.exe n'est pas une application win32 valide

[hesteban2005]

....re!! bon voila j'envoi le rapportcombofix :

 

 

 

ComboFix 08-03-18.1 - Propriétaire 2008-03-20 15:28:30.4 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.461 [GMT 1:00]

Endroit: C:\Documents and Settings\Propriétaire\Bureau\hesteban2005.exe

Command switches used :: C:\Documents and Settings\PropriÚtaire\Bureau\CFScript.txt

* Création d'un nouveau point de restauration

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\system32\drivers\down

C:\WINDOWS\system32\drivers\down\380500.exe

C:\WINDOWS\system32\drivers\down\380921.exe

C:\WINDOWS\system32\drivers\down\381093.exe

C:\WINDOWS\system32\drivers\down\381171.exe

C:\WINDOWS\system32\drivers\down\381312.exe

C:\WINDOWS\system32\drivers\down\382140.exe

C:\WINDOWS\system32\drivers\down\382656.exe

C:\WINDOWS\system32\drivers\down\383796.exe

C:\WINDOWS\system32\drivers\down\384734.exe

C:\WINDOWS\system32\drivers\down\384859.exe

C:\WINDOWS\system32\drivers\down\385515.exe

C:\WINDOWS\system32\drivers\down\385578.exe

C:\WINDOWS\system32\drivers\down\386656.exe

C:\WINDOWS\system32\drivers\down\387078.exe

C:\WINDOWS\system32\drivers\down\388750.exe

C:\WINDOWS\system32\drivers\down\389140.exe

C:\WINDOWS\system32\drivers\down\389328.exe

C:\WINDOWS\system32\drivers\down\389531.exe

C:\WINDOWS\system32\drivers\down\390218.exe

C:\WINDOWS\system32\drivers\down\391234.exe

C:\WINDOWS\system32\drivers\down\391515.exe

C:\WINDOWS\system32\drivers\down\391593.exe

C:\WINDOWS\system32\drivers\down\391750.exe

C:\WINDOWS\system32\drivers\down\391859.exe

C:\WINDOWS\system32\drivers\down\392500.exe

C:\WINDOWS\system32\drivers\down\392562.exe

C:\WINDOWS\system32\drivers\down\393906.exe

C:\WINDOWS\system32\drivers\down\394218.exe

C:\WINDOWS\system32\drivers\down\394609.exe

C:\WINDOWS\system32\drivers\down\395046.exe

C:\WINDOWS\system32\drivers\down\395312.exe

C:\WINDOWS\system32\drivers\down\396203.exe

C:\WINDOWS\system32\drivers\down\396828.exe

C:\WINDOWS\system32\drivers\down\397734.exe

C:\WINDOWS\system32\drivers\down\398000.exe

C:\WINDOWS\system32\drivers\down\398359.exe

C:\WINDOWS\system32\drivers\down\398968.exe

C:\WINDOWS\system32\drivers\down\399781.exe

C:\WINDOWS\system32\drivers\down\401125.exe

C:\WINDOWS\system32\drivers\down\401171.exe

C:\WINDOWS\system32\drivers\down\402828.exe

C:\WINDOWS\system32\drivers\down\403250.exe

C:\WINDOWS\system32\drivers\down\403296.exe

C:\WINDOWS\system32\drivers\down\403328.exe

C:\WINDOWS\system32\drivers\down\403781.exe

C:\WINDOWS\system32\drivers\down\404687.exe

C:\WINDOWS\system32\drivers\down\405343.exe

C:\WINDOWS\system32\drivers\down\405531.exe

C:\WINDOWS\system32\drivers\down\405937.exe

C:\WINDOWS\system32\drivers\down\406125.exe

C:\WINDOWS\system32\drivers\down\407562.exe

C:\WINDOWS\system32\drivers\down\409031.exe

C:\WINDOWS\system32\drivers\down\409546.exe

C:\WINDOWS\system32\drivers\down\409578.exe

C:\WINDOWS\system32\drivers\down\409734.exe

C:\WINDOWS\system32\drivers\down\411828.exe

C:\WINDOWS\system32\drivers\down\413250.exe

C:\WINDOWS\system32\drivers\down\416296.exe

C:\WINDOWS\system32\drivers\down\417031.exe

C:\WINDOWS\system32\drivers\down\418031.exe

C:\WINDOWS\system32\drivers\down\419062.exe

C:\WINDOWS\system32\drivers\down\419343.exe

C:\WINDOWS\system32\drivers\down\419359.exe

C:\WINDOWS\system32\drivers\down\420375.exe

C:\WINDOWS\system32\drivers\down\421640.exe

C:\WINDOWS\system32\drivers\down\421953.exe

C:\WINDOWS\system32\drivers\down\422796.exe

C:\WINDOWS\system32\drivers\down\423078.exe

C:\WINDOWS\system32\drivers\down\423406.exe

C:\WINDOWS\system32\drivers\down\423796.exe

C:\WINDOWS\system32\drivers\down\424734.exe

C:\WINDOWS\system32\drivers\down\425468.exe

C:\WINDOWS\system32\drivers\down\425687.exe

C:\WINDOWS\system32\drivers\down\426218.exe

