10:06] C:\Program Files\Windows Live
[10/01/2007|17:56] C:\Program Files\Windows Media Components
[05/01/2007|22:23] C:\Program Files\Windows Media Connect
[02/03/2008|13:53] C:\Program Files\Windows Media Connect 2
[30/07/2008|14:01] C:\Program Files\Windows Media Player
[21/03/2007|20:24] C:\Program Files\Windows NT
[29/04/2006|12:02] C:\Program Files\WindowsUpdate
[19/08/2007|14:13] C:\Program Files\WinDriver Ghost
[17/02/2006|20:23] C:\Program Files\WinISO
[07/06/2007|18:51] C:\Program Files\WinRAR
[27/02/2007|06:27] C:\Program Files\wmv_vcm
[05/02/2005|18:14] C:\Program Files\X10 Hardware
[20/01/2005|14:33] C:\Program Files\xerox
[21/01/2007|22:30] C:\Program Files\Xfire
[27/07/2008|19:52] C:\Program Files\Yahoo!
[31/05/2008|10:45] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[14/06/2007|16:04] C:\Program Files\Fichiers communs\Adobe
[25/01/2005|17:30] C:\Program Files\Fichiers communs\Ahead
[26/01/2005|13:08] C:\Program Files\Fichiers communs\AOL
[05/02/2005|19:54] C:\Program Files\Fichiers communs\aolshare
[15/10/2008|10:46] C:\Program Files\Fichiers communs\Apple
[19/10/2006|18:50] C:\Program Files\Fichiers communs\Bcgsoft
[21/11/2008|11:39] C:\Program Files\Fichiers communs\Blizzard Entertainment
[20/01/2005|17:43] C:\Program Files\Fichiers communs\Borland Shared
[26/01/2005|10:16] C:\Program Files\Fichiers communs\Designer
[08/02/2006|21:48] C:\Program Files\Fichiers communs\DirectX
[14/07/2006|08:56] C:\Program Files\Fichiers communs\EPSON
[30/09/2006|15:36] C:\Program Files\Fichiers communs\InstallShield
[25/01/2005|16:25] C:\Program Files\Fichiers communs\Java
[27/02/2008|15:23] C:\Program Files\Fichiers communs\Kodak
[03/11/2007|17:27] C:\Program Files\Fichiers communs\LightScribe
[15/10/2007|16:58] C:\Program Files\Fichiers communs\MAGIX Shared
[18/10/2008|14:48] C:\Program Files\Fichiers communs\Microsoft Shared
[20/01/2005|14:32] C:\Program Files\Fichiers communs\MSSoap
[26/01/2005|19:43] C:\Program Files\Fichiers communs\muvee Technologies
[18/03/2006|18:00] C:\Program Files\Fichiers communs\NSV
[26/01/2005|13:08] C:\Program Files\Fichiers communs\Nullsoft
[20/01/2005|15:26] C:\Program Files\Fichiers communs\ODBC
[14/07/2007|08:39] C:\Program Files\Fichiers communs\Python
[02/07/2008|11:01] C:\Program Files\Fichiers communs\Real
[20/01/2005|14:32] C:\Program Files\Fichiers communs\Services
[21/01/2007|21:47] C:\Program Files\Fichiers communs\Skype
[06/06/2006|10:02] C:\Program Files\Fichiers communs\Softwin
[20/01/2005|15:26] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|21:05] C:\Program Files\Fichiers communs\System
[05/06/2006|20:51] C:\Program Files\Fichiers communs\SystemRequirementsLab
[15/03/2008|10:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[20/11/2008|09:56] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 67 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-23 15:49:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1413

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]

--------------------\\ ROGUES ..

