Aller au contenu

aaaa298

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    6

  • Inscription

  • Dernière visite

aaaa298's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. aaaa298

    Aidez-moi

    aaaa298 a répondu à un(e) sujet de aaaa298 dans Analyses et éradication malwares

    Tout a l'air de bien marcher. Merci mille fois de m'avoir débarassé de ces problèmes. Passe une bonne fin de week-end. Cordialement. Thomas
  2. aaaa298

    Aidez-moi

    aaaa298 a répondu à un(e) sujet de aaaa298 dans Analyses et éradication malwares

    ========== PROCESSES ========== Process explorer.exe killed successfully. Unable to kill process: vmntoolbarsetup.exe ========== FILES ========== C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\0056323E-000001A3.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\02C8094D-00000139.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\03531A4D-000001C7.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\07345E86-000001C2.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\0D7268AF-000001AA.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\12267EB6-000001BE.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\140C35E7-000001B7.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\17A562E2-000001BF.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1B8F2328-000001A4.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1D316158-000001AE.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1DAD22F1-000001D2.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1E343235-0000018D.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1F2524F5-000001D4.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\255870D8-000001C8.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\2A974C9C-000000B5.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\2B47696B-000001A5.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\2BC042F1-00000175.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\2DC75768-000001A2.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\325879CC-000001C6.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\373765E4-00000198.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\374A60DB-0000019B.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\375520E5-00000106.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\3797435E-00000196.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\3EE66FC3-0000019C.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\3F764A30-00000197.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\44C37EA3-000001D6.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\472F2651-000001B2.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\4911687B-00000199.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\4B250E36-000001A0.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\4CE954BB-000001AD.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\50934C71-0000010C.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\51E6721A-000001B6.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\53C5252A-000001CC.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\554C21ED-00000195.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\55A53AC2-000001BD.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\578F6768-0000019A.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\5B4F404C-00000085.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\5B691323-000001BC.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\5FF36E43-000001BA.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\673307F5-000001A6.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\6B7B4E1C-000001A1.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\726C11DD-000001C9.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\72D75D55-000001A8.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\73DA58B0-000000BF.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\75FE2814-0000010D.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\7C036826-000001A7.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\06D9713E-00000512.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\162A0BC3-000004CA.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\197926E4-00000572.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\2A3A2A85-000004BC.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\2B6A020C-00000549.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\34A77BB6-000004EB.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\35080E27-000004E8.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\3694664F-0000054D.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\375019DA-000004DA.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\3CE52463-000004FF.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\7A0A0BA6-00000501.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\50C268C1-00000A4F.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\5520236C-00000A77.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\5D4E305B-00000A58.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\5D6B525B-00000A56.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\68347928-00000A76.eml moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\795550B1-00000A52.eml moved successfully. ========== COMMANDS ========== File delete failed. C:\Users\Thomas\AppData\Local\Temp\Google Toolbar\gtb2B65.tmp.exe scheduled to be deleted on reboot. File delete failed. C:\Users\Thomas\AppData\Local\Temp\~DF1CD.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Thomas\AppData\Local\Temp\~DFC830.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Thomas\AppData\Local\Temp\~DFC839.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Thomas\AppData\Local\Temp\~DFE19A.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot. File delete failed. C:\Windows\temp\GoogleToolbarInstaller2.log scheduled to be deleted on reboot. File delete failed. C:\Windows\temp\TMP0000000CDDE28477CDC2A938 scheduled to be deleted on reboot. Windows Temp folder emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03012009_184535 Files moved on Reboot... File C:\Users\Thomas\AppData\Local\Temp\Google Toolbar\gtb2B65.tmp.exe not found! C:\Users\Thomas\AppData\Local\Temp\~DF1CD.tmp moved successfully. File C:\Users\Thomas\AppData\Local\Temp\~DFC830.tmp not found! File C:\Users\Thomas\AppData\Local\Temp\~DFC839.tmp not found! C:\Users\Thomas\AppData\Local\Temp\~DFE19A.tmp moved successfully. File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. C:\Windows\temp\GoogleToolbarInstaller2.log moved successfully. File C:\Windows\temp\TMP0000000CDDE28477CDC2A938 not found!
  3. aaaa298