C:\WINDOWS\system32\drivers\down\426296.exe

C:\WINDOWS\system32\drivers\down\426687.exe

C:\WINDOWS\system32\drivers\down\427375.exe

C:\WINDOWS\system32\drivers\down\427390.exe

C:\WINDOWS\system32\drivers\down\427859.exe

C:\WINDOWS\system32\drivers\down\427875.exe

C:\WINDOWS\system32\drivers\down\427937.exe

C:\WINDOWS\system32\drivers\down\428390.exe

C:\WINDOWS\system32\drivers\down\428437.exe

C:\WINDOWS\system32\drivers\down\428625.exe

C:\WINDOWS\system32\drivers\down\428734.exe

C:\WINDOWS\system32\drivers\down\428921.exe

C:\WINDOWS\system32\drivers\down\429406.exe

C:\WINDOWS\system32\drivers\down\429796.exe

C:\WINDOWS\system32\drivers\down\430593.exe

C:\WINDOWS\system32\drivers\down\431062.exe

C:\WINDOWS\system32\drivers\down\431093.exe

C:\WINDOWS\system32\drivers\down\431218.exe

C:\WINDOWS\system32\drivers\down\432203.exe

C:\WINDOWS\system32\drivers\down\432281.exe

C:\WINDOWS\system32\drivers\down\433218.exe

C:\WINDOWS\system32\drivers\down\433453.exe

C:\WINDOWS\system32\drivers\down\433781.exe

C:\WINDOWS\system32\drivers\down\434125.exe

C:\WINDOWS\system32\drivers\down\434609.exe

C:\WINDOWS\system32\drivers\down\435531.exe

C:\WINDOWS\system32\drivers\down\435750.exe

C:\WINDOWS\system32\drivers\down\436843.exe

C:\WINDOWS\system32\drivers\down\437015.exe

C:\WINDOWS\system32\drivers\down\439000.exe

C:\WINDOWS\system32\drivers\down\440187.exe

C:\WINDOWS\system32\drivers\down\440250.exe

C:\WINDOWS\system32\drivers\down\440281.exe

C:\WINDOWS\system32\drivers\down\440562.exe

C:\WINDOWS\system32\drivers\down\441234.exe

C:\WINDOWS\system32\drivers\down\441281.exe

C:\WINDOWS\system32\drivers\down\441421.exe

C:\WINDOWS\system32\drivers\down\441921.exe

C:\WINDOWS\system32\drivers\down\442171.exe

C:\WINDOWS\system32\drivers\down\442453.exe

C:\WINDOWS\system32\drivers\down\443859.exe

C:\WINDOWS\system32\drivers\down\444187.exe

C:\WINDOWS\system32\drivers\down\444593.exe

C:\WINDOWS\system32\drivers\down\445546.exe

C:\WINDOWS\system32\drivers\down\44557453.exe

C:\WINDOWS\system32\drivers\down\44560359.exe

C:\WINDOWS\system32\drivers\down\44563015.exe

C:\WINDOWS\system32\drivers\down\44565031.exe

C:\WINDOWS\system32\drivers\down\44570406.exe

C:\WINDOWS\system32\drivers\down\44596531.exe

C:\WINDOWS\system32\drivers\down\44596968.exe

C:\WINDOWS\system32\drivers\down\44605531.exe

C:\WINDOWS\system32\drivers\down\44606453.exe

C:\WINDOWS\system32\drivers\down\44608640.exe

C:\WINDOWS\system32\drivers\down\44610734.exe

C:\WINDOWS\system32\drivers\down\44620843.exe

C:\WINDOWS\system32\drivers\down\44624703.exe

C:\WINDOWS\system32\drivers\down\44626093.exe

C:\WINDOWS\system32\drivers\down\44627578.exe

C:\WINDOWS\system32\drivers\down\44629890.exe

C:\WINDOWS\system32\drivers\down\44662781.exe

C:\WINDOWS\system32\drivers\down\44667234.exe

C:\WINDOWS\system32\drivers\down\447109.exe

C:\WINDOWS\system32\drivers\down\44739015.exe

C:\WINDOWS\system32\drivers\down\447406.exe

C:\WINDOWS\system32\drivers\down\447468.exe

C:\WINDOWS\system32\drivers\down\44757500.exe

C:\WINDOWS\system32\drivers\down\44771734.exe

C:\WINDOWS\system32\drivers\down\447718.exe

C:\WINDOWS\system32\drivers\down\44792125.exe

C:\WINDOWS\system32\drivers\down\44819609.exe

C:\WINDOWS\system32\drivers\down\44857343.exe

C:\WINDOWS\system32\drivers\down\44864937.exe

C:\WINDOWS\system32\drivers\down\448671.exe

C:\WINDOWS\system32\drivers\down\44906171.exe

C:\WINDOWS\system32\drivers\down\449093.exe

C:\WINDOWS\system32\drivers\down\44913406.exe

C:\WINDOWS\system32\drivers\down\449312.exe

C:\WINDOWS\system32\drivers\down\44938296.exe

C:\WINDOWS\system32\drivers\down\44942609.exe

C:\WINDOWS\system32\drivers\down\44960093.exe

C:\WINDOWS\system32\drivers\down\449718.exe

C:\WINDOWS\system32\drivers\down\44983093.exe

C:\WINDOWS\system32\drivers\down\44987703.exe

