Sujet Précédent Sujet Suivant

Cid !?!?!?! Au secours

Fermé
liysa - 11 févr. 2009 à 01:07
 liysa - 17 févr. 2009 à 01:45
Bonjour,

Au secours ... Je me retrouve depuis quelques jours avec de nombreuses pubs CID qui envahissent mon ecran chaque jour ... Etant vraiment novice avec l'outil informatique je n'arrive pas a les supprimer .
Quelqu'un pour venir a mon aide ????


Rapport lopxpMH2 version 2.0 fait à 0:56:34.28 le Wed 02/11/2009
C:\Documents and Settings\LARGE ERIC\Local Settings\Temporary Internet Files\Content.IE5\5EOBBB7Q\lopxpMH2[1]\lopxpMH2

******************************************
## Répertoires Application Data

Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\All Users\Application Data

08/17/2004 06:19 AM <DIR> .
08/17/2004 06:19 AM <DIR> ..
04/07/2006 06:29 AM <DIR> Adobe
04/30/2006 09:45 AM <DIR> Brother
04/07/2006 06:31 AM <DIR> InstallShield
04/07/2006 06:24 AM <DIR> Intel
08/17/2004 06:19 AM <DIR> Microsoft
04/30/2006 06:43 AM <DIR> Motive
04/30/2006 06:30 AM <DIR> MotiveSysIDs
08/17/2004 06:36 AM <DIR> SBSI
05/04/2006 06:16 AM <DIR> WinAntiVirus Pro 2006
04/30/2006 07:50 AM <DIR> Windows Genuine Advantage
08/17/2004 06:19 AM 62 desktop.ini
04/07/2006 06:27 AM 4 QSLLPSVCShare
2 File(s) 66 bytes
12 Dir(s) 40,690,929,664 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\All Users.WINDOWS\Application Data

05/28/2006 03:14 PM <DIR> .
05/28/2006 03:14 PM <DIR> ..
06/09/2006 12:23 PM <DIR> Adobe
05/06/2008 06:22 AM <DIR> AntiVir PersonalEdition Classic
05/21/2007 11:01 PM <DIR> Apple Computer
05/28/2006 07:21 AM <DIR> Brother
12/28/2006 09:18 PM <DIR> eXPert PDF
12/28/2006 09:19 PM <DIR> eXPert PDF 4
12/28/2006 09:18 PM <DIR> eXPert PDF Jobs
09/15/2006 11:23 PM <DIR> Google
05/28/2006 06:50 AM <DIR> Intel
10/28/2008 07:42 PM <DIR> live 64 math does
10/28/2008 07:50 PM <DIR> Messenger Plus!
05/28/2006 03:14 PM <DIR> Microsoft
08/04/2006 09:38 AM <DIR> MSN Search Toolbar
01/25/2007 02:04 AM <DIR> program extra intra type
03/26/2008 10:26 AM <DIR> Skype
07/30/2007 10:41 AM <DIR> Sony Corporation
01/30/2007 05:39 AM <DIR> Windows Genuine Advantage
01/30/2007 07:38 AM <DIR> Windows Live Toolbar
08/07/2007 06:12 AM <DIR> WindowsLiveInstaller
08/07/2007 06:12 AM <DIR> WLInstaller
06/09/2006 12:28 PM <DIR> Yahoo! Companion
05/28/2006 03:14 PM 62 desktop.ini
03/26/2008 10:33 AM 32 ezsid.dat
07/25/2007 12:21 AM 51 Installer.log
07/31/2006 11:00 AM 0 ISx116.tmp
07/31/2006 11:03 AM 0 ISx117.tmp
07/31/2006 11:06 AM 0 ISx118.tmp
02/03/2007 12:21 AM 0 ISx1CE.tmp
03/12/2007 07:40 AM 0 ISx21C.tmp
03/12/2007 07:42 AM 0 ISx21D.tmp
03/12/2007 07:42 AM 0 ISx21E.tmp
03/12/2007 07:43 AM 0 ISx21F.tmp
03/12/2007 07:45 AM 0 ISx220.tmp
04/14/2007 05:08 AM 0 ISx272.tmp
04/14/2007 05:09 AM 0 ISx273.tmp
04/14/2007 05:11 AM 0 ISx274.tmp
07/21/2006 12:22 PM 0 ISx35.tmp
11/20/2007 08:02 AM 0 ISx500.tmp
06/30/2006 09:31 AM 0 ISxC6.tmp
05/21/2007 11:14 PM 1,755 QTSBandwidthCache
19 File(s) 1,900 bytes
23 Dir(s) 40,690,929,664 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\Default User\Application Data

08/17/2004 06:19 AM <DIR> .
08/17/2004 06:19 AM <DIR> ..
04/30/2006 06:20 AM <DIR> Identities
04/30/2006 06:20 AM <DIR> Intel
08/17/2004 06:19 AM <DIR> Microsoft
04/30/2006 06:20 AM <DIR> Sun
08/17/2004 06:19 AM 62 desktop.ini
1 File(s) 62 bytes
6 Dir(s) 40,690,925,568 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\Default User\Local Settings\Application Data

08/17/2004 06:19 AM <DIR> .
08/17/2004 06:19 AM <DIR> ..
04/30/2006 06:20 AM <DIR> {7148F0A6-6813-11D6-A77B-00B0D0142030}
04/30/2006 06:20 AM <DIR> ApplicationHistory
04/30/2006 06:20 AM <DIR> BVRP Software
08/17/2004 06:26 AM <DIR> Microsoft
04/30/2006 06:20 AM 128 fusioncache.dat
04/30/2006 06:20 AM 2,698,302 IconCache.db
2 File(s) 2,698,430 bytes
6 Dir(s) 40,690,925,568 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\Default User.WINDOWS\Application Data

05/28/2006 03:14 PM <DIR> .
05/28/2006 03:14 PM <DIR> ..
05/28/2006 03:14 PM <DIR> Microsoft
05/28/2006 03:14 PM 62 desktop.ini
1 File(s) 62 bytes
3 Dir(s) 40,690,925,568 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\Default User.WINDOWS\Local Settings\Application Data

05/28/2006 03:14 PM <DIR> .
05/28/2006 03:14 PM <DIR> ..
05/28/2006 06:29 AM <DIR> Microsoft
0 File(s) 0 bytes
3 Dir(s) 40,690,925,568 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\LARGE ERIC\Application Data

05/28/2006 06:37 AM <DIR> .
05/28/2006 06:37 AM <DIR> ..
06/09/2006 12:09 PM <DIR> Adobe
06/09/2006 12:26 PM <DIR> AdobeAUM
06/09/2006 12:26 PM <DIR> AdobeUM
09/22/2007 04:18 AM <DIR> AlertInfo
05/21/2007 11:04 PM <DIR> Apple Computer
02/05/2009 08:02 PM <DIR> Blender Foundation
05/28/2006 08:18 AM <DIR> Brother
05/31/2006 07:39 AM <DIR> dvdcss
12/28/2006 09:19 PM <DIR> eXPert PDF Editor
05/28/2006 11:51 PM <DIR> Google
10/28/2008 07:41 PM <DIR> gridbasedog
11/03/2007 01:10 AM <DIR> gtk-2.0
06/04/2006 08:57 PM <DIR> Help
05/28/2006 06:37 AM <DIR> Identities
05/28/2006 06:51 AM <DIR> Intel
06/09/2006 01:17 PM <DIR> Leadertech
05/28/2006 07:39 AM <DIR> Macromedia
05/02/2008 01:29 PM <DIR> MessengerSkinner
05/28/2006 06:37 AM <DIR> Microsoft
08/04/2006 09:40 AM <DIR> MSN Search Toolbar
05/28/2006 11:17 AM <DIR> MSNInstaller
05/22/2007 12:32 AM <DIR> MusicIP
04/15/2007 09:30 AM <DIR> OpenOffice.org2
03/26/2008 10:28 AM <DIR> Skype
03/26/2008 10:33 AM <DIR> skypePM
07/30/2007 10:40 AM <DIR> Sony Corporation
05/28/2006 11:51 PM <DIR> Sun
07/05/2008 07:18 PM <DIR> U3
05/31/2006 07:39 AM <DIR> vlc
10/29/2007 06:23 AM <DIR> Windows Desktop Search
11/04/2008 08:17 AM <DIR> Windows Live Writer
11/10/2008 10:14 PM <DIR> Yahoo!
06/09/2006 12:09 PM 700 AdobeDLM.log
05/28/2006 06:37 AM 62 desktop.ini
06/09/2006 12:09 PM 0 dm.ini
3 File(s) 762 bytes
34 Dir(s) 40,690,925,568 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\LARGE ERIC\Local Settings\Application Data

05/28/2006 06:37 AM <DIR> .
05/28/2006 06:37 AM <DIR> ..
06/09/2006 12:27 PM <DIR> Adobe
08/22/2006 10:23 AM <DIR> Ahead
05/21/2007 11:04 PM <DIR> Apple Computer
05/28/2006 11:51 PM <DIR> Google
06/04/2006 08:57 PM <DIR> Help
05/28/2006 12:56 PM <DIR> Identities
05/29/2006 10:35 AM <DIR> Logitech-LS
05/28/2006 06:37 AM <DIR> Microsoft
08/24/2008 06:58 PM <DIR> Neuf
08/08/2007 10:11 PM <DIR> PCHealth
11/04/2008 08:16 AM <DIR> Windows Live Writer
08/25/2006 01:12 AM <DIR> WMTools Downloaded Files
06/30/2006 09:32 AM 217,088 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
05/28/2006 06:37 AM 22,936 GDIPFONTCACHEV1.DAT
01/25/2009 05:55 PM 2,913 guayi.dat
01/25/2009 05:55 PM 244,224 guayi.exe
01/25/2009 05:55 PM 335,064 guayi_nav.dat
01/25/2009 05:55 PM 1,895 guayi_navps.dat
05/28/2006 06:44 AM 4,839,812 IconCache.db
11/15/2008 06:56 PM 330,240 mgceoia.exe
01/26/2009 08:15 AM 2,913 qmcwa.dat
01/26/2009 08:14 AM 258,048 qmcwa.exe
01/26/2009 08:15 AM 328,966 qmcwa_nav.dat
01/26/2009 08:15 AM 320 qmcwa_navps.dat
01/29/2009 07:21 AM 2,915 sceceqm.dat
01/29/2009 07:20 AM 270,336 sceceqm.exe
01/29/2009 07:21 AM 335,064 sceceqm_nav.dat
01/29/2009 07:21 AM 631 sceceqm_navps.dat
01/23/2009 09:39 PM 2,915 uaowmuo.dat
01/23/2009 09:38 PM 251,392 uaowmuo.exe
01/23/2009 09:39 PM 335,064 uaowmuo_nav.dat
01/23/2009 09:39 PM 1,023 uaowmuo_navps.dat
01/21/2009 11:05 AM 2,905 weicgso.dat
01/21/2009 11:05 AM 225,280 weicgso.exe
01/21/2009 11:05 AM 335,064 weicgso_nav.dat
01/21/2009 11:05 AM 452 weicgso_navps.dat
24 File(s) 8,347,460 bytes
14 Dir(s) 40,690,921,472 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\large_eric\Application Data

04/30/2006 06:21 AM <DIR> .
04/30/2006 06:21 AM <DIR> ..
04/30/2006 11:22 AM <DIR> Adobe
04/30/2006 12:42 PM <DIR> CyberLink
04/30/2006 07:19 AM <DIR> Google
04/30/2006 06:21 AM <DIR> Identities
04/30/2006 06:21 AM <DIR> Intel
04/30/2006 06:30 AM <DIR> Macromedia
04/30/2006 06:21 AM <DIR> Microsoft
04/30/2006 08:56 AM <DIR> Netscape
05/24/2006 11:52 AM <DIR> Real
04/30/2006 06:21 AM <DIR> Sun
05/04/2006 06:16 AM <DIR> WinAntiVirus Pro 2006
04/30/2006 06:21 AM 62 desktop.ini
1 File(s) 62 bytes
13 Dir(s) 40,690,921,472 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\large_eric\Local Settings\Application Data