    Aidez-moi

    aaaa298 a répondu à un(e) sujet de aaaa298 dans Analyses et éradication malwares

    Merci de ton aide: ça a été un peu long mais voici les rapports. Le rapport log ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder F:\iky.bat not found. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e800f08c-0eaa-11dc-983b-00038a000015}\\ deleted successfully. ========== COMMANDS ========== File delete failed. C:\Users\Thomas\AppData\Local\Temp\~DF307B.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\Thomas\AppData\Local\Temp\~DFE238.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot. File delete failed. C:\Windows\temp\TMP00000092E218D96CF2738E89 scheduled to be deleted on reboot. Windows Temp folder emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03012009_123431 Files moved on Reboot... C:\Users\Thomas\AppData\Local\Temp\~DF307B.tmp moved successfully. C:\Users\Thomas\AppData\Local\Temp\~DFE238.tmp moved successfully. File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. File C:\Windows\temp\TMP00000092E218D96CF2738E89 not found! Et le rapport Kaspersky -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Sunday, March 1, 2009 Operating System: Microsoft Windows Vista Home Basic Edition, 32-bit (build 6000) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Sunday, March 01, 2009 12:44:05 Records in database: 1858838 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ Scan statistics: Files scanned: 148848 Threat name: 38 Infected objects: 68 Suspicious objects: 1 Duration of the scan: 04:05:13 File name / Threat name / Threats count C:\Lop SD\Backup-Lop\vmntoolbar\vmntoolbar.dll Infected: not-a-virus:AdWare.Win32.MegaSearch.j 1 C:\Lop SD\Backup-Lop\vmntoolbar\vmntoolbar_151.zip Infected: not-a-virus:AdWare.Win32.MegaSearch.j 1 C:\Lop SD\osVer.exe Infected: Backdoor.Win32.Small.gov 1 C:\Program Files\Navilog1\Backupnavi\hjreuzee.exe Infected: Trojan.Win32.Obfuscated.aqn 1 C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar\vmntoolbarsetup.exe Infected: not-a-virus:AdWare.Win32.BHO.w 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\0056323E-000001A3.eml Infected: Worm.Win32.Downloader.wh 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\02C8094D-00000139.eml Infected: Worm.Win32.AutoRun.ons 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\03531A4D-000001C7.eml Infected: Worm.Win32.AutoRun.rwo 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\07345E86-000001C2.eml Infected: Worm.Win32.AutoRun.rsu 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\0D7268AF-000001AA.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\12267EB6-000001BE.eml Infected: Trojan-Downloader.Win32.Small.afzf 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\140C35E7-000001B7.eml Infected: Trojan.Win32.Pakes.lin 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\17A562E2-000001BF.eml Infected: Worm.Win32.AutoRun.rsu 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1B8F2328-000001A4.eml Infected: Worm.Win32.Downloader.wh 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1D316158-000001AE.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1DAD22F1-000001D2.eml Infected: Trojan-Dropper.Win32.Agent.zdl 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1E343235-0000018D.eml Infected: Worm.Win32.AutoRun.qsf 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\1F2524F5-000001D4.eml Suspicious: Password-protected-EXE 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\255870D8-000001C8.eml Infected: Trojan-Dropper.Win32.Pakes.e 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\2A974C9C-000000B5.eml Infected: Worm.Win32.Socks.agw 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\2B47696B-000001A5.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\2BC042F1-00000175.eml Infected: Worm.Win32.AutoRun.qma 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\2DC75768-000001A2.eml Infected: Worm.Win32.Downloader.wh 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\325879CC-000001C6.eml Infected: Worm.Win32.Agent.jp 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\373765E4-00000198.eml Infected: Worm.Win32.AutoRun.qzg 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\374A60DB-0000019B.eml Infected: Trojan.Win32.Agent.ajcd 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\375520E5-00000106.eml Infected: Trojan-Downloader.Win32.Agent.afqa 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\3797435E-00000196.eml