Sujet Précédent Sujet Suivant

Impossible de desinstaller antivirus pro 2010

Fermé
transalp88 - 9 oct. 2009 à 09:31
Duty X Messages postés 35 Date d'inscription dimanche 6 décembre 2009 Statut Membre Dernière intervention 2 janvier 2010 - 6 déc. 2009 à 02:14
Bonjour,

pourriez vous me dire comment desinstaller ce logiciel de !!!!qui c 'est installé tout seul sur mon pc

antivirus pro 2010 imposiible a desinstaller

merci a l'avance
A voir également:

4 réponses

Réponse 1 / 4
transalp88
9 oct. 2009 à 13:58
bonjour ci joint rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:04, on 09/10/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\SYS\WINDOWS\System32\smss.exe
C:\SYS\WINDOWS\system32\csrss.exe
C:\SYS\WINDOWS\system32\winlogon.exe
C:\SYS\WINDOWS\system32\services.exe
C:\SYS\WINDOWS\system32\lsass.exe
C:\SYS\WINDOWS\system32\svchost.exe
C:\SYS\WINDOWS\system32\spoolsv.exe
C:\SYS\WINDOWS\system32\Drivers\trcboot.exe
C:\SYS\Pcom\PCS_AGNT.EXE
C:\Program Files\Canon\DIAS\CnxDIAS.exe
C:\SYS\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\SYS\WINDOWS\system32\regsvc.exe
C:\SYS\WINDOWS\system32\MSTask.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\SYS\WINDOWS\System32\WBEM\WinMgmt.exe
C:\SYS\WINDOWS\system32\mspmspsv.exe
C:\SYS\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\TeamViewer\Version4\TeamViewer.exe
C:\SYS\WINDOWS\system32\Drivers\ldlcserv.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\SYS\WINDOWS\TEMP\VB486E.EXE
C:\SYS\WINDOWS\Explorer.EXE
C:\SYS\WINDOWS\system32\svchost.exe
C:\SYS\WINDOWS\system32\igfxtray.exe
C:\SYS\WINDOWS\system32\hkcmd.exe
C:\SYS\WINDOWS\system32\igfxpers.exe
C:\SYS\WINDOWS\RTHDCPL.EXE
C:\SYS\Pcom\tpam.exe
C:\PROGRA~1\Adp\miniftp\miniftp.exe
C:\Documents and Settings\tmartin.DOMD1058\Desktop\CommandNotifier.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\SYS\WINDOWS\system32\internat.exe
C:\Documents and Settings\tmartin.DOMD1058\Application Data\svcst.exe
C:\Documents and Settings\tmartin.DOMD1058\Application Data\seres.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\SYS\WINDOWS\system32\cmd.exe
C:\SYS\WINDOWS\system32\OS2SRV.EXE
C:\SYS\WINDOWS\system32\os2ss.exe
C:\GenProc\outil\tmartin_GenProc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://accecit.citroen.inetpsa.com/portal/dt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = PROXY.TOUL.RESEAUCITROEN.COM:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.INETPSA.COM;D1Y05801;172.20.10.0;10.*;172.16.*;192.168.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Microsoft Online Helper! - {1EC3CA0E-B8F6-4B37-B932-29BEB1E1BB6F} - %SystemRoot%\system32\frjacnwrm.dll (file missing)
O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\SYS\WINDOWS\system32\cgmopenbho.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\SYS\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\SYS\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\SYS\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\SYS\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [CFGLOGON] C:\APP\PSA\BIN\MASKCMD.EXE C:\APP\PSA\LOGON\LOGON.CMD /HIDE
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [lcfep] "C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfep.exe"
O4 - HKLM\..\Run: [Tpam.exe] "C:\SYS\Pcom\tpam.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [SwdisUsrPCN.d1z05809] "C:\PROGRA~1\Tivoli\lcf\dat\1\cache\lib\w32-ix86\wdusrpcn.exe" "C:\Program Files\Tivoli\swdis\1\wdusrpcn.envd1z05809"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Serveur MiniFTP] C:\PROGRA~1\Adp\miniftp\miniftp.exe