04/30/2006 06:21 AM <DIR> .
04/30/2006 06:21 AM <DIR> ..
04/30/2006 06:21 AM <DIR> {7148F0A6-6813-11D6-A77B-00B0D0142030}
04/30/2006 11:22 AM <DIR> Adobe
04/30/2006 06:21 AM <DIR> ApplicationHistory
04/30/2006 06:21 AM <DIR> BVRP Software
04/30/2006 08:41 AM <DIR> Google
04/30/2006 06:46 AM <DIR> Identities
05/07/2006 10:26 AM <DIR> Logitech-LS
04/30/2006 06:21 AM <DIR> Microsoft
04/30/2006 12:42 PM <DIR> PowerDVD
04/30/2006 06:21 AM 133 fusioncache.dat
04/30/2006 07:05 AM 25,488 GDIPFONTCACHEV1.DAT
04/30/2006 06:21 AM 4,829,174 IconCache.db
3 File(s) 4,854,795 bytes
11 Dir(s) 40,690,921,472 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\LISIANA MANDER\Application Data

05/28/2006 08:37 AM <DIR> .
05/28/2006 08:37 AM <DIR> ..
08/17/2006 12:48 AM <DIR> Adobe
10/01/2006 06:18 AM <DIR> Google
05/28/2006 08:38 AM <DIR> Identities
05/28/2006 08:38 AM <DIR> Intel
06/28/2006 03:19 PM <DIR> Macromedia
05/28/2006 08:37 AM <DIR> Microsoft
08/17/2006 12:46 AM <DIR> MSN Search Toolbar
08/17/2006 12:50 AM <DIR> Sun
01/26/2008 12:05 PM <DIR> Windows Desktop Search
05/28/2006 08:37 AM 62 desktop.ini
1 File(s) 62 bytes
11 Dir(s) 40,690,917,376 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\LISIANA MANDER\Local Settings\Application Data

05/28/2006 08:37 AM <DIR> .
05/28/2006 08:37 AM <DIR> ..
06/28/2006 03:19 PM <DIR> Google
01/26/2008 12:06 PM <DIR> Identities
05/28/2006 08:37 AM <DIR> Microsoft
01/26/2008 12:06 PM 22,352 GDIPFONTCACHEV1.DAT
05/28/2006 08:40 AM 3,233,934 IconCache.db
2 File(s) 3,256,286 bytes
5 Dir(s) 40,690,917,376 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\LocalService\Application Data

08/17/2004 06:31 AM <DIR> .
08/17/2004 06:31 AM <DIR> ..
08/17/2004 06:31 AM <DIR> Microsoft
0 File(s) 0 bytes
3 Dir(s) 40,690,917,376 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\LocalService\Local Settings\Application Data

08/17/2004 06:31 AM <DIR> .
08/17/2004 06:31 AM <DIR> ..
08/17/2004 06:31 AM <DIR> Microsoft
0 File(s) 0 bytes
3 Dir(s) 40,690,917,376 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data

05/28/2006 06:35 AM <DIR> .
05/28/2006 06:35 AM <DIR> ..
10/29/2007 08:34 AM <DIR> Adobe
05/28/2006 06:35 AM <DIR> Microsoft
0 File(s) 0 bytes
4 Dir(s) 40,690,917,376 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data

05/28/2006 06:35 AM <DIR> .
05/28/2006 06:35 AM <DIR> ..
10/29/2007 08:34 AM <DIR> Adobe
05/28/2006 06:35 AM <DIR> Microsoft
0 File(s) 0 bytes
4 Dir(s) 40,690,917,376 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\NetworkService\Application Data

08/17/2004 06:31 AM <DIR> .
08/17/2004 06:31 AM <DIR> ..
05/20/2006 01:11 PM <DIR> Intel
08/17/2004 06:31 AM <DIR> Microsoft
0 File(s) 0 bytes
4 Dir(s) 40,690,917,376 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\NetworkService\Local Settings\Application Data

08/17/2004 06:31 AM <DIR> .
08/17/2004 06:31 AM <DIR> ..
08/17/2004 06:31 AM <DIR> Microsoft
0 File(s) 0 bytes
3 Dir(s) 40,690,917,376 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data

05/28/2006 06:34 AM <DIR> .
05/28/2006 06:34 AM <DIR> ..
05/28/2006 07:42 AM <DIR> Intel
05/28/2006 06:34 AM <DIR> Microsoft
0 File(s) 0 bytes
4 Dir(s) 40,690,913,280 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data

05/28/2006 06:34 AM <DIR> .
05/28/2006 06:34 AM <DIR> ..
05/28/2006 06:34 AM <DIR> Microsoft
01/14/2009 03:01 AM <DIR> PCHealth
0 File(s) 0 bytes
4 Dir(s) 40,690,913,280 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\WINDOWS\system32\config\systemprofile\Application Data

08/17/2004 06:30 AM <DIR> .
08/17/2004 06:30 AM <DIR> ..
04/30/2006 06:20 AM <DIR> Identities
04/07/2006 06:24 AM <DIR> Intel
08/17/2004 06:30 AM <DIR> Microsoft
04/30/2006 06:20 AM <DIR> Sun
05/28/2006 06:33 AM 62 desktop.ini
1 File(s) 62 bytes
6 Dir(s) 40,690,913,280 bytes free
Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

08/17/2004 06:30 AM <DIR> .
08/17/2004 06:30 AM <DIR> ..
04/30/2006 06:20 AM <DIR> {7148F0A6-6813-11D6-A77B-00B0D0142030}
04/30/2006 06:20 AM <DIR> ApplicationHistory
04/30/2006 06:20 AM <DIR> BVRP Software
08/17/2004 06:30 AM <DIR> Microsoft
10/09/2007 12:07 AM <DIR> WindowsLiveInstaller
0 File(s) 0 bytes
7 Dir(s) 40,690,913,280 bytes free

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks


C:\WINDOWS\Tasks\ACC21AF492318384.job
 àýåq_’ËAº¤¢=G±Y&F Þ <
s  "€!Ù  . 6 c : \ d o c u m e ~ 1 \ l a r g e e ~ 1 \ a p p l i c ~ 1 \ g r i d b a ~ 1 \ C o p y C a m p 0 1 . e x e L A R G E E R I C   0 Ì


C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
 ÉDnYC¤½ƒâ¯× F ê <
s  €!Ù     : C : \ P r o g r a m F i l e s \ A p p l e S o f t w a r e U p d a t e \ S o f t w a r e U p d a t e . e x e  - T a s k  S Y S T E M   0 ×     

C:\WINDOWS\Tasks\Vérifier
Vérifier inexploitable

******************************************
## Répertoires de C:\Program Files

Volume in drive C has no label.
Volume Serial Number is 5027-90EC

Directory of C:\Program Files

02/05/2009 08:08 PM <DIR> .
02/05/2009 08:08 PM <DIR> ..
09/15/2008 10:47 PM <DIR> A L'AISE BREIZH
01/05/2009 12:17 PM <DIR> Adobe
08/22/2006 10:08 AM <DIR> Ahead
09/22/2007 04:17 AM <DIR> AlertInfo
01/29/2009 07:31 AM <DIR> Antipub
08/23/2008 07:17 AM <DIR> AntiVir PersonalEdition Classic
06/21/2007 11:40 PM <DIR> Apple Software Update
07/25/2007 10:43 AM <DIR> Audacity
04/30/2006 06:56 AM <DIR> BB Security
02/05/2009 08:02 PM <DIR> Blender Foundation
05/28/2006 06:49 AM <DIR> Broadcom
05/28/2006 07:58 AM <DIR> Brother
06/11/2006 09:51 AM <DIR> bsb
03/26/2008 10:00 AM <DIR> BUFFALO
11/10/2008 10:20 PM <DIR> CA Yahoo! Anti-Spy
05/22/2007 02:14 AM <DIR> CCleaner
10/28/2008 07:41 PM <DIR> Circle Developement
01/14/2009 07:34 AM <DIR> Common Files
08/17/2004 06:25 AM <DIR> ComPlus Applications
04/07/2006 06:25 AM <DIR> CONEXANT
04/07/2006 06:28 AM <DIR> CyberLink
04/07/2006 06:29 AM <DIR> Dell
05/28/2006 06:47 AM <DIR> DIFX
04/07/2006 06:28 AM <DIR> Digital Line Detect
02/06/2009 05:09 PM <DIR> eMule
05/30/2006 11:53 AM <DIR> fohlen
01/18/2009 10:24 PM <DIR> Fun Web Products
01/18/2009 06:56 PM <DIR> FunWebProducts
01/19/2009 07:05 PM <DIR> Google
02/02/2009 01:28 PM <DIR> gridbasedog
04/07/2006 06:24 AM <DIR> Intel
04/07/2006 06:24 AM <DIR> Intel, Inc
01/16/2009 10:11 PM <DIR> Internet Explorer
06/21/2007 11:49 PM <DIR> iPod
06/21/2007 11:50 PM <DIR> iTunes
04/11/2008 02:43 AM <DIR> Java
01/12/2009 11:26 AM <DIR> JCA2000
12/26/2007 10:07 AM <DIR> JRA
11/14/2008 11:35 PM <DIR> listac
09/10/2007 02:06 AM <DIR> Logitech
08/24/2008 02:05 AM <DIR> Messenger
11/09/2008 06:19 PM <DIR> Messenger Plus! Live
05/02/2008 01:29 PM <DIR> MessengerSkinner
01/23/2009 09:24 PM <DIR> Microsoft
05/10/2007 08:35 PM <DIR> Microsoft CAPICOM 2.1.0.2
08/17/2004 06:27 AM <DIR> microsoft frontpage
11/27/2006 08:34 AM <DIR> Microsoft Office
10/29/2007 06:06 AM <DIR> Microsoft SQL Server Compact Edition
05/22/2006 04:28 AM <DIR> Modem Helper
05/28/2006 06:26 AM <DIR> Movie Maker
05/28/2006 07:01 AM <DIR> MSN
08/17/2004 06:24 AM <DIR> MSN Gaming Zone
02/20/2008 07:18 AM <DIR> MSN Messenger
01/30/2007 07:37 AM <DIR> MSN Toolbar Suite
11/17/2006 07:02 PM <DIR> MSXML 4.0
04/07/2006 06:33 AM <DIR> MyWaySA
06/13/2006 07:58 AM <DIR> MyWebSearch
05/28/2006 06:27 AM <DIR> NetMeeting
04/30/2006 08:53 AM <DIR> Netscape
04/07/2006 06:28 AM <DIR> NetWaiting
08/24/2008 06:56 PM <DIR> Neuf
05/28/2006 06:28 AM <DIR> Online Services
04/15/2007 09:26 AM <DIR> OpenOffice.org 2.2
06/13/2007 07:04 PM <DIR> Outlook Express
11/23/2006 02:26 AM <DIR> PhotoFiltre
05/21/2007 11:03 PM <DIR> QuickTime
08/03/2007 10:49 AM <DIR> RawFlow
04/07/2006 06:25 AM <DIR> Sigmatel
05/20/2008 01:31 PM <DIR> Skype
04/07/2006 06:31 AM <DIR> Sonic
07/30/2007 10:42 AM <DIR> Sony
05/28/2006 06:02 AM <DIR> SpySpotter3
02/05/2009 08:08 PM <DIR> Sweet Home 3D
04/07/2006 06:28 AM <DIR> Synaptics
04/07/2006 06:31 AM <DIR> Trend Micro
05/31/2006 07:38 AM <DIR> VideoLAN
08/23/2008 06:46 PM <DIR> Virtualis
12/28/2006 09:18 PM <DIR> Visagesoft
06/11/2006 10:01 AM <DIR> website
10/29/2007 06:08 AM <DIR> Windows Desktop Search
01/23/2009 09:32 PM <DIR> Windows Live
11/09/2007 03:57 AM <DIR> Windows Live Favorites
01/23/2009 09:22 PM <DIR> Windows Live SkyDrive
10/31/2007 07:02 PM <DIR> Windows Live Toolbar
05/22/2007 12:31 AM <DIR> Windows Media Player
05/28/2006 06:24 AM <DIR> Windows NT
07/30/2007 01:27 PM <DIR> WinZip
08/17/2004 06:27 AM <DIR> xerox
11/10/2008 10:14 PM <DIR> Yahoo!
04/30/2006 06:52 AM <DIR> Yahoo_BB
0 File(s) 0 bytes
92 Dir(s) 40,690,909,184 bytes free