Infected: Worm.Win32.AutoRun.qzg 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\3EE66FC3-0000019C.eml Infected: Trojan.Win32.Agent.ajcd 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\3F764A30-00000197.eml Infected: Worm.Win32.AutoRun.qzc 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\44C37EA3-000001D6.eml Infected: Worm.Win32.AutoRun.scj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\472F2651-000001B2.eml Infected: Worm.Win32.Agent.jd 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\4911687B-00000199.eml Infected: Trojan-Downloader.Win32.Agent.akmo 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\4B250E36-000001A0.eml Infected: Trojan-Downloader.Win32.Agent.albb 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\4CE954BB-000001AD.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\50934C71-0000010C.eml Infected: Backdoor.Win32.Hijack.e 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\51E6721A-000001B6.eml Infected: Trojan.Win32.Pakes.lin 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\53C5252A-000001CC.eml Infected: Trojan-Dropper.Win32.Agent.zdw 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\554C21ED-00000195.eml Infected: Trojan.Win32.Pakes.lem 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\55A53AC2-000001BD.eml Infected: Trojan-Downloader.Win32.Banload.xlm 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\578F6768-0000019A.eml Infected: Trojan-Downloader.Win32.Agent.akmx 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\5B4F404C-00000085.eml Infected: Trojan-Spy.Win32.Zbot.cod 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\5B691323-000001BC.eml Infected: Trojan.Win32.Agent.akxw 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\5FF36E43-000001BA.eml Infected: Worm.Win32.AutoRun.rkt 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\673307F5-000001A6.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\6B7B4E1C-000001A1.eml Infected: Worm.Win32.Downloader.wh 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\726C11DD-000001C9.eml Infected: Worm.Win32.AutoRun.rys 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\72D75D55-000001A8.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\73DA58B0-000000BF.eml Infected: Trojan-Spy.Win32.Zbot.dqu 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\75FE2814-0000010D.eml Infected: Backdoor.Win32.Hijack.e 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Ebook\7C036826-000001A7.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\06D9713E-00000512.eml Infected: Trojan.Win32.Pakes.lin 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\162A0BC3-000004CA.eml Infected: Trojan.Win32.Pakes.lem 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\197926E4-00000572.eml Infected: Worm.Win32.AutoRun.scj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\2A3A2A85-000004BC.eml Infected: Worm.Win32.AutoRun.qsf 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\2B6A020C-00000549.eml Infected: Worm.Win32.Agent.jp 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\34A77BB6-000004EB.eml Infected: Trojan-Downloader.Win32.Agent.akmo 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\35080E27-000004E8.eml Infected: Trojan-Downloader.Win32.Agent.akmx 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\3694664F-0000054D.eml Infected: Worm.Win32.AutoRun.rwo 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\375019DA-000004DA.eml Infected: Worm.Win32.AutoRun.qzc 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\3CE52463-000004FF.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Référencement\7A0A0BA6-00000501.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\50C268C1-00000A4F.eml Infected: Worm.Win32.Downloader.wh 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\5520236C-00000A77.eml Infected: Trojan.Win32.Agent.akxw 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\5D4E305B-00000A58.eml Infected: Worm.Win32.Agent.ja 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\5D6B525B-00000A56.eml Infected: Trojan-Downloader.Win32.Agent.algj 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\68347928-00000A76.eml Infected: Trojan.Win32.Agent.akxw 1 C:\Users\Thomas\AppData\Local\Microsoft\Windows Mail\Local Folders\Webmaster\795550B1-00000A52.eml Infected: Worm.Win32.Downloader.wh 1 D:\RECYCLER\S-9-0-90-100017647-100023983-100031253-8289.com Infected: Worm.Win32.AutoRun.abbs 1 The selected area was scanned.
  4. aaaa298