O4 - HKLM\..\Run: [newAPVPR_Notify] C:\Documents and Settings\tmartin.DOMD1058\Desktop\CommandNotifier.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Antivirus Pro 2010] "C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe" /hide
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunServices: [Serveur MiniFTP] C:\PROGRA~1\Adp\miniftp\miniftp.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [mserv] C:\Documents and Settings\tmartin.DOMD1058\Application Data\svcst.exe
O4 - HKCU\..\Run: [svchost] C:\Documents and Settings\tmartin.DOMD1058\Application Data\svcst.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: Acrobat.lnk = C:\Program Files\Adobe\Acrobat 7.0\Updates.cmd (User 'Default user')
O4 - .DEFAULT Startup: lnk_OE.lnk = C:\APP\PSA\BIN\MASKCMD.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Acrobat.lnk = C:\Program Files\Adobe\Acrobat 7.0\Updates.cmd (User 'Default user')
O4 - .DEFAULT User Startup: lnk_OE.lnk = C:\APP\PSA\BIN\MASKCMD.EXE (User 'Default user')
O4 - Startup: Acrobat.lnk = C:\Program Files\Adobe\Acrobat 7.0\Updates.cmd
O4 - Startup: lnk_OE.lnk = C:\APP\PSA\BIN\MASKCMD.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\NPJPI142_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\NPJPI142_06.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\SYS\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\SYS\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=about:blank
O15 - Trusted Zone: http://public.service.citroen.com
O15 - Trusted Zone: http://service.citroen.com/pages/index.jsp
O15 - Trusted Zone: http://estim.citroen.inetpsa.com
O15 - Trusted Zone: http://estim.peugeot.inetpsa.com
O15 - Trusted Zone: http://networkservice.citroen.inetpsa.com
O15 - Trusted Zone: http://public.service.citroen.inetpsa.com
O15 - Trusted Zone: http://public.servicebox.peugeot.inetpsa.com
O15 - Trusted Zone: http://service.citroen.inetpsa.com
O15 - Trusted Zone: http://servicebox.peugeot.inetpsa.com
O15 - Trusted Zone: http://public.servicebox.peugeot.com/pages/index.jsp
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz7.domino.inetpsa.com/iNotes.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://portail.inetpsa.com/http://mailzb.domino.inetpsa.com/iNotes6W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://portail.inetpsa.com/http://mailzb.domino.inetpsa.com/dwa7W.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = DOMD1058.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFBD02D8-607B-4B19-9A78-487183AC0318}: NameServer = 10.163.141.2,10.144.58.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = DOMD1058.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = DOMD1058.com
O23 - Service: AppnNode - IBM Corporation - C:\SYS\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\SYS\WINDOWS\System32\dmadmin.exe
O23 - Service: DocbackupAC - Unknown owner - C:\Program Files\DocBackupAC\Resources\DocBackupService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\SYS\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: lmab_device - Lexmark International, Inc. - C:\SYS\WINDOWS\system32\LMabcoms.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
O23 - Service: Utilitaire de trace IBM (TrcBoot) - IBM Corporation - C:\SYS\WINDOWS\system32\Drivers\trcboot.exe
1
Réponse 2 / 4
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
9 oct. 2009 à 14:10
Bonjour,