C:\WINDOWS\system32\drivers\down\450234.exe

C:\WINDOWS\system32\drivers\down\45051203.exe

C:\WINDOWS\system32\drivers\down\450671.exe

C:\WINDOWS\system32\drivers\down\45076656.exe

C:\WINDOWS\system32\drivers\down\45085109.exe

C:\WINDOWS\system32\drivers\down\45086359.exe

C:\WINDOWS\system32\drivers\down\45104265.exe

C:\WINDOWS\system32\drivers\down\451125.exe

C:\WINDOWS\system32\drivers\down\451578.exe

C:\WINDOWS\system32\drivers\down\45179203.exe

C:\WINDOWS\system32\drivers\down\45180203.exe

C:\WINDOWS\system32\drivers\down\45190796.exe

C:\WINDOWS\system32\drivers\down\452359.exe

C:\WINDOWS\system32\drivers\down\452421.exe

C:\WINDOWS\system32\drivers\down\45245234.exe

C:\WINDOWS\system32\drivers\down\452703.exe

C:\WINDOWS\system32\drivers\down\45319890.exe

C:\WINDOWS\system32\drivers\down\45340625.exe

C:\WINDOWS\system32\drivers\down\453718.exe

C:\WINDOWS\system32\drivers\down\453734.exe

C:\WINDOWS\system32\drivers\down\45428562.exe

C:\WINDOWS\system32\drivers\down\45471468.exe

C:\WINDOWS\system32\drivers\down\45487515.exe

C:\WINDOWS\system32\drivers\down\45492671.exe

C:\WINDOWS\system32\drivers\down\45531125.exe

C:\WINDOWS\system32\drivers\down\456390.exe

C:\WINDOWS\system32\drivers\down\45667203.exe

C:\WINDOWS\system32\drivers\down\456984.exe

C:\WINDOWS\system32\drivers\down\45716359.exe

C:\WINDOWS\system32\drivers\down\457515.exe

C:\WINDOWS\system32\drivers\down\457531.exe

C:\WINDOWS\system32\drivers\down\457546.exe

C:\WINDOWS\system32\drivers\down\458437.exe

C:\WINDOWS\system32\drivers\down\458546.exe

C:\WINDOWS\system32\drivers\down\459031.exe

C:\WINDOWS\system32\drivers\down\459656.exe

C:\WINDOWS\system32\drivers\down\461484.exe

C:\WINDOWS\system32\drivers\down\462281.exe

C:\WINDOWS\system32\drivers\down\462406.exe

C:\WINDOWS\system32\drivers\down\462421.exe

C:\WINDOWS\system32\drivers\down\463156.exe

C:\WINDOWS\system32\drivers\down\463531.exe

C:\WINDOWS\system32\drivers\down\464765.exe

C:\WINDOWS\system32\drivers\down\465046.exe

C:\WINDOWS\system32\drivers\down\465937.exe

C:\WINDOWS\system32\drivers\down\466125.exe

C:\WINDOWS\system32\drivers\down\466250.exe

C:\WINDOWS\system32\drivers\down\466437.exe

C:\WINDOWS\system32\drivers\down\466578.exe

C:\WINDOWS\system32\drivers\down\466671.exe

C:\WINDOWS\system32\drivers\down\467468.exe

C:\WINDOWS\system32\drivers\down\467656.exe

C:\WINDOWS\system32\drivers\down\468296.exe

C:\WINDOWS\system32\drivers\down\468343.exe

C:\WINDOWS\system32\drivers\down\469984.exe

C:\WINDOWS\system32\drivers\down\470234.exe

C:\WINDOWS\system32\drivers\down\471375.exe

C:\WINDOWS\system32\drivers\down\471906.exe

C:\WINDOWS\system32\drivers\down\473671.exe

C:\WINDOWS\system32\drivers\down\473734.exe

C:\WINDOWS\system32\drivers\down\474156.exe

C:\WINDOWS\system32\drivers\down\474203.exe

C:\WINDOWS\system32\drivers\down\474343.exe

C:\WINDOWS\system32\drivers\down\476203.exe

C:\WINDOWS\system32\drivers\down\478453.exe

C:\WINDOWS\system32\drivers\down\479625.exe

C:\WINDOWS\system32\drivers\down\480156.exe

C:\WINDOWS\system32\drivers\down\482875.exe

C:\WINDOWS\system32\drivers\down\483703.exe

C:\WINDOWS\system32\drivers\down\483859.exe

C:\WINDOWS\system32\drivers\down\484468.exe

C:\WINDOWS\system32\drivers\down\486656.exe

C:\WINDOWS\system32\drivers\down\487046.exe

C:\WINDOWS\system32\drivers\down\488250.exe

C:\WINDOWS\system32\drivers\down\489734.exe

C:\WINDOWS\system32\drivers\down\490171.exe

C:\WINDOWS\system32\drivers\down\490484.exe

C:\WINDOWS\system32\drivers\down\490656.exe

C:\WINDOWS\system32\drivers\down\490718.exe

C:\WINDOWS\system32\drivers\down\491312.exe

C:\WINDOWS\system32\drivers\down\492906.exe

C:\WINDOWS\system32\drivers\down\493312.exe

C:\WINDOWS\system32\drivers\down\493906.exe

C:\WINDOWS\system32\drivers\down\494531.exe

C:\WINDOWS\system32\drivers\down\496093.exe