C:\PROGRA~1\Spyware-Secure

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010425_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010425_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010426_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010426_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010428_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010428_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010429_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010429_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010430_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010430_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123643_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123643_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123644_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123644_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123650_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123650_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123934_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123934_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123935_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123935_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123937_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123937_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123938_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123938_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124330_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124330_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124331_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124331_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124337_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124337_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124344_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124344_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124349_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124349_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124350_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124350_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124356_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124356_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124402_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124402_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124403_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124403_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124427_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124427_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124428_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124428_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124434_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124434_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124435_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124435_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124441_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124441_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131037_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131037_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131038_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131038_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131042_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131042_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131043_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131043_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131354_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131354_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131355_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131355_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131401_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131401_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131402_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131402_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131403_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131403_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131404_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131404_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Mes documents\Mes fichiers reçus\Corona DJ - Move The Sound (Crack Dub Mix).mp3


[F:19][D:4]-> C:\DOCUME~1\waelkens\LOCALS~1\Temp
[F:284][D:0]-> C:\DOCUME~1\waelkens\Cookies
[F:103][D:12]-> C:\DOCUME~1\waelkens\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 23/11/2008|14:29 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 23/11/2008|15:51 - Option : [2]

--------------------\\ Fin du rapport a 15:51:26
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
23 nov. 2008 à 21:24
Bonsoir,


Télécharge Toolbar-S&D (Team IDN) sur ton Bureau :

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

=======================
Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\yannickk_1.vob

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

0
CaptainZack
24 nov. 2008 à 10:34
Bonjour,


-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : waelkens ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081122-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:68 Go (Free:8 Go)
E:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
F:\ (Local Disk) - NTFS - Total:149 Go (Free:40 Go)
G:\ (CD or DVD)
H:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
I:\ (CD or DVD)
K:\ (USB)
L:\ (USB)
M:\ (USB)
O:\ (CD or DVD)
P:\ (CD or DVD)
S:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 23/11/2008|22:42 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\WINDOWS\iun6002.exe

-----------\\ Extensions

(waelkens) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"First Home Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]

--------------------\\ ROGUES ..

C:\PROGRA~1\Spyware-Secure

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010425_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010425_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010426_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010426_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010428_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010428_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010429_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010429_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010430_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010430_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123643_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123643_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123644_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123644_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123650_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123650_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123934_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123934_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123935_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123935_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123937_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123937_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123938_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123938_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124330_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124330_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124331_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124331_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124337_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124337_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124344_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124344_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124349_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124349_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124350_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124350_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124356_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124356_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124402_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124402_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124403_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124403_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124427_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124427_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124428_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124428_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124434_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124434_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124435_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124435_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124441_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124441_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131037_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131037_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131038_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131038_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131042_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131042_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131043_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131043_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131354_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131354_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131355_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131355_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131401_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131401_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131402_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131402_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131403_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131403_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131404_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131404_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Mes documents\Mes fichiers reçus\Corona DJ - Move The Sound (Crack Dub Mix).mp3



1 - "C:\ToolBar SD\TB_1.txt" - 23/11/2008|22:44 - Option : [1]

-----------\\ Fin du rapport a 22:44:18,40


-------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------

LE fichier yannickk_1.vob fait 529Mo et est apparement trop gros pour le site, car apres beaucoup d'attente j'ai eu ça : Bigger than max permited size / Mayor del tamaño máximo permitido
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
24 nov. 2008 à 10:57
Re,

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

=========================

fais le scan sur VirusTotal avec :


C:\yannickk.ifo

=========================

Télécharge sur ton bureau RogueRemover de RubbeR DuckY : https://www.malwarebytes.com/for-home/products/
Choisis un serveur à partir des "Download Locations" pour télécharger RogueRemover

* Créé le dossier C:\RogueRemover pour cela :
-- Ouvre le poste de travail
-- Ouvre le disque C
-- Clic sur le menu Fichier puis Nouveau puis Nouveau Dossier
-- Nomme-le RogueRemover
Décompresse RogueRemover.zip dans C:\RogueRemover
- Rends-toi dans le dossier C:\RogueRemover et double-clic sur le fichier RogueRemover.exe.
* Clic sur le bouton Scan et laisse toi guider.
* Lorsque le scan est terminé.
* Clic sur le bouton Save Log Files en bas, un fichier texte de type RRLogs1236.txt sera créé dans le dossier C:\RogueRemover.
Poste le contenu de ce rapport ici.