    Aidez-moi

    aaaa298 a répondu à un(e) sujet de aaaa298 dans Analyses et éradication malwares

    Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1749 Windows 6.0.6000 28/02/2009 19:00:26 mbam-log-2009-02-28 (19-00-26).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 208537 Temps écoulé: 1 hour(s), 56 minute(s), 9 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 9 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 5 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df1c8e21-4045-4d67-b528-335f1a4f0de9} (Adware.Navipromo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{400aee4e-cf37-4742-8a32-189a2cceda67}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b39fb90c-d309-4978-84b3-a0178cc63a1f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{400aee4e-cf37-4742-8a32-189a2cceda67}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{b39fb90c-d309-4978-84b3-a0178cc63a1f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{400aee4e-cf37-4742-8a32-189a2cceda67}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{b39fb90c-d309-4978-84b3-a0178cc63a1f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\Navilog1\Backupnavi\nsinet.exe (Dialer) -> Quarantined and deleted successfully. C:\autorun.inf (Trojan.Agent) -> Quarantined and deleted successfully. C:\RECYCLER\S-9-0-90-100017647-100023983-100031253-8289.com (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\gaopdxpwxsabko.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\drivers\gaopdxrpalubge.sys (Trojan.Agent) -> Quarantined and deleted successfully.
  5. aaaa298