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
www.rtl.fr REG_BINARY
msn.eurosport.fr REG_BINARY
chat5.x-echo.com REG_BINARY
*.vitalic.citizen-records.com REG_BINARY
www.francegalop.com REG_BINARY
www.mood.fr REG_BINARY
cache.yacast.fr/ REG_BINARY
webmessenger.msn.com/ REG_BINARY
entertainment.msn.com/radio REG_BINARY
my.msn.com/video REG_BINARY
betavideo.my.msn.com REG_BINARY
my.msn.com REG_BINARY
launchcast.launch.yahoo.com/radio REG_BINARY
stream1.adsertion.com/radio REG_BINARY
www.wlsam.com REG_BINARY
www.streamaudio.com REG_BINARY
windowsmedia.com REG_BINARY
www.kentucky.com/mld/kentucky REG_BINARY
player.nrj.fr REG_BINARY
tchat.orange.fr REG_BINARY
195.200.119.11 REG_BINARY
www.windowslive.fr REG_BINARY

* Mozilla Firefox (1 autorisé 2 interdit)

******************************************
## Registre

* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ https://actus.sfr.fr

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
MATH DOES FIRST MODE REG_SZ C:\Documents and Settings\All Users.WINDOWS\Application Data\live 64 math does\FLAW SUPPORT.exe

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
yyqgusm REG_SZ "c:\documents and settings\large eric\local settings\application data\yyqgusm.exe" yyqgusm
Plus Hold REG_SZ C:\DOCUME~1\LARGEE~1\APPLIC~1\GRIDBA~1\sendbuild.exe
weicgso REG_SZ "c:\documents and settings\large eric\local settings\application data\weicgso.exe" weicgso
uaowmuo REG_SZ "c:\documents and settings\large eric\local settings\application data\uaowmuo.exe" uaowmuo
guayi REG_SZ "c:\documents and settings\large eric\local settings\application data\guayi.exe" guayi
qmcwa REG_SZ "c:\documents and settings\large eric\local settings\application data\qmcwa.exe" qmcwa
sceceqm REG_SZ "c:\documents and settings\large eric\local settings\application data\sceceqm.exe" sceceqm

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


*************** Fin du rapport ****************

29 réponses

  • 1
  • 2
Réponse 1 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 01:09
Salut,

---> Télécharge Lop S&D sur ton Bureau.
---> Double-clique dessus pour lancer l'installation.
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
---> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
---> Patiente jusqu'à la fin du scan.
---> Poste le rapport généré (C:\lopR.txt).
0
liysa
11 févr. 2009 à 09:01
Merci beaucoup Destrio.

Voici le rapport :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03
USER : LARGE ERIC ( Administrator )
BOOT : Normal boot
Antivirus : ƒEƒCƒ‹ƒXƒoƒXƒ^[12 12.6.1048 (Activated)
Firewall : ƒEƒCƒ‹ƒXƒoƒXƒ^[12 (ƒp[ƒ\ƒiƒ‹ƒtƒ@ƒCƒAƒEƒH[ƒ‹) 12 (Activated)
C:\ (Local Disk) - NTFS - Total:88 Go (Free:37 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( Wed 02/11/2009| 8:53 )

--------------------\\ Listing des dossiers dans APPLIC~1

[04/07/2006|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[04/30/2006|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Brother
[04/07/2006|06:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[04/07/2006|06:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intel
[05/05/2006|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[04/30/2006|06:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Motive
[04/30/2006|06:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MotiveSysIDs
[08/17/2004|06:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[05/05/2006|04:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinAntiVirus Pro 2006
[04/30/2006|07:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage

[01/05/2009|12:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Adobe
[05/06/2008|06:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> AntiVir PersonalEdition Classic
[05/21/2007|11:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Apple Computer
[05/28/2006|07:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Brother
[12/28/2006|09:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> eXPert PDF
[12/28/2006|09:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> eXPert PDF 4
[12/28/2006|09:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> eXPert PDF Jobs
[01/19/2009|07:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Google
[05/28/2006|06:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Intel
[02/02/2009|01:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> live 64 math does
[10/28/2008|07:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Messenger Plus!
[01/14/2009|07:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Microsoft
[08/04/2006|09:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> MSN Search Toolbar
[05/06/2008|02:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> program extra intra type
[03/26/2008|10:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Skype
[07/30/2007|10:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Sony Corporation
[01/30/2007|05:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Windows Genuine Advantage
[01/30/2007|07:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Windows Live Toolbar
[01/23/2009|09:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> WindowsLiveInstaller
[03/22/2008|02:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> WLInstaller
[11/10/2008|10:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Yahoo! Companion

[08/17/2004|06:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[04/07/2006|06:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intel
[04/07/2006|06:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[04/07/2006|06:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun

[05/28/2006|06:29] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\<DIR> Microsoft

[03/12/2008|01:21] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Adobe
[06/09/2006|12:26] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> AdobeAUM
[12/16/2007|11:38] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> AdobeUM
[09/22/2007|05:19] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> AlertInfo
[05/21/2007|11:14] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Apple Computer
[02/05/2009|08:02] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Blender Foundation
[05/28/2006|08:18] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Brother
[07/27/2008|06:35] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> dvdcss
[12/28/2006|09:19] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> eXPert PDF Editor
[12/25/2006|10:19] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Google
[02/02/2009|01:29] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> gridbasedog
[12/07/2007|12:30] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> gtk-2.0
[06/04/2006|08:57] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Help
[10/29/2007|06:10] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Identities
[05/28/2006|06:51] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Intel
[06/09/2006|01:17] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Leadertech
[02/14/2007|07:12] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Macromedia
[05/02/2008|01:29] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> MessengerSkinner
[01/14/2009|07:32] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Microsoft
[08/04/2006|09:40] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> MSN Search Toolbar
[05/28/2006|11:18] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> MSNInstaller
[05/22/2007|12:32] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> MusicIP
[02/11/2009|08:21] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> OpenOffice.org2
[05/21/2008|11:11] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Skype
[05/21/2008|08:06] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> skypePM
[07/30/2007|10:46] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Sony Corporation
[05/28/2006|11:51] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Sun
[07/05/2008|08:04] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> U3
[05/31/2006|07:39] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> vlc
[10/29/2007|06:23] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Windows Desktop Search
[11/04/2008|08:17] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Windows Live Writer
[11/10/2008|10:14] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Yahoo!

[04/30/2006|11:22] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Adobe
[04/30/2006|12:42] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> CyberLink
[04/30/2006|07:19] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Google
[08/17/2004|06:31] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Identities
[04/07/2006|06:24] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Intel
[04/30/2006|06:30] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Macromedia
[05/01/2006|03:40] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Microsoft
[04/30/2006|08:56] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Netscape
[05/24/2006|11:52] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Real
[04/07/2006|06:22] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Sun
[05/04/2006|06:16] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> WinAntiVirus Pro 2006

[08/17/2006|12:49] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Adobe
[10/01/2006|06:18] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Google
[05/28/2006|08:38] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Identities
[05/28/2006|08:38] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Intel
[06/28/2006|03:19] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Macromedia
[01/26/2008|12:07] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Microsoft
[08/17/2006|12:46] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> MSN Search Toolbar
[08/17/2006|12:50] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Sun
[01/26/2008|12:05] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Windows Desktop Search

[08/17/2004|06:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[10/29/2007|08:34] C:\DOCUME~1\LOCALS~1.NTA\APPLIC~1\<DIR> Adobe
[10/29/2007|08:36] C:\DOCUME~1\LOCALS~1.NTA\APPLIC~1\<DIR> Microsoft

[05/20/2006|01:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Intel
[08/17/2004|06:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[05/28/2006|07:42] C:\DOCUME~1\NETWOR~1.NTA\APPLIC~1\<DIR> Intel
[05/28/2006|06:29] C:\DOCUME~1\NETWOR~1.NTA\APPLIC~1\<DIR> Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[02/11/2009 08:00 AM][--ah-----] C:\WINDOWS\tasks\ACC21AF492318384.job
[02/06/2009 08:30 AM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[02/11/2009 08:01 AM][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[02/11/2009 03:10 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 01:00 PM][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