si tu veux qu'on t'aide, il faut lire et faire ce que l'on te demande !
1
daisy200
6 déc. 2009 à 00:10
info.txt logfile of random's system information tool 1.06 2009-12-05 15:51:44

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0xc0c -uninst
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}
Agere Systems PCI Soft Modem-->C:\WINDOWS\agrsmdel
Amazing Adventures - Around The World Cracked by Cryptic-->"C:\Program Files\Amazing Adventures - Around The World\unins000.exe"
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0c0c -removeonly
Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
Coffret de pilotes Logitech Webcam Software-->"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\12.0.1278\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_12.0" /clone_wait /hide_progress
Compaq Connections-->C:\WINDOWS\BWUnin-6.3.2.62.exe -AppId 6750491
Compléments d'aide et de support-->WScript.exe C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\eHelpSetup.jse eHelpUninstall
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l3084
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
FormatFactory 1.90-->C:\Program Files\FormatFactory\uninst.exe
Free Mp3 Wma Converter V 1.81-->"C:\Program Files\Free Audio Pack\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.33\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Appareils photos Photosmart 6.0-->C:\Program Files\HP\Digital Imaging\{61CF89F5-5175-4b3b-ABB8-C89821252D50}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Boot Optimizer-->MsiExec.exe /I{3BA95526-6AE0-4B87-A62D-17187EF565FC}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
HP Solution Center and Imaging Support Tools 6.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Little Shop of Treasures 2 Deluxe-->"C:\Program Files\Zylom Games\Little Shop of Treasures 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Ma-Config.com-->MsiExec.exe /X{6C4D4FC0-467B-4BD7-8D11-50E49B2770D2}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
Mysteryville Deluxe-->"C:\Program Files\Zylom Games\Mysteryville Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
PC-Doctor for Windows-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{19C989C4-50AE-43A4-B06E-8C70FFFF852F} /l1036
Presto! Mr. Photo-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\NewSoft\MrPhoto16\DeIsL1.isu"
Presto! VideoWorks 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39D8C213-B0DF-11D5-9293-0050BA073EEC}\Setup.exe" -l0x40c
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SigmaTel MSCN Audio Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D53F7F05-4F17-4024-88C8-3C012E8555B4}\setup.exe" -l0x40c
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\WINDOWS\SiS\900\Uninst.exe
SiS VGA Utilities-->Rundll32 SiSInst.dll,Uninstall VGA,R,oem25.inf
SiSAGP driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0xc0c
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
The Magician's Handbook Deluxe-->"C:\Program Files\Zylom Games\The Magician's Handbook Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Trivial Pursuit Genus Edition Deluxe-->"C:\Program Files\Zylom Games\Trivial Pursuit Genus Edition Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB(VGA) Camera-->C:\Program Files\InstallShield Installation Information\{93897DBF-9110-40EE-AB53-0A464BC1EA25}\Setup.exe 1
VIA Le gestionnaire du dispositif de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 091205-1]

======System event log======

Computer Name: SOPHIA
Event Code: 7011
Message: Délai (30000 millisecondes) d'attente pour une réponse du service JavaQuickStarterService à une transaction.

Record Number: 122472
Source Name: Service Control Manager
Time Written: 20091204171332.000000-300
Event Type: error
User:

Computer Name: SOPHIA
Event Code: 7011
Message: Délai (30000 millisecondes) d'attente pour une réponse du service JavaQuickStarterService à une transaction.

Record Number: 122372
Source Name: Service Control Manager
Time Written: 20091204160839.000000-300
Event Type: error
User:

Computer Name: SOPHIA
Event Code: 7011
Message: Délai (30000 millisecondes) d'attente pour une réponse du service JavaQuickStarterService à une transaction.

Record Number: 122301
Source Name: Service Control Manager
Time Written: 20091204152534.000000-300
Event Type: error
User:

Computer Name: SOPHIA
Event Code: 7011
Message: Délai (30000 millisecondes) d'attente pour une réponse du service JavaQuickStarterService à une transaction.

Record Number: 122019
Source Name: Service Control Manager
Time Written: 20091204123210.000000-300
Event Type: error
User:

Computer Name: SOPHIA
Event Code: 7011
Message: Délai (30000 millisecondes) d'attente pour une réponse du service JavaQuickStarterService à une transaction.

Record Number: 121753
Source Name: Service Control Manager
Time Written: 20091204093729.000000-300
Event Type: error
User:

=====Application event log=====

Computer Name: SOPHIA
Event Code: 5103
Message: RA : un utilisateur expérimenté (utilisateur distant : [c=4][b]B@sTiEn/b/c=4) a commencé le contrôle d'un novice (utilisateur local : Compaq_Propriétaire)

Record Number: 3552
Source Name: Remote Assistance
Time Written: 20090519173700.000000-240
Event Type:
User:

Computer Name: SOPHIA
Event Code: 5
Message: Remote Assistance of Compaq_Propriétaire/SOPHIA started.

Record Number: 3550
Source Name: safrslv
Time Written: 20090519173645.000000-240
Event Type: audit success
User:

Computer Name: SOPHIA
Event Code: 4
Message: Remote Assistance of Compaq_Propriétaire/SOPHIA ended.