    Aidez-moi

    aaaa298 a répondu à un(e) sujet de aaaa298 dans Analyses et éradication malwares

    Merci de la réponse. Voici le fichier log Logfile of random's system information tool 1.05 (written by random/random) Run by Thomas at 2009-02-28 13:40:03 Microsoft® Windows Vista™ Édition Familiale Basique System drive C: has 3 GB (4%) free of 71 GB Total RAM: 1014 MB (11% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:40:11, on 28/02/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16809) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\TechCity Solutions\AOLSAV\AOLAgent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\AOL\1173121951\ee\aolsoftware.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Real\RealPlayer\realplay.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\program files\common files\aol\1173121951\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe C:\Program Files\Registry Mechanic\regmech.exe c:\program files\common files\aol\1173121951\ee\aolsoftware.exe C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Users\Thomas\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Thomas.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173121951\ee\AOLSoftware.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll O13 - Gopher Prefix: O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/s...te/certdgi1.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Br...018/flashax.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClient Control) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://jackpotcity.microgaming.com/jackpotcity/FlashAX2.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{400AEE4E-CF37-4742-8A32-189A2CCEDA67}: NameServer = 85.255.112.39,85.255.112.40 O17 - HKLM\System\CCS\Services\Tcpip\..\{B39FB90C-D309-4978-84B3-A0178CC63A1F}: NameServer = 85.255.112.39,85.255.112.40 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40 O17 - HKLM\System\CS1\Services\Tcpip\..\{400AEE4E-CF37-4742-8A32-189A2CCEDA67}: NameServer = 85.255.112.39,85.255.112.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40 O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\Windows\wanmpsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11503 bytes ======Scheduled tasks folder====== C:\Windows\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}] VMN Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2006-12-18 501384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-03-05 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADECBED6-0366-4377-A739-E69DFBA04663}] Catcher Class - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll [2007-12-05 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-03-05 2436160] {4982D40A-C53B-4615-B15B-B5B5E98D167C} - AOL Toolbar - C:\Program Files\AOL Toolbar\toolbar.dll [2004-03-22 385024] {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-04-13 1006264] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-15 815104] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2006-11-06 98304] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2006-11-06 106496] "Persistence"=C:\Windows\system32\igfxpers.exe [2006-11-06 81920] "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-12-02 167936] "HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2006-12-10 49152] "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-11-06 159744] "HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2006-12-04 46704] "WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2006-10-18 317152] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2006-10-18 472800] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0\bin\jusched.exe [2006-12-18 77824] "AOLSAV"=C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe [2004-04-26 75776] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-10-25 282624] "AOLDialer"=C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [2007-06-21 70952] "HostManager"=C:\Program Files\Common Files\AOL\1173121951\ee\AOLSoftware.exe [2006-11-14 50736] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2006-10-30 256576] "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-18 81000] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2007-03-05 26112] "CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344] "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RegistryMechanic"=C:\Program Files\Registry Mechanic\RMTray.exe [2008-07-03 812952] "AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2008-12-04 2356088] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "ValidateAdminCodeSignatures"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e800f08c-0eaa-11dc-983b-00038a000015}] shell\AutoRun\command - F:\iky.bat shell\explore\command - F:\iky.bat shell\open\command - F:\iky.bat ======File associations====== .js - edit - .js - open - .txt - open - ======List of files/folders created in the last 1 months====== 2009-02-28 13:26:08 ----D---- C:\rsit 2009-02-24 20:53:13 ----D---- C:\RECYCLER 2009-02-24 20:21:42 ----D---- C:\Users\Thomas\AppData\Roaming\XMIND 2009-02-24 20:18:56 ----D---- C:\Program Files\XMIND 2008 2009-02-24 19:48:45 ----D---- C:\Program Files\FreeMind 2009-02-11 14:11:40 ----A---- C:\Windows\system32\msfeeds.dll 2009-02-11 14:11:38 ----A---- C:\Windows\system32\mshtml.dll 2009-02-11 14:11:33 ----A---- C:\Windows\system32\ieframe.dll 2009-02-11 14:11:31 ----A---- C:\Windows\system32\urlmon.dll 2009-02-11 14:11:29 ----A---- C:\Windows\system32\wininet.dll 2009-02-11 14:11:28 ----A---- C:\Windows\system32\mshtmled.dll 2009-02-11 14:11:27 ----A---- C:\Windows\system32\mstime.dll 2009-02-11 14:11:27 ----A---- C:\Windows\system32\ieapfltr.dll 2009-02-11 14:11:27 ----A---- C:\Windows\system32\advpack.dll 2009-02-11 14:11:26 ----A---- C:\Windows\system32\ieui.dll 2009-02-11 14:11:26 ----A---- C:\Windows\system32\iernonce.dll 2009-02-11 14:11:26 ----A---- C:\Windows\system32\ie4uinit.exe 2009-02-11 14:11:26 ----A---- C:\Windows\system32\dxtrans.dll 2009-02-11 14:11:25 ----A---- C:\Windows\system32\iesetup.dll 2009-02-11 14:11:25 ----A---- C:\Windows\system32\iertutil.dll 2009-02-11 14:11:24 ----A---- C:\Windows\system32\jsproxy.dll 2009-02-11 14:11:24 ----A---- C:\Windows\system32\ieUnatt.exe 2009-02-11 14:11:24 ----A---- C:\Windows\system32\icardie.dll 2009-02-11 14:11:24 ----A---- C:\Windows\system32\dxtmsft.dll 2009-02-11 14:11:23 ----A---- C:\Windows\system32\pngfilt.dll ======List of files/folders modified in the last 1 months====== 2009-02-28 13:37:15 ----D---- C:\Windows\Temp 2009-02-28 13:37:04 ----D---- C:\Windows\Prefetch 2009-02-28 11:23:29 ----D---- C:\Windows\system32\drivers 2009-02-28 11:20:59 ----AD---- C:\ProgramData\TEMP 2009-02-27 15:04:11 ----D---- C:\Windows\System32 2009-02-27 15:04:10 ----D---- C:\Windows\inf 2009-02-27 15:04:10 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-02-27 15:03:30 ----A---- C:\Windows\win.ini 2009-02-27 15:03:20 ----SHD---- C:\Windows\Installer 2009-02-27 15:00:22 ----D---- C:\Windows\twain_32 2009-02-27 08:17:17 ----SHD---- C:\System Volume Information 2009-02-25 19:11:44 ----D---- C:\Users\Thomas\AppData\Roaming\Azureus 2009-02-25 13:06:25 ----A---- C:\Windows\NeroDigital.ini 2009-02-24 20:18:56 ----RD---- C:\Program Files 2009-02-22 20:50:08 ----D---- C:\Program Files\Paint Shop Pro 5 2009-02-18 12:14:03 ----D---- C:\Windows 2009-02-15 10:54:29 ----D---- C:\Windows\system32\catroot2 2009-02-12 03:21:49 ----D---- C:\Windows\winsxs 2009-02-12 03:17:20 ----D---- C:\Windows\system32\migration 2009-02-12 03:17:20 ----D---- C:\Program Files\Internet Explorer 2009-02-12 03:17:19 ----D---- C:\Windows\AppPatch 2009-02-12 03:04:46 ----D---- C:\Windows\system32\catroot 2009-02-12 03:04:35 ----D---- C:\ProgramData\Microsoft Help 2009-02-12 03:03:15 ----D---- C:\Program Files\Windows Mail 2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe 2009-01-30 14:17:12 ----D---- C:\Users\Thomas\AppData\Roaming\Image Zone Express 2009-01-29 17:43:44 ----D---- C:\Program Files\OrangeHSS ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-11-18 23152] R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-11-18 110160] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-11-18 50864] R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160] R1 NEOFLTR_600_13487;Juniper Networks TDI Filter Driver (NEOFLTR_600_13487); \??\C:\Windows\system32\Drivers\NEOFLTR_600_13487.SYS [2008-08-14 64160] R2 ASCTRM;ASCTRM; C:\Windows\system32\drivers\ASCTRM.sys [2007-03-05 8552] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-11-18 20560] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-18 51792] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192] R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-11-15 14208] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760] R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664] R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664] R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2006-11-02 145920] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024] R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-09-26 50176] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-15 179256] R3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2007-11-15 11264] S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016] S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584] S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632] S3 E100B;Pilote de carte Intel ® PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016] S3 NETw3v32;Pilote de carte réseau Intel® PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-09 1786880] S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-18 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-18 155160] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536] R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2006-12-04 58984] R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016] R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016] R2 WANMiniportService;WAN Miniport (ATW) Service; C:\Windows\wanmpsvc.exe [2003-08-27 65536] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-18 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-18 352920] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2006-10-30 492608] S2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [2006-10-23 46640] S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-26 126976] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-05 138168] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728] -----------------EOF----------------- Et le fichier info info.txt logfile of random's system information tool 1.05 2009-02-28 13:26:35 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} ABBYY FineReader 9.0 Professional Edition-->MsiExec.exe /I{F9000000-0001-0000-0000-074957833700} Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\5bc0f8414ec36c555a3e7e5ec2e225e\Setup.exe Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862} Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Adobe Setup-->MsiExec.exe /I{2274624C-5B38-41AD-AD27-CEC0924EB628} Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D} Adobe Setup-->MsiExec.exe /I{D504303A-717D-414C-BA9F-FE01093E2EF8} Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log Adobe Stock