C:\WINDOWS\system32\drivers\down\497421.exe

C:\WINDOWS\system32\drivers\down\498703.exe

C:\WINDOWS\system32\drivers\down\498796.exe

C:\WINDOWS\system32\drivers\down\502968.exe

C:\WINDOWS\system32\drivers\down\503031.exe

C:\WINDOWS\system32\drivers\down\503453.exe

C:\WINDOWS\system32\drivers\down\503906.exe

C:\WINDOWS\system32\drivers\down\507453.exe

C:\WINDOWS\system32\drivers\down\511859.exe

C:\WINDOWS\system32\drivers\down\515609.exe

C:\WINDOWS\system32\drivers\down\518343.exe

C:\WINDOWS\system32\drivers\down\519171.exe

C:\WINDOWS\system32\drivers\down\519734.exe

C:\WINDOWS\system32\drivers\down\519968.exe

C:\WINDOWS\system32\drivers\down\520468.exe

C:\WINDOWS\system32\drivers\down\524343.exe

C:\WINDOWS\system32\drivers\down\526359.exe

C:\WINDOWS\system32\drivers\down\526515.exe

C:\WINDOWS\system32\drivers\down\526859.exe

C:\WINDOWS\system32\drivers\down\528187.exe

C:\WINDOWS\system32\drivers\down\529031.exe

C:\WINDOWS\system32\drivers\down\529171.exe

C:\WINDOWS\system32\drivers\down\530437.exe

C:\WINDOWS\system32\drivers\down\533234.exe

C:\WINDOWS\system32\drivers\down\533750.exe

C:\WINDOWS\system32\drivers\down\536125.exe

C:\WINDOWS\system32\drivers\down\539718.exe

C:\WINDOWS\system32\drivers\down\540000.exe

C:\WINDOWS\system32\drivers\down\546265.exe

C:\WINDOWS\system32\drivers\down\550718.exe

C:\WINDOWS\system32\drivers\down\554296.exe

C:\WINDOWS\system32\drivers\down\556593.exe

C:\WINDOWS\system32\drivers\down\558593.exe

C:\WINDOWS\system32\drivers\down\562765.exe

C:\WINDOWS\system32\drivers\down\570281.exe

C:\WINDOWS\system32\drivers\down\574546.exe

C:\WINDOWS\system32\drivers\down\590656.exe

C:\WINDOWS\system32\drivers\down\595531.exe

C:\WINDOWS\system32\drivers\down\598906.exe

C:\WINDOWS\system32\drivers\down\60209468.exe

C:\WINDOWS\system32\drivers\down\60211406.exe

C:\WINDOWS\system32\drivers\down\60237875.exe

C:\WINDOWS\system32\drivers\down\60238312.exe

C:\WINDOWS\system32\drivers\down\60242000.exe

C:\WINDOWS\system32\drivers\down\60250984.exe

C:\WINDOWS\system32\drivers\down\60260234.exe

C:\WINDOWS\system32\drivers\down\60316312.exe

C:\WINDOWS\system32\drivers\down\60348500.exe

C:\WINDOWS\system32\drivers\down\60361281.exe

C:\WINDOWS\system32\drivers\down\60378593.exe

C:\WINDOWS\system32\drivers\down\60424796.exe

C:\WINDOWS\system32\drivers\down\60462375.exe

C:\WINDOWS\system32\drivers\down\60467718.exe

C:\WINDOWS\system32\drivers\down\60468500.exe

C:\WINDOWS\system32\drivers\down\60487296.exe

C:\WINDOWS\system32\drivers\down\60555296.exe

C:\WINDOWS\system32\drivers\down\60561375.exe

C:\WINDOWS\system32\drivers\down\647062.exe

C:\WINDOWS\system32\drivers\down\658937.exe

C:\WINDOWS\system32\drivers\down\681421.exe

C:\WINDOWS\system32\drivers\down\683421.exe

C:\WINDOWS\system32\drivers\down\692343.exe

C:\WINDOWS\system32\drivers\down\694687.exe

C:\WINDOWS\system32\drivers\down\697843.exe

C:\WINDOWS\system32\drivers\down\701015.exe

C:\WINDOWS\system32\drivers\down\702015.exe

C:\WINDOWS\system32\drivers\down\704156.exe

C:\WINDOWS\system32\drivers\down\708046.exe

C:\WINDOWS\system32\drivers\down\709578.exe

C:\WINDOWS\system32\drivers\down\712687.exe

C:\WINDOWS\system32\drivers\down\716609.exe

C:\WINDOWS\system32\drivers\down\718390.exe

C:\WINDOWS\system32\drivers\down\722359.exe

C:\WINDOWS\system32\drivers\down\727187.exe

C:\WINDOWS\system32\drivers\down\728843.exe

C:\WINDOWS\system32\drivers\down\734218.exe

C:\WINDOWS\system32\drivers\down\736500.exe

C:\WINDOWS\system32\drivers\down\739156.exe

C:\WINDOWS\system32\drivers\down\740265.exe

C:\WINDOWS\system32\drivers\down\748312.exe

C:\WINDOWS\system32\drivers\down\75006796.exe

C:\WINDOWS\system32\drivers\down\75017515.exe

C:\WINDOWS\system32\drivers\down\75017734.exe

C:\WINDOWS\system32\drivers\down\75019296.exe

C:\WINDOWS\system32\drivers\down\75045109.exe