===================

J'espère que tu as conscience que ta politique de cracks fait de toi une cible privilégiée des infections.
0
CaptainZack
25 nov. 2008 à 10:53
-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : waelkens ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081123-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:68 Go (Free:8 Go)
E:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
F:\ (Local Disk) - NTFS - Total:149 Go (Free:40 Go)
G:\ (CD or DVD)
H:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
I:\ (CD or DVD)
K:\ (USB)
L:\ (USB)
M:\ (USB)
O:\ (CD or DVD)
P:\ (CD or DVD)
S:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 24/11/2008|12:00 )

-----------\\ SUPPRESSION

Supprime! - C:\WINDOWS\iun6002.exe

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(waelkens) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"First Home Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]

--------------------\\ ROGUES ..

C:\PROGRA~1\Spyware-Secure

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010425_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010425_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010426_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010426_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010428_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010428_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010429_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010429_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010430_iPod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-010430_iPod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123643_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123643_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123644_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123644_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123650_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123650_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123934_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123934_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123935_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123935_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123937_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123937_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123938_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-123938_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124330_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124330_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124331_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124331_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124337_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124337_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124344_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124344_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124349_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124349_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124350_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124350_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124356_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124356_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124402_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124402_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124403_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124403_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124427_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124427_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124428_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124428_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124434_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124434_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124435_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124435_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124441_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-124441_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131037_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131037_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131038_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131038_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131042_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131042_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131043_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131043_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131354_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131354_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131355_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131355_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131401_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131401_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131402_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131402_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131403_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131403_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131404_yannick-s-ipod.crash
C:\DOCUME~1\waelkens\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\yannick's ipod\ssh-keygen_2008-10-16-131404_yannick-s-ipod.plist
C:\DOCUME~1\waelkens\Mes documents\Mes fichiers reçus\Corona DJ - Move The Sound (Crack Dub Mix).mp3



1 - "C:\ToolBar SD\TB_1.txt" - 23/11/2008|22:44 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 24/11/2008|12:03 - Option : [2]

-----------\\ Fin du rapport a 12:03:12,82



----------------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------------



Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.24.3 2008.11.25 -
AntiVir 7.9.0.35 2008.11.25 -
Authentium 5.1.0.4 2008.11.24 -
Avast 4.8.1281.0 2008.11.24 -
AVG 8.0.0.199 2008.11.24 -
BitDefender 7.2 2008.11.25 -
CAT-QuickHeal 10.00 2008.11.25 -
ClamAV 0.94.1 2008.11.25 -
DrWeb 4.44.0.09170 2008.11.25 -
eSafe 7.0.17.0 2008.11.24 -
eTrust-Vet 31.6.6227 2008.11.25 -
Ewido 4.0 2008.11.24 -
F-Prot 4.4.4.56 2008.11.24 -
F-Secure 8.0.14332.0 2008.11.25 -
Fortinet 3.117.0.0 2008.11.25 -
GData 19 2008.11.25 -
Ikarus T3.1.1.45.0 2008.11.25 -
K7AntiVirus 7.10.532 2008.11.24 -
Kaspersky 7.0.0.125 2008.11.25 -
McAfee 5444 2008.11.24 -
McAfee+Artemis 5444 2008.11.24 -
Microsoft 1.4104 2008.11.25 -
NOD32 3637 2008.11.24 -
Norman 5.80.02 2008.11.24 -
Panda 9.0.0.4 2008.11.24 -
PCTools 4.4.2.0 2008.11.24 -
Prevx1 V2 2008.11.25 -
Rising 21.05.12.00 2008.11.25 -
SecureWeb-Gateway 6.7.6 2008.11.25 -
Sophos 4.35.0 2008.11.25 -
Sunbelt 3.1.1823.2 2008.11.22 -
Symantec 10 2008.11.25 -
TheHacker 6.3.1.1.162 2008.11.25 -
TrendMicro 8.700.0.1004 2008.11.25 -
VBA32 3.12.8.9 2008.11.24 -
ViRobot 2008.11.25.1484 2008.11.25 -
VirusBuster 4.5.11.0 2008.11.24 -
Information additionnelle
File size: 86016 bytes
MD5...: 1c99056e9bd8807e11ea0f78a787cfdd
SHA1..: 377f6e7b79fb10b152d064bc54e636ff81f72df7
SHA256: f9bb585ee2d0362b84fa66072fb17778f91a5cb61f48778ca7cc4820e4052d4b
SHA512: d6d4c4e6b6540b93472e351c9f12481e24c2c7845cb8f425b1a4961bb604641a
5a7d23c1922fc1857b388eb9ab8694ac59cbfb7dc73a533ccebdf293f21b900f
ssdeep: 1536:VVAD1qM8lrIR5e/ExX/0BB2Jwz486FAeqEpQozaIEb2:VVpUo2Jwzk/XUb
PEiD..: -
TrID..: File type identification
DVD Info file (100.0%)
PEInfo: -