( ACC21AF492318384.job )=( c:\docume~1\largee~1\applic~1\gridba~1\CopyCamp01.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[09/15/2008|10:47] C:\Program Files\<DIR> A L'AISE BREIZH
[01/05/2009|12:17] C:\Program Files\<DIR> Adobe
[08/22/2006|10:08] C:\Program Files\<DIR> Ahead
[09/22/2007|04:17] C:\Program Files\<DIR> AlertInfo
[01/29/2009|07:31] C:\Program Files\<DIR> Antipub
[08/23/2008|07:17] C:\Program Files\<DIR> AntiVir PersonalEdition Classic
[06/21/2007|11:40] C:\Program Files\<DIR> Apple Software Update
[07/25/2007|10:43] C:\Program Files\<DIR> Audacity
[04/30/2006|06:56] C:\Program Files\<DIR> BB Security
[02/05/2009|08:02] C:\Program Files\<DIR> Blender Foundation
[05/28/2006|06:49] C:\Program Files\<DIR> Broadcom
[05/28/2006|07:58] C:\Program Files\<DIR> Brother
[06/11/2006|09:51] C:\Program Files\<DIR> bsb
[03/26/2008|10:00] C:\Program Files\<DIR> BUFFALO
[11/10/2008|10:20] C:\Program Files\<DIR> CA Yahoo! Anti-Spy
[05/22/2007|02:14] C:\Program Files\<DIR> CCleaner
[10/28/2008|07:41] C:\Program Files\<DIR> Circle Developement
[01/14/2009|07:34] C:\Program Files\<DIR> Common Files
[08/17/2004|06:25] C:\Program Files\<DIR> ComPlus Applications
[04/07/2006|06:25] C:\Program Files\<DIR> CONEXANT
[04/07/2006|06:28] C:\Program Files\<DIR> CyberLink
[04/07/2006|06:29] C:\Program Files\<DIR> Dell
[05/28/2006|06:47] C:\Program Files\<DIR> DIFX
[04/07/2006|06:28] C:\Program Files\<DIR> Digital Line Detect
[02/11/2009|08:20] C:\Program Files\<DIR> eMule
[05/30/2006|11:53] C:\Program Files\<DIR> fohlen
[01/18/2009|10:24] C:\Program Files\<DIR> Fun Web Products
[01/18/2009|06:56] C:\Program Files\<DIR> FunWebProducts
[01/19/2009|07:05] C:\Program Files\<DIR> Google
[02/02/2009|01:28] C:\Program Files\<DIR> gridbasedog
[07/30/2007|10:43] C:\Program Files\<DIR> InstallShield Installation Information
[04/07/2006|06:24] C:\Program Files\<DIR> Intel
[04/07/2006|06:24] C:\Program Files\<DIR> Intel, Inc
[02/11/2009|03:10] C:\Program Files\<DIR> Internet Explorer
[06/21/2007|11:49] C:\Program Files\<DIR> iPod
[06/21/2007|11:50] C:\Program Files\<DIR> iTunes
[04/11/2008|02:43] C:\Program Files\<DIR> Java
[01/12/2009|11:26] C:\Program Files\<DIR> JCA2000
[12/26/2007|10:07] C:\Program Files\<DIR> JRA
[11/14/2008|11:35] C:\Program Files\<DIR> listac
[09/10/2007|02:06] C:\Program Files\<DIR> Logitech
[08/24/2008|02:05] C:\Program Files\<DIR> Messenger
[11/09/2008|06:19] C:\Program Files\<DIR> Messenger Plus! Live
[05/02/2008|01:29] C:\Program Files\<DIR> MessengerSkinner
[01/23/2009|09:24] C:\Program Files\<DIR> Microsoft
[05/10/2007|08:35] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[08/17/2004|06:27] C:\Program Files\<DIR> microsoft frontpage
[11/27/2006|08:34] C:\Program Files\<DIR> Microsoft Office
[10/29/2007|06:06] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[05/22/2006|04:28] C:\Program Files\<DIR> Modem Helper
[05/28/2006|06:26] C:\Program Files\<DIR> Movie Maker
[05/28/2006|07:01] C:\Program Files\<DIR> MSN
[08/17/2004|06:24] C:\Program Files\<DIR> MSN Gaming Zone
[02/20/2008|07:18] C:\Program Files\<DIR> MSN Messenger
[01/30/2007|07:37] C:\Program Files\<DIR> MSN Toolbar Suite
[11/17/2006|07:02] C:\Program Files\<DIR> MSXML 4.0
[04/07/2006|06:33] C:\Program Files\<DIR> MyWaySA
[06/13/2006|07:58] C:\Program Files\<DIR> MyWebSearch
[05/28/2006|06:27] C:\Program Files\<DIR> NetMeeting
[04/30/2006|08:53] C:\Program Files\<DIR> Netscape
[04/07/2006|06:28] C:\Program Files\<DIR> NetWaiting
[08/24/2008|06:56] C:\Program Files\<DIR> Neuf
[05/28/2006|06:28] C:\Program Files\<DIR> Online Services
[04/15/2007|09:26] C:\Program Files\<DIR> OpenOffice.org 2.2
[06/13/2007|07:04] C:\Program Files\<DIR> Outlook Express
[11/23/2006|02:26] C:\Program Files\<DIR> PhotoFiltre
[05/21/2007|11:03] C:\Program Files\<DIR> QuickTime
[08/03/2007|10:49] C:\Program Files\<DIR> RawFlow
[04/07/2006|06:25] C:\Program Files\<DIR> Sigmatel
[05/20/2008|01:31] C:\Program Files\<DIR> Skype
[04/07/2006|06:31] C:\Program Files\<DIR> Sonic
[07/30/2007|10:42] C:\Program Files\<DIR> Sony
[05/28/2006|06:02] C:\Program Files\<DIR> SpySpotter3
[02/05/2009|08:08] C:\Program Files\<DIR> Sweet Home 3D
[04/07/2006|06:28] C:\Program Files\<DIR> Synaptics
[04/07/2006|06:31] C:\Program Files\<DIR> Trend Micro
[08/17/2004|06:31] C:\Program Files\<DIR> Uninstall Information
[05/31/2006|07:38] C:\Program Files\<DIR> VideoLAN
[08/23/2008|06:46] C:\Program Files\<DIR> Virtualis
[12/28/2006|09:18] C:\Program Files\<DIR> Visagesoft
[06/11/2006|10:01] C:\Program Files\<DIR> website
[10/29/2007|06:08] C:\Program Files\<DIR> Windows Desktop Search
[01/23/2009|09:32] C:\Program Files\<DIR> Windows Live
[11/09/2007|03:57] C:\Program Files\<DIR> Windows Live Favorites
[01/23/2009|09:22] C:\Program Files\<DIR> Windows Live SkyDrive
[10/31/2007|07:02] C:\Program Files\<DIR> Windows Live Toolbar
[05/22/2007|12:31] C:\Program Files\<DIR> Windows Media Player
[05/28/2006|06:24] C:\Program Files\<DIR> Windows NT
[08/17/2004|06:25] C:\Program Files\<DIR> WindowsUpdate
[07/30/2007|01:27] C:\Program Files\<DIR> WinZip
[08/17/2004|06:27] C:\Program Files\<DIR> xerox
[11/10/2008|10:14] C:\Program Files\<DIR> Yahoo!
[04/30/2006|06:52] C:\Program Files\<DIR> Yahoo_BB

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[01/05/2009|12:17] C:\Program Files\Common Files\<DIR> Adobe
[08/22/2006|10:08] C:\Program Files\Common Files\<DIR> Ahead
[07/30/2007|10:40] C:\Program Files\Common Files\<DIR> InstallShield
[04/07/2006|06:21] C:\Program Files\Common Files\<DIR> Java
[07/25/2007|12:23] C:\Program Files\Common Files\<DIR> Logitech
[11/08/2007|04:27] C:\Program Files\Common Files\<DIR> Microsoft Shared
[04/30/2006|06:43] C:\Program Files\Common Files\<DIR> Motive
[08/17/2004|06:25] C:\Program Files\Common Files\<DIR> MSSoap
[04/20/2008|02:58] C:\Program Files\Common Files\<DIR> Nullsoft
[08/17/2004|06:21] C:\Program Files\Common Files\<DIR> ODBC
[04/30/2006|08:58] C:\Program Files\Common Files\<DIR> Scanner
[08/17/2004|06:25] C:\Program Files\Common Files\<DIR> Services
[03/26/2008|10:26] C:\Program Files\Common Files\<DIR> Skype
[04/07/2006|06:31] C:\Program Files\Common Files\<DIR> Sonic Shared
[07/30/2007|10:42] C:\Program Files\Common Files\<DIR> Sony Shared
[08/17/2004|06:21] C:\Program Files\Common Files\<DIR> SpeechEngines
[06/13/2007|07:04] C:\Program Files\Common Files\<DIR> System
[04/07/2006|06:30] C:\Program Files\Common Files\<DIR> TiVo Shared
[01/14/2009|07:34] C:\Program Files\Common Files\<DIR> Windows Live
[11/08/2007|04:26] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller

--------------------\\ Process

( 73 Processes )

IEXPLORE.EXE ~ [PID:3604]
IEXPLORE.EXE ~ [PID:2600]
IEXPLORE.EXE ~ [PID:2260]
IEXPLORE.EXE ~ [PID:3412]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\live 64 math does
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\live 64 math does\FLAW SUPPORT.dat
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\live 64 math does\FLAW SUPPORT.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\bfqjdqgf.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\CopyCamp01.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\cvkzdfbo.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\hakfuoub.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\hxfwimgv.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\jbyvqyiw.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\khppvzvl.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\Pingaboutshowbolt.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\plnhqavh.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\qyucmgca.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\rexvjkcq.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\sendbuild.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\znrscvsh.exe
C:\Program Files\gridba~1
C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta13.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta16.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta19A.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta19D.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta46.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta9.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta9B.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\staE.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@advertstream[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@d2.advertserve[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@adultfriendfinder[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@advertising[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@advertising[3].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@ero-advertising[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@adin.bigpoint[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@bigpoint[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.xblaster.bigpoint[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@banner.casinoking[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@casinoking[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@banner.cotedazurpalace[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@banner.cotedazurpalace[3].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@cotedazurpalace[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@cotedazurpalace[3].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@www.cotedazurpalace[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@adopt.euroclick[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@adopt.euroclick[3].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@pacificpoker[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@partypoker[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@32vegas[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@banner.32vegas[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@serve.32vegas[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@vegas7casino[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@www.vegas7casino[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@www.vegasaffiliates[1].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@2xmoinscher[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\ACC21AF492318384.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Plus Hold"="C:\\DOCUME~1\\LARGEE~1\\APPLIC~1\\GRIDBA~1\\sendbuild.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MATH DOES FIRST MODE"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\live 64 math does\\FLAW SUPPORT.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-11 08:54:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 86

--------------------\\ Recherche d'autres infections

C:\Program Files\MessengerSkinner
C:\Program Files\MessengerSkinner\download
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll
C:\Program Files\MessengerSkinner\resources
C:\Program Files\MessengerSkinner\uninst.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\MessengerSkinner
C:\DOCUME~1\LARGEE~1\APPLIC~1\MessengerSkinner\Userdata
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\MessengerSkinner.lnk
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\Website.url
C:\WINDOWS\prefetch\MESSENGERSKINNER.EXE-2C07B8D0.pf
C:\WINDOWS\System32\nvs2.inf

C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\guayi.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\guayi.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\guayi_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\guayi_navps.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\qmcwa.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\qmcwa.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\qmcwa_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\qmcwa_navps.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\sceceqm.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\sceceqm.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\sceceqm_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\sceceqm_navps.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\uaowmuo.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\uaowmuo.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\uaowmuo_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\uaowmuo_navps.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\weicgso.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\weicgso.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\weicgso_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\weicgso_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
C:\DOCUME~1\LARGE_~1\APPLIC~1\WinAntiVirus Pro 2006



[F:2966][D:33]-> C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp
[F:1670][D:0]-> C:\DOCUME~1\LARGEE~1\Cookies
[F:20366][D:86]-> C:\DOCUME~1\LARGEE~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Wed 02/11/2009| 9:00 - Option : [1]

--------------------\\ Fin du rapport a 9:00:11
0
Réponse 2 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 14:24
---> Relance Lop S&D.
---> Choisis cette fois-ci l'option 2 (Suppression).
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
0
liysa
11 févr. 2009 à 15:31
Bonjour,

Est il possible de relancer "lop ds" en cliquant sur le lien que tu as inscrit dans ton premiere message car je ne le retrouve pas dans mon bureau et ta manipulation (Alt + Ctrl + Supr) ne fonctionne pas ( peut etre du a mon clavier QWERTY ... je ne sais pas ) ?!?!?!?!?!?
0
Réponse 3 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 15:31
Tu peux le réinstaller si tu veux.
0
liysa
11 févr. 2009 à 15:45
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03
USER : LARGE ERIC ( Administrator )
BOOT : Normal boot
Antivirus : ƒEƒCƒ‹ƒXƒoƒXƒ^[12 12.6.1048 (Activated)
Firewall : ƒEƒCƒ‹ƒXƒoƒXƒ^[12 (ƒp[ƒ\ƒiƒ‹ƒtƒ@ƒCƒAƒEƒH[ƒ‹) 12 (Activated)
C:\ (Local Disk) - NTFS - Total:88 Go (Free:37 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
E:\ (USB) - FAT - Total:472 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( Wed 02/11/2009|15:37 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\live 64 math does\FLAW SUPPORT.dat
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\live 64 math does\FLAW SUPPORT.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\bfqjdqgf.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\CopyCamp01.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\cvkzdfbo.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\hakfuoub.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\hxfwimgv.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\jbyvqyiw.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\khppvzvl.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\Pingaboutshowbolt.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\plnhqavh.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\qyucmgca.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\rexvjkcq.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\sendbuild.exe
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1\znrscvsh.exe
Supprime! - C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta13.exe
Supprime! - C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta16.exe
Supprime! - C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta19A.exe
Supprime! - C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta19D.exe
Supprime! - C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta46.exe
Supprime! - C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta9.exe
Supprime! - C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\sta9B.exe
Supprime! - C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp\staE.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@advertstream[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@advertising[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@advertising[3].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@ero-advertising[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@bigpoint[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.thepimps.bigpoint[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr.xblaster.bigpoint[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@casinoking[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@banner.cotedazurpalace[3].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@cotedazurpalace[3].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@www.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@32vegas[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@serve.32vegas[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@vegas7casino[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@www.vegas7casino[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@www.vegasaffiliates[1].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\LARGEE~1\Cookies\large_eric@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\ACC21AF492318384.job
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\live 64 math does
Supprime! - C:\DOCUME~1\LARGEE~1\APPLIC~1\gridba~1
Supprime! - C:\Program Files\gridba~1
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[04/07/2006|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[04/30/2006|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Brother
[04/07/2006|06:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[04/07/2006|06:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intel
[05/05/2006|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[04/30/2006|06:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Motive
[04/30/2006|06:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MotiveSysIDs
[08/17/2004|06:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[05/05/2006|04:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinAntiVirus Pro 2006
[04/30/2006|07:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage

[01/05/2009|12:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Adobe
[05/06/2008|06:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> AntiVir PersonalEdition Classic
[05/21/2007|11:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Apple Computer
[05/28/2006|07:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Brother
[12/28/2006|09:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> eXPert PDF
[12/28/2006|09:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> eXPert PDF 4
[12/28/2006|09:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> eXPert PDF Jobs
[01/19/2009|07:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Google
[05/28/2006|06:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Intel
[10/28/2008|07:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Messenger Plus!
[01/14/2009|07:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Microsoft
[08/04/2006|09:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> MSN Search Toolbar
[05/06/2008|02:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> program extra intra type
[03/26/2008|10:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Skype
[07/30/2007|10:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Sony Corporation
[01/30/2007|05:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Windows Genuine Advantage
[01/30/2007|07:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Windows Live Toolbar
[01/23/2009|09:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> WindowsLiveInstaller
[03/22/2008|02:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> WLInstaller
[11/10/2008|10:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\<DIR> Yahoo! Companion

[08/17/2004|06:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[04/07/2006|06:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intel
[04/07/2006|06:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[04/07/2006|06:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun

[05/28/2006|06:29] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\<DIR> Microsoft

[03/12/2008|01:21] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Adobe
[06/09/2006|12:26] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> AdobeAUM
[12/16/2007|11:38] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> AdobeUM
[09/22/2007|05:19] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> AlertInfo
[05/21/2007|11:14] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Apple Computer
[02/05/2009|08:02] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Blender Foundation
[05/28/2006|08:18] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Brother
[07/27/2008|06:35] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> dvdcss
[12/28/2006|09:19] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> eXPert PDF Editor
[12/25/2006|10:19] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Google
[12/07/2007|12:30] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> gtk-2.0
[06/04/2006|08:57] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Help
[10/29/2007|06:10] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Identities
[05/28/2006|06:51] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Intel
[06/09/2006|01:17] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Leadertech
[02/14/2007|07:12] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Macromedia
[05/02/2008|01:29] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> MessengerSkinner
[01/14/2009|07:32] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Microsoft
[08/04/2006|09:40] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> MSN Search Toolbar
[05/28/2006|11:18] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> MSNInstaller
[05/22/2007|12:32] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> MusicIP
[02/11/2009|08:21] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> OpenOffice.org2
[05/21/2008|11:11] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Skype
[05/21/2008|08:06] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> skypePM
[07/30/2007|10:46] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Sony Corporation
[05/28/2006|11:51] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Sun
[07/05/2008|08:04] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> U3
[05/31/2006|07:39] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> vlc
[10/29/2007|06:23] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Windows Desktop Search
[11/04/2008|08:17] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Windows Live Writer
[11/10/2008|10:14] C:\DOCUME~1\LARGEE~1\APPLIC~1\<DIR> Yahoo!

[04/30/2006|11:22] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Adobe
[04/30/2006|12:42] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> CyberLink
[04/30/2006|07:19] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Google
[08/17/2004|06:31] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Identities
[04/07/2006|06:24] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Intel
[04/30/2006|06:30] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Macromedia
[05/01/2006|03:40] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Microsoft
[04/30/2006|08:56] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Netscape
[05/24/2006|11:52] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Real
[04/07/2006|06:22] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> Sun
[05/04/2006|06:16] C:\DOCUME~1\LARGE_~1\APPLIC~1\<DIR> WinAntiVirus Pro 2006

[08/17/2006|12:49] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Adobe
[10/01/2006|06:18] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Google
[05/28/2006|08:38] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Identities
[05/28/2006|08:38] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Intel
[06/28/2006|03:19] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Macromedia
[01/26/2008|12:07] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Microsoft
[08/17/2006|12:46] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> MSN Search Toolbar
[08/17/2006|12:50] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Sun
[01/26/2008|12:05] C:\DOCUME~1\LISIAN~1\APPLIC~1\<DIR> Windows Desktop Search

[08/17/2004|06:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[10/29/2007|08:34] C:\DOCUME~1\LOCALS~1.NTA\APPLIC~1\<DIR> Adobe
[10/29/2007|08:36] C:\DOCUME~1\LOCALS~1.NTA\APPLIC~1\<DIR> Microsoft

[05/20/2006|01:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Intel
[08/17/2004|06:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[05/28/2006|07:42] C:\DOCUME~1\NETWOR~1.NTA\APPLIC~1\<DIR> Intel
[05/28/2006|06:29] C:\DOCUME~1\NETWOR~1.NTA\APPLIC~1\<DIR> Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[02/06/2009 08:30 AM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[02/11/2009 03:01 PM][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[02/11/2009 03:10 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 01:00 PM][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[09/15/2008|10:47] C:\Program Files\<DIR> A L'AISE BREIZH
[01/05/2009|12:17] C:\Program Files\<DIR> Adobe
[08/22/2006|10:08] C:\Program Files\<DIR> Ahead
[09/22/2007|04:17] C:\Program Files\<DIR> AlertInfo
[01/29/2009|07:31] C:\Program Files\<DIR> Antipub
[08/23/2008|07:17] C:\Program Files\<DIR> AntiVir PersonalEdition Classic
[06/21/2007|11:40] C:\Program Files\<DIR> Apple Software Update
[07/25/2007|10:43] C:\Program Files\<DIR> Audacity
[04/30/2006|06:56] C:\Program Files\<DIR> BB Security
[02/05/2009|08:02] C:\Program Files\<DIR> Blender Foundation
[05/28/2006|06:49] C:\Program Files\<DIR> Broadcom
[05/28/2006|07:58] C:\Program Files\<DIR> Brother
[06/11/2006|09:51] C:\Program Files\<DIR> bsb
[03/26/2008|10:00] C:\Program Files\<DIR> BUFFALO
[11/10/2008|10:20] C:\Program Files\<DIR> CA Yahoo! Anti-Spy
[05/22/2007|02:14] C:\Program Files\<DIR> CCleaner
[01/14/2009|07:34] C:\Program Files\<DIR> Common Files
[08/17/2004|06:25] C:\Program Files\<DIR> ComPlus Applications
[04/07/2006|06:25] C:\Program Files\<DIR> CONEXANT
[04/07/2006|06:28] C:\Program Files\<DIR> CyberLink
[04/07/2006|06:29] C:\Program Files\<DIR> Dell
[05/28/2006|06:47] C:\Program Files\<DIR> DIFX
[04/07/2006|06:28] C:\Program Files\<DIR> Digital Line Detect
[02/11/2009|08:20] C:\Program Files\<DIR> eMule
[05/30/2006|11:53] C:\Program Files\<DIR> fohlen
[01/18/2009|10:24] C:\Program Files\<DIR> Fun Web Products
[01/18/2009|06:56] C:\Program Files\<DIR> FunWebProducts
[01/19/2009|07:05] C:\Program Files\<DIR> Google
[07/30/2007|10:43] C:\Program Files\<DIR> InstallShield Installation Information
[04/07/2006|06:24] C:\Program Files\<DIR> Intel
[04/07/2006|06:24] C:\Program Files\<DIR> Intel, Inc
[02/11/2009|03:10] C:\Program Files\<DIR> Internet Explorer
[06/21/2007|11:49] C:\Program Files\<DIR> iPod
[06/21/2007|11:50] C:\Program Files\<DIR> iTunes
[04/11/2008|02:43] C:\Program Files\<DIR> Java
[01/12/2009|11:26] C:\Program Files\<DIR> JCA2000
[12/26/2007|10:07] C:\Program Files\<DIR> JRA
[11/14/2008|11:35] C:\Program Files\<DIR> listac
[09/10/2007|02:06] C:\Program Files\<DIR> Logitech
[08/24/2008|02:05] C:\Program Files\<DIR> Messenger
[11/09/2008|06:19] C:\Program Files\<DIR> Messenger Plus! Live
[05/02/2008|01:29] C:\Program Files\<DIR> MessengerSkinner
[01/23/2009|09:24] C:\Program Files\<DIR> Microsoft
[05/10/2007|08:35] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[08/17/2004|06:27] C:\Program Files\<DIR> microsoft frontpage
[11/27/2006|08:34] C:\Program Files\<DIR> Microsoft Office
[10/29/2007|06:06] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[05/22/2006|04:28] C:\Program Files\<DIR> Modem Helper
[05/28/2006|06:26] C:\Program Files\<DIR> Movie Maker
[05/28/2006|07:01] C:\Program Files\<DIR> MSN
[08/17/2004|06:24] C:\Program Files\<DIR> MSN Gaming Zone
[02/20/2008|07:18] C:\Program Files\<DIR> MSN Messenger
[01/30/2007|07:37] C:\Program Files\<DIR> MSN Toolbar Suite
[11/17/2006|07:02] C:\Program Files\<DIR> MSXML 4.0
[04/07/2006|06:33] C:\Program Files\<DIR> MyWaySA
[06/13/2006|07:58] C:\Program Files\<DIR> MyWebSearch
[05/28/2006|06:27] C:\Program Files\<DIR> NetMeeting
[04/30/2006|08:53] C:\Program Files\<DIR> Netscape
[04/07/2006|06:28] C:\Program Files\<DIR> NetWaiting
[08/24/2008|06:56] C:\Program Files\<DIR> Neuf
[05/28/2006|06:28] C:\Program Files\<DIR> Online Services
[04/15/2007|09:26] C:\Program Files\<DIR> OpenOffice.org 2.2
[06/13/2007|07:04] C:\Program Files\<DIR> Outlook Express
[11/23/2006|02:26] C:\Program Files\<DIR> PhotoFiltre
[05/21/2007|11:03] C:\Program Files\<DIR> QuickTime
[08/03/2007|10:49] C:\Program Files\<DIR> RawFlow
[04/07/2006|06:25] C:\Program Files\<DIR> Sigmatel
[05/20/2008|01:31] C:\Program Files\<DIR> Skype
[04/07/2006|06:31] C:\Program Files\<DIR> Sonic
[07/30/2007|10:42] C:\Program Files\<DIR> Sony
[05/28/2006|06:02] C:\Program Files\<DIR> SpySpotter3
[02/05/2009|08:08] C:\Program Files\<DIR> Sweet Home 3D
[04/07/2006|06:28] C:\Program Files\<DIR> Synaptics
[04/07/2006|06:31] C:\Program Files\<DIR> Trend Micro
[08/17/2004|06:31] C:\Program Files\<DIR> Uninstall Information
[05/31/2006|07:38] C:\Program Files\<DIR> VideoLAN
[08/23/2008|06:46] C:\Program Files\<DIR> Virtualis
[12/28/2006|09:18] C:\Program Files\<DIR> Visagesoft
[06/11/2006|10:01] C:\Program Files\<DIR> website
[10/29/2007|06:08] C:\Program Files\<DIR> Windows Desktop Search
[01/23/2009|09:32] C:\Program Files\<DIR> Windows Live
[11/09/2007|03:57] C:\Program Files\<DIR> Windows Live Favorites
[01/23/2009|09:22] C:\Program Files\<DIR> Windows Live SkyDrive
[10/31/2007|07:02] C:\Program Files\<DIR> Windows Live Toolbar
[05/22/2007|12:31] C:\Program Files\<DIR> Windows Media Player
[05/28/2006|06:24] C:\Program Files\<DIR> Windows NT
[08/17/2004|06:25] C:\Program Files\<DIR> WindowsUpdate
[07/30/2007|01:27] C:\Program Files\<DIR> WinZip
[08/17/2004|06:27] C:\Program Files\<DIR> xerox
[11/10/2008|10:14] C:\Program Files\<DIR> Yahoo!
[04/30/2006|06:52] C:\Program Files\<DIR> Yahoo_BB

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[01/05/2009|12:17] C:\Program Files\Common Files\<DIR> Adobe
[08/22/2006|10:08] C:\Program Files\Common Files\<DIR> Ahead
[07/30/2007|10:40] C:\Program Files\Common Files\<DIR> InstallShield
[04/07/2006|06:21] C:\Program Files\Common Files\<DIR> Java
[07/25/2007|12:23] C:\Program Files\Common Files\<DIR> Logitech
[11/08/2007|04:27] C:\Program Files\Common Files\<DIR> Microsoft Shared
[04/30/2006|06:43] C:\Program Files\Common Files\<DIR> Motive
[08/17/2004|06:25] C:\Program Files\Common Files\<DIR> MSSoap
[04/20/2008|02:58] C:\Program Files\Common Files\<DIR> Nullsoft
[08/17/2004|06:21] C:\Program Files\Common Files\<DIR> ODBC
[04/30/2006|08:58] C:\Program Files\Common Files\<DIR> Scanner
[08/17/2004|06:25] C:\Program Files\Common Files\<DIR> Services
[03/26/2008|10:26] C:\Program Files\Common Files\<DIR> Skype
[04/07/2006|06:31] C:\Program Files\Common Files\<DIR> Sonic Shared
[07/30/2007|10:42] C:\Program Files\Common Files\<DIR> Sony Shared
[08/17/2004|06:21] C:\Program Files\Common Files\<DIR> SpeechEngines
[06/13/2007|07:04] C:\Program Files\Common Files\<DIR> System
[04/07/2006|06:30] C:\Program Files\Common Files\<DIR> TiVo Shared
[01/14/2009|07:34] C:\Program Files\Common Files\<DIR> Windows Live
[11/08/2007|04:26] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller

--------------------\\ Process

( 69 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\LARGEE~1\Cookies\large_eric@adopt.euroclick[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@pacificpoker[2].txt
C:\DOCUME~1\LARGEE~1\Cookies\large_eric@partypoker[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-11 15:39:29
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 86

--------------------\\ Recherche d'autres infections

C:\Program Files\MessengerSkinner
C:\Program Files\MessengerSkinner\download
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll
C:\Program Files\MessengerSkinner\resources
C:\Program Files\MessengerSkinner\uninst.exe
C:\DOCUME~1\LARGEE~1\APPLIC~1\MessengerSkinner
C:\DOCUME~1\LARGEE~1\APPLIC~1\MessengerSkinner\Userdata
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\MessengerSkinner.lnk
C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\MessengerSkinner\Website.url
C:\WINDOWS\System32\nvs2.inf

C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\guayi.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\guayi.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\guayi_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\guayi_navps.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\qmcwa.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\qmcwa.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\qmcwa_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\qmcwa_navps.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\sceceqm.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\sceceqm.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\sceceqm_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\sceceqm_navps.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\uaowmuo.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\uaowmuo.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\uaowmuo_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\uaowmuo_navps.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\weicgso.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\weicgso.exe
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\weicgso_nav.dat
C:\DOCUME~1\LARGEE~1\LOCALS~1\APPLIC~1\weicgso_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
C:\DOCUME~1\LARGE_~1\APPLIC~1\WinAntiVirus Pro 2006



[F:2957][D:33]-> C:\DOCUME~1\LARGEE~1\LOCALS~1\Temp
[F:1649][D:0]-> C:\DOCUME~1\LARGEE~1\Cookies
[F:21646][D:86]-> C:\DOCUME~1\LARGEE~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Wed 02/11/2009| 9:00 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Wed 02/11/2009|15:42 - Option : [2]

--------------------\\ Fin du rapport a 15:42:46
0
Réponse 4 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 15:46
- Télécharge Navilog1 (de IL-MAFIOSO) et enregistre-le sur le Bureau.

- Double-clique sur Navilog1.exe afin de lancer l'installation.

- Si le fix ne se lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.

- Appuie sur F ou f puis valide par Entrée.

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.

- Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.

- Patiente jusqu'au message : *** Analyse terminée le ..... ***

- Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.

- Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
0
liysa
11 févr. 2009 à 15:57
Search Navipromo version 3.7.2 commencé le Wed 02/11/2009 à 15:53:33.92

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 07.02.2009 à 10h00 par IL-MAFIOSO

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03
USER : LARGE ERIC ( Administrator )
BOOT : Normal boot

Antivirus : ƒEƒCƒ‹ƒXƒoƒXƒ^[12 12.6.1048 (Activated)
Firewall : ƒEƒCƒ‹ƒXƒoƒXƒ^[12 (ƒp[ƒ\ƒiƒ‹ƒtƒ@ƒCƒAƒEƒH[ƒ‹) 12 (Activated)

C:\ (Local Disk) - NTFS - Total:88 Go (Free:37 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
E:\ (USB) - FAT - Total:472 Mo (Free:0 Go)


Recherche executé en mode normal

*** Recherche Programmes installés ***

Favorit
MessengerSkinner

*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***

...\MessengerSkinner trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\startm~1\programs" ***

...\MessengerSkinner trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\startm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\LARGE ERIC\applic~1" ***

...\MessengerSkinner trouvé !

*** Recherche dossiers dans "C:\DOCUME~1\LARGE_~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\LISIAN~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\LARGE ERIC\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\LARGE_~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\LISIAN~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\LARGE ERIC\startm~1\programs" ***


*** Recherche dossiers dans "C:\DOCUME~1\LISIAN~1\startm~1\programs" ***


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\LARGE ERIC\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\LARGE_~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\LISIAN~1\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\system32\nvs2.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"yyqgusm"="\"c:\\documents and settings\\large eric\\local settings\\application data\\yyqgusm.exe\" yyqgusm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"weicgso"="\"c:\\documents and settings\\large eric\\local settings\\application data\\weicgso.exe\" weicgso"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uaowmuo"="\"c:\\documents and settings\\large eric\\local settings\\application data\\uaowmuo.exe\" uaowmuo"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"guayi"="\"c:\\documents and settings\\large eric\\local settings\\application data\\guayi.exe\" guayi"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"qmcwa"="\"c:\\documents and settings\\large eric\\local settings\\application data\\qmcwa.exe\" qmcwa"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"sceceqm"="\"c:\\documents and settings\\large eric\\local settings\\application data\\sceceqm.exe\" sceceqm"


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\LARGE ERIC\locals~1\applic~1" :

guayi.exe trouvé !
guayi.dat trouvé !
guayi_nav.dat trouvé !
guayi_navps.dat trouvé !
qmcwa.exe trouvé !
qmcwa.dat trouvé !
qmcwa_nav.dat trouvé !
qmcwa_navps.dat trouvé !
sceceqm.exe trouvé !
sceceqm.dat trouvé !
sceceqm_nav.dat trouvé !
sceceqm_navps.dat trouvé !
uaowmuo.exe trouvé !
uaowmuo.dat trouvé !
uaowmuo_nav.dat trouvé !
uaowmuo_navps.dat trouvé !
weicgso.exe trouvé !
weicgso.dat trouvé !
weicgso_nav.dat trouvé !
weicgso_navps.dat trouvé !

* Dans "C:\DOCUME~1\LARGE_~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\LISIAN~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le Wed 02/11/2009 à 15:54:34.68 ***
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 15:59
Ne réinstalle pas MessengerSkinner, c'est un programme piégé.

---> Relance Navilog1, fais l'option 2 et poste le rapport (C:\cleannavi.txt).
0
liysa
11 févr. 2009 à 16:04
Quand je prends l'option 2, voila ce qu'on m'indique :

!! Nettoyage en mode sans echec imperatif !!
Redemarrer en mode sans echec
Choisissez votre session habituelle
Puis utilisez Navilog1 en suivant les instructions donnees par Genproc

L'outil va etre interrompu
Press any key to continue ...
0
Réponse 6 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 16:05
Tu dois faire l'option 2 de Navilog1 en mode sans échec.

---> Pour redémarrer en mode sans échec :
- Redémarre ton PC.
- Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
- Dans le menu d'options avancées, choisis Mode sans échec.
- Choisis ta session.
0
liysa
11 févr. 2009 à 16:25
je suis desolee, je ne dois pas etre bien douee mais j'ai fait ce que tu m'as dit ... F8 (et f5 la deuxieme fois) mais je n'ai pas l'option avancee ... Quelque chose c'est bien inscrit en blanc sur un ecran noir mais tout etait en japonais (j'ai eu ce pc lorsque j'etais au japon ) ...
0
Réponse 7 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 16:27
"F8 (et f5 la deuxieme fois)"
---> Je n'ai pas écrit cela.

Je ne peux pas t'aider pour le japonais.

Tu peux redémarrer en mode sans échec avec msconfig :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
0
liysa
11 févr. 2009 à 16:44
Merci beaucoup Destrio mais je ne vais pas pouvoir continuer car je pense que l'ecran sur lequel je tombe est bien celui que je dois avoir en suivant tes conseils ... Mais c'est en japonais. Et si par chance j'arrivais a trouver "demarrage sans echec" il me faudrait ensuite trouve "options avancees" et la ca commence a etre plus complique.

Merci pour ton aide Destrio
0
Réponse 8 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 16:46
Peut-être que les choix sont dans le même ordre que ce soit japonais ou français.
0
liysa
11 févr. 2009 à 16:50
J'y ai pense mais si ce n'etait pas le cas ?!?!?!?
Si une fois sur ce fameux ecran, je clique sur la mauvaise ligne, est-ce qu'en redemarrant mon pc tout se passera comme avant ??????
0
Réponse 9 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 16:51
Quand tu arrives sur l'écran, il y a déjà un choix sélectionné, je pense que c'est le mode sans échec.
0
liysa
11 févr. 2009 à 17:10
Apparemment ca a fonctionner sauf que lorsque j'ai du choisir l'option 2 dans navilog1, on m'indique que pour faire une telle manipulation il me faut avoir envoye mon rapport a un Helper (ce que j'ai fait ;-) ) mais apres ca je n'ai pas d'autres indications pour que la suppression commence
0
Réponse 10 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 17:19
Tu devrais faire l'option 1 puis l'option 2.
0
Réponse 11 / 29
liysa
11 févr. 2009 à 17:36
Clean Navipromo version 3.7.2 commencé le Wed 02/11/2009 à 17:25:06.65

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 07.02.2009 à 10h00 par IL-MAFIOSO

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03
USER : LARGE ERIC ( Administrator )
BOOT : Fail-safe boot

Antivirus : ƒEƒCƒ‹ƒXƒoƒXƒ^[12 12.6.1048 (Activated)
Firewall : ƒEƒCƒ‹ƒXƒoƒXƒ^[12 (ƒp[ƒ\ƒiƒ‹ƒtƒ@ƒCƒAƒEƒH[ƒ‹) 12 (Activated)

C:\ (Local Disk) - NTFS - Total:88 Go (Free:37 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage executé en mode sans échec


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\LARGE ERIC\locals~1\applic~1" *


* Suppression dans "C:\DOCUME~1\LARGE_~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\LISIAN~1\locals~1\applic~1" *


*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !


*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\startm~1\programs" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !


*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\startm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\LARGE ERIC\applic~1" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !


*** Suppression dossiers dans "C:\DOCUME~1\LARGE_~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\LISIAN~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\LARGE ERIC\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\LARGE_~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\LISIAN~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\LARGE ERIC\startm~1\programs" ***


*** Suppression dossiers dans "C:\DOCUME~1\LISIAN~1\startm~1\programs" ***



*** Suppression fichiers ***

C:\WINDOWS\system32\nvs2.inf supprimé !
C:\WINDOWS\prefetch\MESSENGERSKINNER.EXE-2C07B8D0.pf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\LARGE ERIC\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


C:\WINDOWS\prefetch\guayi*.pf trouvé !
Copie C:\WINDOWS\prefetch\guayi*.pf réalisée avec succès !
C:\WINDOWS\prefetch\guayi*.pf supprimé !

C:\WINDOWS\prefetch\qmcwa*.pf trouvé !
Copie C:\WINDOWS\prefetch\qmcwa*.pf réalisée avec succès !
C:\WINDOWS\prefetch\qmcwa*.pf supprimé !

C:\WINDOWS\prefetch\sceceqm*.pf trouvé !
Copie C:\WINDOWS\prefetch\sceceqm*.pf réalisée avec succès !
C:\WINDOWS\prefetch\sceceqm*.pf supprimé !

C:\WINDOWS\prefetch\uaowmuo*.pf trouvé !
Copie C:\WINDOWS\prefetch\uaowmuo*.pf réalisée avec succès !
C:\WINDOWS\prefetch\uaowmuo*.pf supprimé !

C:\WINDOWS\prefetch\weicgso*.pf trouvé !
Copie C:\WINDOWS\prefetch\weicgso*.pf réalisée avec succès !
C:\WINDOWS\prefetch\weicgso*.pf supprimé !