C:\WINDOWS\system32\drivers\down\75046187.exe

C:\WINDOWS\system32\drivers\down\75056890.exe

C:\WINDOWS\system32\drivers\down\75152046.exe

C:\WINDOWS\system32\drivers\down\75167687.exe

C:\WINDOWS\system32\drivers\down\75175718.exe

C:\WINDOWS\system32\drivers\down\75207234.exe

C:\WINDOWS\system32\drivers\down\75243109.exe

C:\WINDOWS\system32\drivers\down\75249203.exe

C:\WINDOWS\system32\drivers\down\75253875.exe

C:\WINDOWS\system32\drivers\down\75254312.exe

C:\WINDOWS\system32\drivers\down\75264781.exe

C:\WINDOWS\system32\drivers\down\75363218.exe

C:\WINDOWS\system32\drivers\down\75371312.exe

C:\WINDOWS\system32\drivers\down\763359.exe

C:\WINDOWS\system32\drivers\down\767500.exe

C:\WINDOWS\system32\drivers\down\767671.exe

C:\WINDOWS\system32\drivers\down\770203.exe

C:\WINDOWS\system32\drivers\down\773453.exe

C:\WINDOWS\system32\drivers\down\775687.exe

C:\WINDOWS\system32\drivers\down\801375.exe

C:\WINDOWS\system32\drivers\down\809343.exe

C:\WINDOWS\system32\drivers\down\813578.exe

C:\WINDOWS\system32\drivers\down\850234.exe

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_srosa

 

 

((((((((((((((((((((((((((((( Fichiers créés 2008-02-20 to 2008-03-20 ))))))))))))))))))))))))))))))))))))

.

 

2008-03-20 01:56 . <REP> C:\Documents and Settings\PropriÚtaire\Local Settings

2008-03-20 01:56 . <REP> C:\Documents and Settings\PropriÚtaire\Local Settings

2008-03-20 01:10 . 2008-03-20 01:10 724,729 --a------ C:\catchme2008-03-20_152829.20.zip

2008-03-19 16:29 . 2008-03-19 16:29 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab

2008-03-19 16:29 . 2008-03-19 16:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab

2008-03-19 07:49 . 2007-01-15 18:25 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys

2008-03-19 07:49 . 2006-12-21 00:51 31,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys

2008-03-19 07:49 . 2007-01-15 18:26 23,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys

2008-03-19 07:48 . 2006-12-21 00:56 94,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys

2008-03-19 07:48 . 2006-12-21 00:56 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys

2008-03-19 07:47 . 2008-03-19 07:47 <REP> d-------- C:\Program Files\Alwil Software

2008-03-19 07:47 . 2007-01-15 18:32 689,280 --a------ C:\WINDOWS\system32\aswBoot.exe

2008-03-19 07:47 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx

2008-03-19 07:47 . 2007-01-15 18:23 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr

2008-03-19 07:40 . 2008-03-19 07:41 18,944 --ahs---- C:\WINDOWS\system32\Thumbs.db

2008-03-18 00:55 . 2008-03-18 00:55 5,120 --ahs---- C:\Thumbs.db

2008-03-18 00:49 . 2008-03-18 00:54 57,968,640 --a------ C:\film.avi

2008-03-18 00:00 . 2008-03-18 00:00 887 --a------ C:\WINDOWS\cPVAS.INI

2008-03-17 19:26 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe

2008-03-17 19:26 . 2007-11-13 09:31 399,360 --a------ C:\WINDOWS\system32\Smab.dll

2008-03-17 19:26 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe

2008-03-17 19:26 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe

2008-03-17 19:26 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll

2008-03-17 19:26 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe

2008-03-17 19:26 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll

2008-03-17 19:24 . 2005-02-13 00:00 186,880 -r-hs---- C:\WINDOWS\system32\RLOgg.ax

2008-03-17 19:24 . 2005-01-18 00:26 179,200 -r-hs---- C:\WINDOWS\system32\DiracSplitter.ax

2008-03-17 19:24 . 2006-08-16 15:53 175,104 -r-hs---- C:\WINDOWS\system32\CoreAAC.ax

2008-03-17 19:24 . 2005-02-06 00:00 92,672 -r-hs---- C:\WINDOWS\system32\RLVorbisDec.ax

2008-03-17 19:24 . 2005-02-13 00:00 67,584 -r-hs---- C:\WINDOWS\system32\RLTheoraDec.ax

2008-03-17 19:24 . 2005-02-13 00:00 51,712 -r-hs---- C:\WINDOWS\system32\RLSpeexDec.ax