--------------------------------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------------------------------------------

L'orsque que je veux télécharger RogueRemver, je vais sur le site que tu m'a donner je clic alors sur un des liens en dessous de :"Main application (English)"

et je ne tombe pas sur un fichier a dézipper mais directement sur un fichier install, (rr-free-setup.exe)
Je l'ai installer et fait un scan mais je n'est pas de "save logfile".





Ben non je n'en avais pas conscience avant que tu me le disais, c'est a dire; les sites ou je télécharges les carck no-cd sont peu recommandable ?



Merci de ton aide en tout cas .
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
25 nov. 2008 à 12:20
Bonjour,

Qu'on voit où on en est après tout ça :

- fais redémarrer l'ordi

- refais tourner RSIT (qui est sur ton Bureau) et poste le rapport.
0
CaptainZack
25 nov. 2008 à 12:30
Bonjour,


JE ne trouve pas de RSIT sur mon bureau :s
Enfin je l'ai peut-être mais pas sous le nom de RSIT sa correspond a quoi ? HijackThis


merci
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
25 nov. 2008 à 12:37
Re,

OK, ouvre C:\rsit, cherche rsit.exe et fais un double-clic pour le lancer.
0
CaptainZack
25 nov. 2008 à 12:42
Re,

Dans C:\rsit, j'ai info.txt, et log.txt, mais pas rsit.exe. :s
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
25 nov. 2008 à 14:03
Re,

alors il est sur ton Bureau comme demandé au post 1 :

================
Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.
0
CaptainZack
25 nov. 2008 à 15:03
Re,

Je n'enregistre pas mes fichiers télécharger sur le bureau, c'est pour ça qu'il n'y était pas.
voila le rapport :


Logfile of random's system information tool 1.04 (written by random/random)
Run by waelkens at 2008-11-25 14:58:44
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 7 GB (10%) free of 76 GB
Total RAM: 1023 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:59:02, on 25/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\WebCam\M1000\M1000Mnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SteamKeyFr\SteamKeyFr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\ISO\RSIT.exe
D:\Program Files\Trend Micro\HijackThis\waelkens.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Soirée pétanque\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SteamKeyFr] "C:\Program Files\SteamKeyFr\SteamKeyFr.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [TrueDownloaderAutoStart] C:\Program Files\TrueDownloader\TrueDownloader.exe /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Valve\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Download with TrueDownloader! - C:\Program Files\TrueDownloader\TrueDownloader.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.aldi.com/
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106243543703
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - http://phpadsnew.merco6.com/libraries/SOPCORE.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
26 nov. 2008 à 00:33
Re,

Copie ou imprime les instructions avant

Déconnecte toi d'internet et ferme toutes tes applications.

Désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

Driver::
a2tl4gdj
lac97inf

File::
C:\WINDOWS\system32\drivers\a2tl4gdj.sys
C:\DOCUME~1\waelkens\LOCALS~1\Temp\lac97inf.sys

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91AD9DC2-523A-47E2-A598-6C277F16CC50}]


Enregistre ce fichier sous le nom CFscript


Fait un glisser/déposer de ce fichier CFscript sur le fichier ComboFix.exe

Clique sur le fichier CFscript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFscrïpt vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Réactive ton parefeu, ton antivirus, la garde de ton antispyware

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.


Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

Attention : cette manip a été fait pour cet ordi. Tout réutilisation peut endommager sévèrement le système d'exploitation.
0