* Dans "C:\Documents and Settings\LARGE ERIC\locals~1\applic~1" *


guayi.exe trouvé !
Copie guayi.exe réalisée avec succès !
guayi.exe supprimé !

guayi.dat trouvé !
Copie guayi.dat réalisée avec succès !
guayi.dat supprimé !

guayi_nav.dat trouvé !
Copie guayi_nav.dat réalisée avec succès !
guayi_nav.dat supprimé !

guayi_navps.dat trouvé !
Copie guayi_navps.dat réalisée avec succès !
guayi_navps.dat supprimé !

qmcwa.exe trouvé !
Copie qmcwa.exe réalisée avec succès !
qmcwa.exe supprimé !

qmcwa.dat trouvé !
Copie qmcwa.dat réalisée avec succès !
qmcwa.dat supprimé !

qmcwa_nav.dat trouvé !
Copie qmcwa_nav.dat réalisée avec succès !
qmcwa_nav.dat supprimé !

qmcwa_navps.dat trouvé !
Copie qmcwa_navps.dat réalisée avec succès !
qmcwa_navps.dat supprimé !

sceceqm.exe trouvé !
Copie sceceqm.exe réalisée avec succès !
sceceqm.exe supprimé !

sceceqm.dat trouvé !
Copie sceceqm.dat réalisée avec succès !
sceceqm.dat supprimé !

sceceqm_nav.dat trouvé !
Copie sceceqm_nav.dat réalisée avec succès !
sceceqm_nav.dat supprimé !

sceceqm_navps.dat trouvé !
Copie sceceqm_navps.dat réalisée avec succès !
sceceqm_navps.dat supprimé !

uaowmuo.exe trouvé !
Copie uaowmuo.exe réalisée avec succès !
uaowmuo.exe supprimé !

uaowmuo.dat trouvé !
Copie uaowmuo.dat réalisée avec succès !
uaowmuo.dat supprimé !

uaowmuo_nav.dat trouvé !
Copie uaowmuo_nav.dat réalisée avec succès !
uaowmuo_nav.dat supprimé !

uaowmuo_navps.dat trouvé !
Copie uaowmuo_navps.dat réalisée avec succès !
uaowmuo_navps.dat supprimé !

weicgso.exe trouvé !
Copie weicgso.exe réalisée avec succès !
weicgso.exe supprimé !

weicgso.dat trouvé !
Copie weicgso.dat réalisée avec succès !
weicgso.dat supprimé !

weicgso_nav.dat trouvé !
Copie weicgso_nav.dat réalisée avec succès !
weicgso_nav.dat supprimé !

weicgso_navps.dat trouvé !
Copie weicgso_navps.dat réalisée avec succès !
weicgso_navps.dat supprimé !


* Dans "C:\DOCUME~1\LARGE_~1\locals~1\applic~1" *



* Dans "C:\DOCUME~1\LISIAN~1\locals~1\applic~1" *



*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***



*** Nettoyage terminé le Wed 02/11/2009 à 17:27:03.60 ***
0
Réponse 12 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 17:39
Ça a fonctionné.

---> Désinstalle Navilog1.

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
0
liysa
11 févr. 2009 à 18:19
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1749
Windows 5.1.2600 Service Pack 2

2/11/2009 6:17:00 PM
mbam-log-2009-02-11 (18-17-00).txt

Type de recherche: Examen rapide
Eléments examinés: 97851
Temps écoulé: 25 minute(s), 6 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 155
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 27
Fichier(s) infecté(s): 129

Processus mémoire infecté(s):
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea3-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\MSNBackgrounds (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\SrchAstt\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\3.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\large_eric\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\large_eric\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3SHLLVW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006\AVScheduler.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\004B8CD2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\006A29EA.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\006A2C7B.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\006A2E8E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\007130AF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00B91F7A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\025CCFAA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0276BE65 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0276C933.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0276CB56.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0276CD79.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0276CF6D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0282E898.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0282EF8D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0282F191.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0282F3A4.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04C9749D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04CDEE2E (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04CE0B2C (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\05A9E075 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0643EDE5.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\07897CDA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0F440697 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\19183653 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\ask_logo.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\center.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\index.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\mid_dots.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\mws_logo.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\protect.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\shocked.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\stop.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\systray.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\systrayp.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\tp_grad.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\warn.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\0148EE8B.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\WebfettiBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\large_eric\Application Data\WinAntiVirus Pro 2006\Logs\update.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
0
liysa > liysa
11 févr. 2009 à 18:19
une suite arrive
0
liysa > liysa
11 févr. 2009 à 18:30
aaaaahhhhhhhhh j'ai encore un soucis ...

Je devais redemarrer pour avoir la suite ... ce que j'ai donc fait mais je n'ai rien de plus ...
Que dois-je faire ???
0
Réponse 13 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 18:33
---> Relance MBAM, va dans Quarantaine et supprime tout.

---> Puis fais ceci :

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0
liysa
11 févr. 2009 à 18:37
Logfile of random's system information tool 1.05 (written by random/random)
Run by LARGE ERIC at 2009-02-11 18:35:23
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 39 GB (43%) free of 91 GB
Total RAM: 502 MB (24% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-21 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-08-29 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-11-16 397312]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-28 667718]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-12-28 602182]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-12-13 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-12-13 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-12-13 118784]
"pccguide.exe"=C:\Program Files\Trend Micro\Virus Buster 12\pccguide.exe [2005-08-20 815170]
"SetDefPrt"=C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe [2004-05-25 49152]
"ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2004-07-20 851968]
"LogitechCameraAssistant"=C:\Program Files\Logitech\Video\CameraAssistant.exe [2005-09-06 434176]
"LogitechVideo[inspector]"=C:\Program Files\Logitech\Video\InstallHelper.exe [2005-09-06 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"vspdfprsrv.exe"=C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe [2006-05-03 879616]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-05-21 282624]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-06-01 257088]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-09-01 221184]
"BSKP-U202"=C:\Program Files\BUFFALO\BSKP-U202\BSKP-U202 Skype Phone.exe [2005-09-26 344064]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-21 144784]
"avgnt"=C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [2007-04-02 327720]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OE_OEM"=C:\Program Files\Trend Micro\Virus Buster 12\TMAS_OE\TMAS_OEMon.exe [2006-04-11 176201]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-14 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_8 -reboot 1 []
"Neuf Media Center"=C:\Program Files\Neuf\Media Center\MediaCenter.exe [2007-10-15 1025264]
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
"eMuleAutoStart"=C:\Program Files\eMule\emule.exe [2006-01-26 4857856]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\LARGE ERIC\Start Menu\Programs\Startup
OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-12-13 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"="C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4d4b164-4abe-11dd-b1c9-0015c50cf89b}]
shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4d4b165-4abe-11dd-b1c9-0015c50cf89b}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e


======List of files/folders created in the last 1 months======

2009-02-11 18:35:23 ----D---- C:\rsit
2009-02-11 17:42:56 ----D---- C:\Documents and Settings\LARGE ERIC\Application Data\Malwarebytes
2009-02-11 17:42:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-02-11 17:42:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-11 17:25:06 ----A---- C:\cleannavi.txt
2009-02-11 16:55:37 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-11 15:53:33 ----A---- C:\fixnavi.txt
2009-02-11 15:52:13 ----D---- C:\Program Files\Navilog1
2009-02-11 08:53:22 ----A---- C:\lopR.txt
2009-02-11 08:52:21 ----D---- C:\Lop SD
2009-02-11 03:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-05 20:08:17 ----D---- C:\Program Files\Sweet Home 3D
2009-02-05 20:02:23 ----D---- C:\Documents and Settings\LARGE ERIC\Application Data\Blender Foundation
2009-02-05 20:02:15 ----D---- C:\Program Files\Blender Foundation
2009-01-27 02:11:45 ----D---- C:\Program Files\Antipub
2009-01-23 21:30:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954708$
2009-01-23 21:24:06 ----D---- C:\Program Files\Microsoft
2009-01-23 21:22:07 ----D---- C:\Program Files\Windows Live SkyDrive
2009-01-18 22:24:15 ----D---- C:\Program Files\Fun Web Products
2009-01-15 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 07:34:09 ----D---- C:\Program Files\Common Files\Windows Live
2009-01-12 11:26:30 ----D---- C:\Program Files\JCA2000

======List of files/folders modified in the last 1 months======

2009-02-11 18:35:33 ----D---- C:\WINDOWS\Prefetch
2009-02-11 18:35:26 ----D---- C:\Program Files\Trend Micro
2009-02-11 18:24:33 ----D---- C:\Documents and Settings\LARGE ERIC\Application Data\OpenOffice.org2
2009-02-11 18:24:03 ----D---- C:\Program Files\eMule
2009-02-11 18:22:03 ----D---- C:\WINDOWS\Temp
2009-02-11 18:21:28 ----RD---- C:\Program Files
2009-02-11 18:21:26 ----D---- C:\WINDOWS\system32\drivers
2009-02-11 18:21:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-11 18:16:57 ----D---- C:\WINDOWS\system32
2009-02-11 18:16:57 ----D---- C:\Program Files\Internet Explorer
2009-02-11 16:55:37 ----D---- C:\WINDOWS
2009-02-11 15:38:25 ----SD---- C:\WINDOWS\Tasks
2009-02-11 03:03:25 ----HD---- C:\WINDOWS\inf
2009-02-11 03:03:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 03:03:04 ----A---- C:\WINDOWS\imsins.BAK
2009-02-11 03:02:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 03:02:24 ----D---- C:\WINDOWS\ie7updates
2009-02-11 03:00:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-09 08:51:39 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-27 22:01:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-23 21:42:36 ----SHD---- C:\WINDOWS\Installer
2009-01-23 21:42:36 ----SHD---- C:\Config.Msi
2009-01-23 21:32:13 ----D---- C:\Program Files\Windows Live
2009-01-23 21:31:43 ----D---- C:\WINDOWS\system32\DirectX
2009-01-23 21:24:28 ----D---- C:\WINDOWS\WinSxS
2009-01-23 21:23:54 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WindowsLiveInstaller
2009-01-19 20:02:37 ----D---- C:\WINDOWS\Minidump
2009-01-19 19:05:09 ----D---- C:\Program Files\Google
2009-01-19 19:05:09 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
2009-01-16 21:35:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-14 07:34:09 ----D---- C:\Program Files\Common Files
2009-01-14 07:33:30 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2009-01-14 07:32:25 ----SD---- C:\Documents and Settings\LARGE ERIC\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2007-03-20 43584]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\System32\Drivers\tmtdi.sys [2005-03-29 38528]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-05-28 21275]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-04 12544]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-12-28 13568]
R2 tm_cfw;Common Firewall Driver; C:\WINDOWS\System32\Drivers\tm_cfw.sys [2005-03-29 1884585]
R2 Tmfilter;Tmfilter; C:\WINDOWS\system32\drivers\TmXPFlt.sys [2006-09-06 197648]
R2 Tmpreflt;Tmpreflt; C:\WINDOWS\system32\drivers\Tmpreflt.sys [2006-09-06 31248]
R2 Vsapint;Vsapint; C:\WINDOWS\system32\drivers\Vsapint.sys [2006-09-06 1051456]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-04 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2005-11-30 936960]
R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-11-30 192512]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-12-13 1364574]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-07-14 28544]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-07-14 307968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-16 1047816]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-04 1428096]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-11-30 669696]
S3 avgntflt;avgntflt; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\WINDOWS\System32\Drivers\BrSerIf.sys [2004-06-11 51712]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [2004-01-09 11648]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2005-09-01 14080]
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-09-01 22528]
S3 LVUVC;QuickCam for Notebooks Pro(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2005-09-01 1081856]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 brmfrmps;Brother Popup Suspend service for Resource manager; C:\WINDOWS\system32\Brmfrmps.exe [2003-05-05 65536]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-12-28 114753]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2005-09-01 81920]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-12-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-12-28 540745]
R2 Tmntsrv;Trend Micro Real-time Service; C:\PROGRA~1\TRENDM~1\VIRUSB~1\Tmntsrv.exe [2005-08-20 290889]
R2 tmproxy;Trend Micro Proxy Service; C:\PROGRA~1\TRENDM~1\VIRUSB~1\tmproxy.exe [2005-08-20 262215]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2005-12-28 262217]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-06-01 501312]
S2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\AntiVir PersonalEdition Classic\sched.exe [2007-04-16 57896]
S2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe [2007-03-28 204840]
S2 PcCtlCom;Trend Micro Central Control Component; C:\PROGRA~1\TRENDM~1\VIRUSB~1\PcCtlCom.exe [2006-04-11 81995]
S2 TmPfw;Trend Micro Personal Firewall; C:\PROGRA~1\TRENDM~1\VIRUSB~1\TmPfw.exe [2005-08-20 585792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-23 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-23 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-13 69632]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-13 45056]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-13 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-13 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]