2008-03-17 18:28 . 2008-03-17 18:28 <REP> d-------- C:\Program Files\MIKSOFT

2008-03-03 03:34 . 2008-03-03 03:34 <REP> d--hs---- C:\found.002

2008-03-03 03:05 . 2008-03-03 03:05 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2008-03-02 23:58 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-03-02 23:58 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2008-03-02 23:58 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-03-02 06:10 . 2008-03-02 06:13 <REP> d-------- C:\Program Files\Windows Live

2008-03-02 06:10 . 2008-03-02 06:11 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-03-02 06:09 . 2008-03-02 06:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-02-29 02:28 . 2008-03-02 19:40 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

2008-02-29 02:26 . 2008-02-29 02:26 <REP> d-------- C:\Program Files\Smart PC Solutions

2008-02-21 14:35 . 2008-02-21 14:35 <REP> d--hs---- C:\found.001

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-19 16:19 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared

2008-03-18 00:17 --------- d-----w C:\Program Files\WebcamMax

2008-03-17 23:48 --------- d-----w C:\Program Files\Ripp-it_AM

2008-03-17 23:42 --------- d-----w C:\Program Files\AviSynth 2.5

2008-03-16 10:20 --------- d-----w C:\Program Files\eMule

2008-03-16 04:12 94,208 ----a-w C:\WINDOWS\DUMP4c12.tmp

2008-03-16 04:08 94,208 ----a-w C:\WINDOWS\DUMPaf1c.tmp

2008-03-10 05:31 --------- d-----w C:\Program Files\Azureus

2008-03-02 06:50 --------- d-----w C:\Program Files\MSN Messenger

2008-02-22 00:07 94,208 ----a-w C:\WINDOWS\DUMP693a.tmp

2008-02-17 04:18 --------- d-----w C:\Program Files\Namtuk

2008-02-14 04:22 --------- d-----w C:\Program Files\MSECache

2008-02-14 03:54 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Ahead

2008-02-12 02:53 --------- d-----w C:\Program Files\Google

2008-02-05 02:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Webcammax

2008-02-01 00:41 --------- d-----w C:\Program Files\Fichiers communs\Real

2008-01-31 01:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\SlySoft

2008-01-31 01:40 --------- d-----w C:\Program Files\SlySoft

2008-01-28 22:43 --------- d-----w C:\Program Files\KC Softwares

2008-01-28 22:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Emjysoft

2008-01-20 16:23 --------- d-----w C:\Program Files\Anuman Interactive

.

 

((((((((((((((((((((((((((((( snapshot_2008-03-20_ 1.49.47.84 )))))))))))))))))))))))))))))))))))))))))

.

+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE

+ 2008-03-20 14:40:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_140.dat

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]

"RemoteCenter"="C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE" [2006-04-03 06:06 647168]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-19 13:18 68856]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 15:14 147456]

"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 15:53 73840]

"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 15:45 313472]

"Yahoo! Pager"="~C:\Program Files\Yahoo!\Messenger\ypager.exe" [ ]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"="SOUNDMAN.EXE" [2004-09-16 19:39 69632 C:\WINDOWS\SOUNDMAN.EXE]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 15:15 221184]

"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 16:15 454656]

"SbUsb AudCtrl"="sbusbdll.dll" [2004-07-09 03:27 119296 C:\WINDOWS\system32\sbusbdll.dll]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00 90112]

"EPSON Stylus Photo R300 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.exe" [2003-09-11 04:00 99840]

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 14:49 49152]

"MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-06-19 08:50 180224]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

"QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2007-06-04 18:22 98304]

"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648]

"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-22 20:05 339968]

"PMCS"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" [2004-09-29 07:39 24576]

"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-11-10 16:06 406016]

"PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2004-09-23 17:56 73728]

"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 15:53 73840]

"MMTray"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" [2003-03-25 04:49 53248]

"mmtray2k"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" [2003-03-25 04:49 57344]

"mmtraylsi"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" [2003-03-25 04:49 53248]

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35 90112]

"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 16:06 212992]

"CTSysVol"="C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43 57344]

"WebcamMaxMoniter"="C:\Program Files\WebcamMax\wcmmon.exe" [2007-08-01 01:55 450048]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-20 01:09 108160]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=

"C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaCenterService\\PMC.Service.Main.exe"=

"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=

"C:\\Program Files\\Azureus\\Azureus.exe"=

"C:\\Program Files\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"=

"C:\\Program Files\\Pinnacle\\MediaCenter\\PMC.exe"=

"C:\\Program Files\\eMule\\emule.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

 

R0 sonyhcb;Sony Digital Imaging Base;C:\WINDOWS\system32\DRIVERS\sonyhcb.sys [2001-11-05 08:23]

R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2001-12-20 07:02]

R2 CamthWDM;WebcamMax, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2007-01-11 06:39]

R2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [2001-08-06 04:41]

R3 3xHybrid;Pinnacle PCTV Stereo service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-09-03 11:14]

R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-09-21 11:24]

R3 sbusb;Sound Blaster USB Audio Driver;C:\WINDOWS\system32\DRIVERS\sbusb.sys [2004-07-27 10:31]

S3 EraserUtilDrv10741;EraserUtilDrv10741;C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilDrv10741.sys []

S3 P1001VID;Creative WebCam (WDM);C:\WINDOWS\system32\DRIVERS\P1001Vid.sys [2002-01-30 03:25]

S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2004-02-14 05:09]

S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2005-12-22 13:45]

S3 sonyhcs;Sony Digital Imaging Video;C:\WINDOWS\system32\DRIVERS\sonyhcs.sys [2001-11-05 08:23]

S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

 

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-20 15:40:50

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe

C:\Program Files\Netropa\Onscreen Display\OSD.exe

C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program Files\PowerCheck\PowerCheck.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

.