Photos CS3-->C:\Program Files\Common Files\Adobe\Installers\cbb2ea61da9c780bd7e47a5230a9ed7\Setup.exe Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} AOL - Assistant de désinstallation-->C:\Program Files\Common Files\AOL\uninstaller.exe AOL Auto-diagnostic-->C:\Program Files\TechCity Solutions\AOLSAV\uninstall.exe AOL Toolbar-->"C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG" Apple Software Update-->MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ASL_HS_Installer32-->MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Azureus-->C:\Program Files\Azureus\Uninstall.exe Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver" CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD" Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\HUFSetup.EXE -U -Icv30A5za.inf CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall dBpoweramp FLAC Codec-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat dBpoweramp Music Converter-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat Ecran de veille AOL Photos-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe Free PDF to Word Doc Converter v1.1-->"C:\Program Files\Free PDF to Word Doc Converter\unins000.exe" FreeMind-->"C:\Program Files\FreeMind\unins000.exe" FTP Expert 3-->"C:\Program Files\Visicom Media\FTP Expert 3\uninst-ftp.exe" GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe" Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30A5\HXFSETUP.EXE -U -Icpv30A5z.inf Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} Hewlett-Packard Asset Agent-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{21E62565-8639-457C-B64C-A3FF0A8B4D80}\setup.exe -runfromtemp -l0x0409 HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly HP Customer Participation Program 8.0-->C:\Program Files\Hewlett-Packard\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP DVD Play 3.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall HP Easy Setup - Core-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9 HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly HP Help and Support-->MsiExec.exe /I{E4DDBA93-769B-49D8-BA33-8814E45ED0C1} HP Imaging Device Functions 8.0-->C:\Program Files\Hewlett-Packard\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP OCR Software 8.0-->C:\Program Files\Hewlett-Packard\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70} HP Photosmart.All-In-One Driver Software 8.0 .A-->C:\Program Files\Hewlett-Packard\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot HP Quick Launch Buttons 6.10 C1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x40c uninst HP Solution Center 8.0-->C:\Program Files\Hewlett-Packard\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134} HP User Guide 0039-->MsiExec.exe /I{15DD1D3C-8386-47D4-91A4-2D25FAFE1255} HP Wireless Assistant-->MsiExec.exe /I{355FADAF-55C4-4E08-88D4-A86C4CA6930C} IE PassView-->C:\Windows\zipinst.exe /uninst "C:\Program Files\IE PassView\uninst1~.nsu" Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall IPA/SAM Phonetics Fonts-->C:\Windows\unins000.exe iTunes-->MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4} Java SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000} Juniper Networks Secure Application Manager-->C:\Program Files\Juniper Networks\Secure Application Manager\UninstallSAM.exe Juniper Networks Setup Client Activex Control-->C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\LHTTSFRF.inf, Uninstall Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" mmUninstall Magic ISO Maker v5.4 (build 0251)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Reader Text-to-Speech pour le français-->MsiExec.exe /X{6F1547AA-8DA7-4FAC-BA11-BE1659E7086E} Microsoft Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x40c Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C} Moyea FLV Downloader version 1.15.0.15-->"C:\Program Files\Moyea\FLV Downloader\unins000.exe" Moyea FLV Player version 1.5.2.7-->"C:\Program Files\Moyea\FLV Player\unins000.exe" MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MySmtp 3.0 (remove only)-->"C:\Program Files\Groupe Eurower\MySmtp 3.0\uninstall.exe" MySQL Connector/ODBC 3.51-->MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2CB5DEB9723} Nero 7-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u Paint Shop Pro 5.01 CD-->C:\PROGRA~1\PAINTS~1\UNWISE.EXE C:\PROGRA~1\PAINTS~1\INSTALL.LOG QuickTime-->MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A} RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0 RealSpeak Solo pour la voix francaise Virginie-->MsiExec.exe /I{58B0F3ED-6FAE-486C-9AB9-1C06514097B4} Registry Mechanic 8.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87} Roxio Creator EasyArchive-->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B} Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF} Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} RTC Client API v1.2-->MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A} Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Shop for HP Supplies-->C:\Program Files\Hewlett-Packard\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498} Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118} Update for Office 2007 (KB946691)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (k
  6. aaaa298
    Bonjour, J'ai semble-t-il un virus qui m'empêche d'aller où je veux sur internet, notamment dans les recherches google où quand je clique sur un site je suis redirigé vers des publicités, ... à partir d'un lien main.exoclick.fr. Est-ce que quelqu'un pourrait m'aider parce que n'ai pas trouvé de solution à ce problème. Cordialement. Thomas
×
×
  • Créer...