-----------------EOF-----------------
0
liysa > liysa
11 févr. 2009 à 18:38
info.txt logfile of random's system information tool 1.05 2009-02-11 18:35:46

======Uninstall list======

????????12-->MsiExec.exe /X{7698EDA5-A90F-4205-99CB-8FF6F9048ED9}
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->Dummy
-->MsiExec.exe /I{95D9B4D8-B091-4fab-80EA-313EB4B82FD6}
-->MsiExec.exe /I{EB997E90-5EB0-4eb5-90D0-90B1D2F0CA03}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7875FD9-6ADB-4D4B-A756-3A2306A3D5E1}\setup.exe" -l0x9 anything
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Download Manager 2.0 (Remove Only)-->"C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Reader Japanese Fonts-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-705000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AlertInfo-->"C:\Program Files\AlertInfo\unins000.exe"
Anti-Pub 2003.03-->"C:\Program Files\Antipub\unins000.exe"
Apple Software Update-->MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir PersonalEdition Classic-->C:\Program Files\AntiVir PersonalEdition Classic\setup.exe /REMOVE
Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
Broadcom 440x 10/100 Integrated Controller-->MsiExec.exe /X{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40A6C96D-808E-41DD-8716-617AB6B0F1F1}\Setup.exe" -l0x9 Brunin03.dllBrunin03.dll
bsb-->C:\Program Files\bsb\uninstall.exe
CA Yahoo! Anti-Spy (remove only)-->"C:\Program Files\CA Yahoo! Anti-Spy\uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028p.inf
Dell ResourceCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
écran de veille A l'aise Breizh 1.0-->"C:\Program Files\A L'AISE BREIZH\écran de veille A l'aise Breizh\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
eXPert PDF 4-->MsiExec.exe /X{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}
fohlen-->C:\Program Files\fohlen\uninstall.exe
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GIMP 2.4.1-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Highlight Viewer (Windows Live Toolbar)-->MsiExec.exe /X{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800)-->"C:\WINDOWS\$NtUninstallKB915800$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe"
ICD Client 5.3.1.0-->"C:\Program Files\RawFlow\ICD Clients\unins000.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
iTunes-->MsiExec.exe /I{553E56C3-7AA1-45FE-A2FC-2C43DC27F765}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
LISTAC la version 2.01 du 23/03/04-->"C:\Program Files\listac\unins000.exe"
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF1B5DF7-8DF5-4D38-BFF0-FDC7B7847C00}\setup.exe" -l0x40c
Logitech Camera Driver-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT -l040c
Logitech Mobile Video-->MsiExec.exe /X{31B9F727-3247-4E14-BA5B-14AF8DFCC5CE}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Map Button (Windows Live Toolbar)-->MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Navilog1 3.7.2-->"C:\Program Files\Navilog1\unins000.exe"
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
Neuf - Media Center-->C:\Program Files\Neuf\Media Center\uninstall.exe
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
OpenMG Limited Patch 4.7-07-14-05-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
OpenOffice.org 2.2-->MsiExec.exe /I{7FD7F10E-0666-4C9F-A0A8-422EA5E31C4C}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Manual NW-E010 Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4038EAF0-6F8E-4068-88F6-A417958B8AC5}\setup.exe" -l0x40c UNINSTALL -removeonly
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
QuickTime-->MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Smart Menus (Windows Live Toolbar)-->MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
SonicStage 4.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly
StopPub-->C:\Program Files\JCA2000\StopPub\StopPubUnInst.exe
Sweet Home 3D version 1.5.1-->"C:\Program Files\Sweet Home 3D\unins000.exe"
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Update for Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Virtualis Crédit Mutuel-->C:\Program Files\Virtualis\Désinstallation Virtualis Crédit Mutuel
website-->C:\Program Files\website\uninstall.exe
Windows Desktop Search 3.01-->"C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe"
Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12)-->C:\PROGRA~1\DIFX\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\rimsptsk_469677EEC4F8D39ABD61046D242B2A1651DE8AEF\rimsptsk.inf
Windows Driver Package - Ricoh Company MMC Host Controller (07/14/2005 1.00.00.06)-->C:\PROGRA~1\DIFX\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\rimmptsk_EA24AF82DAB6BA6CF6FB1A3004EE91F51D3FDCF9\rimmptsk.inf
Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04)-->C:\PROGRA~1\DIFX\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\rixdptsk_30B42BE4DA4D11DB80E5D3DD10180621BA0A53DD\rixdptsk.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Favorites for Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Live Toolbar Extension (Windows Live Toolbar)-->MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

Hosts File Missing
======Security center information======

AV: Avira AntiVir PersonalEdition (outdated)
AV: ƒEƒCƒ‹ƒXƒoƒXƒ^[12 (outdated)
FW: ƒEƒCƒ‹ƒXƒoƒXƒ^[12 (ƒp[ƒ\ƒiƒ‹ƒtƒ@ƒCƒAƒEƒH[ƒ‹)

System event log

Computer Name: LISIANA
Event Code: 7000
Message: The Trend Micro Central Control Component service failed to start due to the following error:
%1 is not a valid Win32 application.


Record Number: 43090
Source Name: Service Control Manager
Time Written: 20090201201733.000000+060
Event Type: error
User:

Computer Name: LISIANA
Event Code: 10005
Message: DCOM got error "%193" attempting to start the service PcCtlCom with arguments "-Service"
in order to run the server:
{5F9DCAF1-2A98-4135-AEFF-8C76B1D7C52C}

Record Number: 43089
Source Name: DCOM
Time Written: 20090201201733.000000+060
Event Type: error
User: LISIANA\LARGE ERIC

Computer Name: LISIANA
Event Code: 7000
Message: The Trend Micro Central Control Component service failed to start due to the following error:
%1 is not a valid Win32 application.


Record Number: 43088
Source Name: Service Control Manager
Time Written: 20090201201732.000000+060
Event Type: error
User:

Computer Name: LISIANA
Event Code: 10005
Message: DCOM got error "%193" attempting to start the service PcCtlCom with arguments "-Service"
in order to run the server:
{5F9DCAF1-2A98-4135-AEFF-8C76B1D7C52C}

Record Number: 43087
Source Name: DCOM
Time Written: 20090201201732.000000+060
Event Type: error
User: LISIANA\LARGE ERIC

Computer Name: LISIANA
Event Code: 7000
Message: The Trend Micro Central Control Component service failed to start due to the following error:
%1 is not a valid Win32 application.


Record Number: 43086
Source Name: Service Control Manager
Time Written: 20090201201730.000000+060
Event Type: error
User:

Application event log

Computer Name: LISIANA
Event Code: 4122
Message: Unable to load file ANTIVIR.OEM.
Returned error code: 2

Record Number: 14195
Source Name: H+BEDV AntiVir
Time Written: 20090105113518.000000+060
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: LISIANA
Event Code: 0
Message:
Record Number: 14194
Source Name: EvtEng
Time Written: 20090105113514.000000+060
Event Type: information
User:

Computer Name: LISIANA
Event Code: 102
Message: msnmsgr (2580) \\.\C:\Documents and Settings\LARGE ERIC\Local Settings\Application Data\Microsoft\Messenger\large_eric@hotmail.com\SharingMetadata\Working\database_C850_279D_5027_90EC\dfsr.db: The database engine started a new instance (0).

Record Number: 14193
Source Name: ESENT
Time Written: 20090105095159.000000+060
Event Type: information
User:

Computer Name: LISIANA
Event Code: 100
Message: msnmsgr (2580) The database engine 5.01.2600.2780 started.

Record Number: 14192
Source Name: ESENT
Time Written: 20090105095159.000000+060
Event Type: information
User:

Computer Name: LISIANA
Event Code: 101
Message: msnmsgr (2580) The database engine stopped.

Record Number: 14191
Source Name: ESENT
Time Written: 20090105095149.000000+060
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 14 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 18:46
Peux-tu t'inscrire sur CCM car je voudrais te parler à propos de ceci :

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4d4b165-4abe-11dd-b1c9-0015c50cf89b}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
0
liysa
11 févr. 2009 à 18:49
sur CCM ??
0
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291 > liysa
11 févr. 2009 à 18:50
CCM = CommentÇaMarche
0
liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009 > Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023
11 févr. 2009 à 18:52
j'y suis !!!
0
Réponse 15 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 19:09
---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
* Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.

Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
0
liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009
11 févr. 2009 à 19:22
pas de soucis jusqu'a "mettre a jour via jucheck.exe" ... apres avoir cliquer sur "rechercher" rien n'apparait
0
Réponse 16 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 19:30
Prends la dernière version de Java ici :
https://java.com/fr/
0
liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009
11 févr. 2009 à 19:33
et j'effectue la meme manipulation que pour Javara.zip ????
0
Réponse 17 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 19:34
Non, tu installes la nouvelle version de Java normalement puis tu effaceras les anciennes version de Java avec JavaRa.
0
liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009
11 févr. 2009 à 19:37
Nouvelle version installee
0
liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009 > liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009
11 févr. 2009 à 20:21
Je suis deslee mais je le trouve ou Javara pour pouvoir supprimer les anciennes versions ?
0
Réponse 18 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 20:22
---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
* Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.

Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
0
liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009
11 févr. 2009 à 20:30
Je pense ne pas avoir fait la bonne manip ...





JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Feb 11 20:25:40 2009

Found and removed: C:\Program Files\Java\jre1.6.0_03

JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Feb 11 20:27:07 2009
0
Réponse 19 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 20:37
Si, c'est OK, supprime JavaRa.

- Télécharge HijackThis v2.0.2 sur ton Bureau.

- Double-clique sur HJTInstall afin de lancer l'installation.

- Clique sur Install ensuite sur I Accept.

- Clique sur Do a system scan and save a logfile.

- Le Bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.
0
liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009
11 févr. 2009 à 20:40
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:39:56 PM, on 2/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\VIRUSB~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\VIRUSB~1\tmproxy.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\BUFFALO\BSKP-U202\BSKP-U202 Skype Phone.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Trend Micro\Virus Buster 12\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Neuf\Media Center\httpd\httpd.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Neuf\Media Center\httpd\httpd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Virus Buster 12\pccguide.exe"
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BSKP-U202] "C:\Program Files\BUFFALO\BSKP-U202\BSKP-U202 Skype Phone.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Virus Buster 12\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1234377169315&h=20d55af4f3fa498023a3771557eb86b6/&filename=jinstall-6u12-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\VIRUSB~1\PcCtlCom.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\VIRUSB~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\VIRUSB~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\VIRUSB~1\tmproxy.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
0
Réponse 20 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
11 févr. 2009 à 21:29
Tu as deux antivirus, il n'en faut qu'un.

---> Relance HijackThis et choisis Do a system scan only.

---> Coche les cases qui sont devant les lignes suivantes :

O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll (file missing)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Redémarre ton PC et poste un nouveau rapport HijackThis.
0
liysa Messages postés 29 Date d'inscription mercredi 11 février 2009 Statut Membre Dernière intervention 18 mai 2009
11 févr. 2009 à 21:44
Je viens de redemarrer mais je le retrouve ou ce nouveau rapport ???
0

Discussions similaires

Encore les CiD
doudoudim -
doudoudim -

18 réponses
appel intrusif sur Skype
FAMATHELY -
Utilisateur anonyme -

3 réponses
Problème CiD
Djemalounet -
Djemalounet -

104 réponses
comment donner les droits sur fichier partage
ch'ti du 57 -
fil1958 -

2 réponses
Probleme CiD
jijipo -
wacco -

9 réponses