**************************************************************************

.

Temps d'accomplissement: 2008-03-20 15:46:02 - machine was rebooted

ComboFix-quarantined-files.txt 2008-03-20 14:45:57

ComboFix2.txt 2008-03-20 00:56:45

ComboFix3.txt 2007-12-07 01:47:47

 

je vais continuer la suite.... ....HESTEBAN 2005

[hesteban2005]

....bonsoir.... voila j'envoie le rapport kaspersky ..

 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Thursday, March 20, 2008 10:56:39 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 20/03/2008

Kaspersky Anti-Virus database records: 644561

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - My Computer:

C:\

E:\

F:\

G:\

J:\

 

Scan Statistics:

Total number of scanned objects: 83462

Number of viruses found: 9

Number of infected objects: 57

Number of suspicious objects: 0

Duration of the scan process: 04:19:28

 

Infected Object Name / Virus Name / Last Action

C:\catchme2008-03-20_152829.20.zip/srosa.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped

C:\catchme2008-03-20_152829.20.zip/wintems.exe Infected: Email-Worm.Win32.Bagle.of skipped

C:\catchme2008-03-20_152829.20.zip/mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped

C:\catchme2008-03-20_152829.20.zip/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped

C:\catchme2008-03-20_152829.20.zip ZIP: infected - 4 skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Propriétaire\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012008032020080321\index.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Temp\Perflib_Perfdata_5b0.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF238C.tmp Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\ntuser.dat Object is locked skipped

C:\Documents and Settings\Propriétaire\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14915531.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14922015.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14923750.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14982890.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\15235500.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\29806578.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\29841687.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30004421.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30056281.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30061765.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\301156.exe.vir Infected: Trojan-PSW.Win32.Agent.xd skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\323796.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\340203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\346078.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\346921.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\348203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\351484.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\352140.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\352500.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\354140.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\361609.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\365781.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\370562.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\375796.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\377203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\380921.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\384734.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\386656.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\391593.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\392562.exe.vir Infected: Trojan.Win32.Pakes.bwy skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\406125.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\420375.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\44605531.exe.vir Infected: Trojan-PSW.Win32.Agent.xd skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\44864937.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\60211406.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\60238312.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\683421.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\702015.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\75017734.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\qoobox\Quarantine\Registry_backups\Service_srosa.reg.dat Infected: Trojan-Downloader.Win32.Bagle.hp skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_140.dat Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip/WebcamMax 4.0.1.0 (Key+Serial).exe Infected: Trojan-Downloader.Win32.Bagle.li skipped

E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip ZIP: infected - 1 skipped

E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

E:\PROGRAMMES\Nero-7.7.5.1 FR.rar RAR: infected - 2 skipped

E:\PROGRAMMES\photo.exe/file11 Infected: Backdoor.Win32.LiteBot.i skipped

E:\PROGRAMMES\photo.exe Inno: infected - 1 skipped

E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe 7-Zip: infected - 1 skipped

F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe 7-Zip: infected - 1 skipped

F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

 

Scan process completed.

 

 

je vais installer Antivir....en esprant ne pas avoir de probleme pour desinstallé avast!! ...et que je vais comprendre l'anglais!!

MERCI HESTEBAN 2005

[Thanos]

re!

 

Ok, il ne reste qu'un fichier infecté qu'Antivir va traiter.

Une fois Antivir installé/configuré/mis à jour comme dans le lien, un scan va se lancer automatiquement: stoppe le car on va le faire en mode sans échec!!

 

Va jusqu'au bout et si tu rencontres un problème, n'hésite pas à me le dire

 

Tu as deux possiblités pour consulter les instructions qui suivent:

 

-Soit tu copie/colles le contenu de la procédure dans un fichier texte (que tu met sur le bureau) pour pouvoir le consulter en mode sans échec(tu n'auras pas accès à internet!).

 

-Tu peux également enregistrer la page web complète, sur laquelle se trouve la procédure,

en le faisant à partir de ton navigateur :

 

-Aller en haut de page et cliquer sur le menu"Fichier" : une liste apparait=>

-Choisis "Enregistrer sous" et choisis "Bureau".

-Ensuite cliquer sur le bouton "Enregistrer" à droite du champs "nom du fichier".

 

Pour lire la procédure en mode sans échec, tu n'auras qu'à double cliquer sur le fichier .exe n'est pas une application win32 valide (avec l'icone de ton navigateur) situé sur le bureau.(tu noteras qu'un nouveau dossier va se créer sur le bureau en plus du fichier : c'est normal!) De cette manière, tu conserveras toutes les mises en formes et les couleurs de la procédure, et cela permettra de t'y retrouver.