Record Number: 3538
Source Name: safrslv
Time Written: 20090519173142.000000-240
Event Type: audit success
User:

Computer Name: SOPHIA
Event Code: 5103
Message: RA : un utilisateur expérimenté (utilisateur distant : [c=4][b]B@sTiEn/b/c=4) a commencé le contrôle d'un novice (utilisateur local : Compaq_Propriétaire)

Record Number: 3536
Source Name: Remote Assistance
Time Written: 20090519171426.000000-240
Event Type:
User:

Computer Name: SOPHIA
Event Code: 5
Message: Remote Assistance of Compaq_Propriétaire/SOPHIA started.

Record Number: 3534
Source Name: safrslv
Time Written: 20090519171404.000000-240
Event Type: audit success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0c00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"SAFEBOOT_OPTION"=MINIMAL

-----------------EOF-----------------
0
Duty X Messages postés 35 Date d'inscription dimanche 6 décembre 2009 Statut Membre Dernière intervention 2 janvier 2010 15 > daisy200
6 déc. 2009 à 02:14
salut dit moi si il ressemble a sa :


http://www.malekal.com/Anti_Virus_Pro.php

si oui c'est un Rogues suite la procédure pour le désinstaller.



cordialement duty x
0
Réponse 3 / 4
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
9 oct. 2009 à 09:51
Bonjour,


télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
0
Réponse 4 / 4
transalp88
9 oct. 2009 à 13:59
bonjour ci joint rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:04, on 09/10/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\SYS\WINDOWS\System32\smss.exe
C:\SYS\WINDOWS\system32\csrss.exe
C:\SYS\WINDOWS\system32\winlogon.exe
C:\SYS\WINDOWS\system32\services.exe
C:\SYS\WINDOWS\system32\lsass.exe
C:\SYS\WINDOWS\system32\svchost.exe
C:\SYS\WINDOWS\system32\spoolsv.exe
C:\SYS\WINDOWS\system32\Drivers\trcboot.exe
C:\SYS\Pcom\PCS_AGNT.EXE
C:\Program Files\Canon\DIAS\CnxDIAS.exe
C:\SYS\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\SYS\WINDOWS\system32\regsvc.exe
C:\SYS\WINDOWS\system32\MSTask.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\SYS\WINDOWS\System32\WBEM\WinMgmt.exe
C:\SYS\WINDOWS\system32\mspmspsv.exe
C:\SYS\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\TeamViewer\Version4\TeamViewer.exe
C:\SYS\WINDOWS\system32\Drivers\ldlcserv.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\SYS\WINDOWS\TEMP\VB486E.EXE
C:\SYS\WINDOWS\Explorer.EXE
C:\SYS\WINDOWS\system32\svchost.exe
C:\SYS\WINDOWS\system32\igfxtray.exe
C:\SYS\WINDOWS\system32\hkcmd.exe
C:\SYS\WINDOWS\system32\igfxpers.exe
C:\SYS\WINDOWS\RTHDCPL.EXE
C:\SYS\Pcom\tpam.exe
C:\PROGRA~1\Adp\miniftp\miniftp.exe
C:\Documents and Settings\tmartin.DOMD1058\Desktop\CommandNotifier.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\SYS\WINDOWS\system32\internat.exe
C:\Documents and Settings\tmartin.DOMD1058\Application Data\svcst.exe
C:\Documents and Settings\tmartin.DOMD1058\Application Data\seres.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\SYS\WINDOWS\system32\cmd.exe
C:\SYS\WINDOWS\system32\OS2SRV.EXE
C:\SYS\WINDOWS\system32\os2ss.exe
C:\GenProc\outil\tmartin_GenProc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://accecit.citroen.inetpsa.com/portal/dt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = PROXY.TOUL.RESEAUCITROEN.COM:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.INETPSA.COM;D1Y05801;172.20.10.0;10.*;172.16.*;192.168.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Microsoft Online Helper! - {1EC3CA0E-B8F6-4B37-B932-29BEB1E1BB6F} - %SystemRoot%\system32\frjacnwrm.dll (file missing)
O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\SYS\WINDOWS\system32\cgmopenbho.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\SYS\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\SYS\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\SYS\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\SYS\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [CFGLOGON] C:\APP\PSA\BIN\MASKCMD.EXE C:\APP\PSA\LOGON\LOGON.CMD /HIDE
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [lcfep] "C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfep.exe"
O4 - HKLM\..\Run: [Tpam.exe] "C:\SYS\Pcom\tpam.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [SwdisUsrPCN.d1z05809] "C:\PROGRA~1\Tivoli\lcf\dat\1\cache\lib\w32-ix86\wdusrpcn.exe" "C:\Program Files\Tivoli\swdis\1\wdusrpcn.envd1z05809"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Serveur MiniFTP] C:\PROGRA~1\Adp\miniftp\miniftp.exe
O4 - HKLM\..\Run: [newAPVPR_Notify] C:\Documents and Settings\tmartin.DOMD1058\Desktop\CommandNotifier.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Antivirus Pro 2010] "C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe" /hide
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunServices: [Serveur MiniFTP] C:\PROGRA~1\Adp\miniftp\miniftp.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [mserv] C:\Documents and Settings\tmartin.DOMD1058\Application Data\svcst.exe
O4 - HKCU\..\Run: [svchost] C:\Documents and Settings\tmartin.DOMD1058\Application Data\svcst.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: Acrobat.lnk = C:\Program Files\Adobe\Acrobat 7.0\Updates.cmd (User 'Default user')
O4 - .DEFAULT Startup: lnk_OE.lnk = C:\APP\PSA\BIN\MASKCMD.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Acrobat.lnk = C:\Program Files\Adobe\Acrobat 7.0\Updates.cmd (User 'Default user')
O4 - .DEFAULT User Startup: lnk_OE.lnk = C:\APP\PSA\BIN\MASKCMD.EXE (User 'Default user')
O4 - Startup: Acrobat.lnk = C:\Program Files\Adobe\Acrobat 7.0\Updates.cmd
O4 - Startup: lnk_OE.lnk = C:\APP\PSA\BIN\MASKCMD.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\NPJPI142_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\NPJPI142_06.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\SYS\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\SYS\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=about:blank
O15 - Trusted Zone: http://public.service.citroen.com
O15 - Trusted Zone: http://service.citroen.com/pages/index.jsp
O15 - Trusted Zone: http://estim.citroen.inetpsa.com
O15 - Trusted Zone: http://estim.peugeot.inetpsa.com
O15 - Trusted Zone: http://networkservice.citroen.inetpsa.com
O15 - Trusted Zone: http://public.service.citroen.inetpsa.com
O15 - Trusted Zone: http://public.servicebox.peugeot.inetpsa.com
O15 - Trusted Zone: http://service.citroen.inetpsa.com
O15 - Trusted Zone: http://servicebox.peugeot.inetpsa.com
O15 - Trusted Zone: http://public.servicebox.peugeot.com/pages/index.jsp
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz7.domino.inetpsa.com/iNotes.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://portail.inetpsa.com/http://mailzb.domino.inetpsa.com/iNotes6W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://portail.inetpsa.com/http://mailzb.domino.inetpsa.com/dwa7W.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = DOMD1058.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFBD02D8-607B-4B19-9A78-487183AC0318}: NameServer = 10.163.141.2,10.144.58.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = DOMD1058.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = DOMD1058.com
O23 - Service: AppnNode - IBM Corporation - C:\SYS\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\SYS\WINDOWS\System32\dmadmin.exe
O23 - Service: DocbackupAC - Unknown owner - C:\Program Files\DocBackupAC\Resources\DocBackupService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\SYS\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: lmab_device - Lexmark International, Inc. - C:\SYS\WINDOWS\system32\LMabcoms.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
O23 - Service: Utilitaire de trace IBM (TrcBoot) - IBM Corporation - C:\SYS\WINDOWS\system32\Drivers\trcboot.exe
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
Coco71 -

15 réponses
Désinstaller Opera
Web. -
Web. -

3 réponses
pro direct soccer fiable ?
Doudy28 -
Sm81 -

6 réponses
Je ne peut pas désinstaller League of Legends avec W8.
Nightbox64 -
do -

3 réponses