 

**********

 

1) Redémarre le PC, impérativement en mode sans échec.

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement > Tapote par alternance les touches [F8] et [F5] jusqu'à l'affichage du menu des options avancées de Windows.

Sélectionne "Mode sans échec" et appuie sur la touche [Entrée].

Choisis ton compte usuel, et non Administrateur.

En images ici > http://cybersecurite.xooit.com/t88-Demarre...-sans-echec.htm

 

2) Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBLive\RemoteCenter\Rc\Rcman.exe

-Ferme tous les programmes et clique sur "Fix Checked"

 

3) Désinstallation de ComboFix >>

 

Passe maintenant par le Menu Démarrer > Exécuter > et tape ceci > ComboFix /u (il ya un espace entre x et / )

Une fenêtre va s'ouvrir et ComboFix sera désinstallé de ton pc.

 

Elimine le fichier suivant et vide la corbeille>> C:\catchme2008-03-20_152829.20.zip

 

4) Scan du pc avec Antivir >>

 

Double clique sur l'icône d'Antivir pour lancer le programme

• Pour démarrer un scan, il suffit de cliquer sur l'onglet Scanner
  
• Choisis les éléments à scanner > choisis Local Drives
  
• Clique sur l'icône pour démarrer le scan.
  
• Lorsqu'une infection est détectée, clique sur le bouton Move to quarantine puis coche la case Apply selection to all following detections > cilque sur [ok] pour valider.
  
• Une fois le scan terminé, clique sur le bouton report > un rapport va être créé : enregistre le sur le bureau.
  

 

5) Redémarre ton pc >>

 

Télécharge Deckard's System Scanner (DSS) sur ton bureau.

Tu dois possèder les droits administrateurs pour le lancer.

• Ferme toutes les applications en cours (fenêtres internet etc...)
  
• Double-clique sur dss.exe pour lancer le programme.
  
• DSS va afficher un message et te proposer d'installer Hijackthis: clique sur OUI.
  
• Un nouveau message va te demander de t'assurer que ton pare-feu (si tu en as un) accepte bien la connexion de DSS.exe à internet: clique sur OK et donne lui l'accès si tu reçois une alerte de ton pare-feu.
  
• Lorsque le scan est terminé, deux fichiers texte vont s'ouvrir.
  
• Poste le contenu du rapport nommé main.txt
  
• Si tu ne vois pas le rapport, tu le trouvera dans le dossier suivant > C:\Deckard\System Scanner
  

Que fait DSS ? >

• Il créé un point de restauration pour Windows Xp et Vista.
  
• Il nettoie les fichiers temporaires, le contenu du dossier Downloaded Program Files, le cache internet,et vide aussi la corbeille sur tous les lecteurs.
  
• Il contrôle quelques points névralgiques du système et produit un rapport à soumettre à un analyste.
  
• DSS lance automatiquement HijackThis,si tu ne possèdes pas ce programme, il va l'installer et créer un raccourci sur le bureau.
  

Poste stp le rapport d'Antivir ainsi que le rapport DSS: après ca, ca doit être bon

[hesteban2005]

bonjour Thanos,

 

merci pour tout ces conseils.Mais je pourrais pas le faire avant la fin du week end,car je pars..

 

Des que j'ai fait tout ca je posterais...

merci encore et bon week end!!

[hesteban2005]

...autre chose....j'ai installer l'antivirus,mais j'ai stopper le scan...(c'etait ecrit) je le ferais en rentrant.

 

bon j'esper ne pas avoir choper d'autres virus depuis!!...aller bye!!

[Thanos]

salut

 

Pas de souci, tu passes quand tu peux. Je mêt ceci car c'est important >>

 

Comment as tu infecté ce pc ? Fais moi/toi plaisir: lis bien ce qui suit pour ne pas retomber dans le piège, sinon tu vas passer ton temps à désinfecter ce pc et à en infecter d'autres à ton insu...

 

Qu'y a t'il d'intéressant dans le rapport de scan Kaspersky ?

 

E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip/WebcamMax 4.0.1.0 (Key+Serial).exe Infected: Trojan-Downloader.Win32.Bagle.li skipped

E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip ZIP: infected - 1 skipped

E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

E:\PROGRAMMES\Nero-7.7.5.1 FR.rar RAR: infected - 2 skipped

 

Ce qui suit n'est pas pour te faire la morale, mais une info à retenir >>

 

Fais gaffe avec l'utilisation des logiciels P2P/ les cracks/keygens etc...!! ce sont les principaux vecteurs d'infection! Pour t'en convaincre, lis ces deux topics très clairs:

le premier est de Malekal et concerne les cracks => http://forum.malekal.com/viewtopic.php?f=33&t=893

le second de Tesgaz concerne le P2P en général => http://forum.zebulon.fr/index.php?showtopic=85544

Les infections véhiculées pas le p2p sont une menace réelle!! par exemple le vers Worm.Win32_Sumom-A qui est un ver de messagerie instantanée et de réseaux peer-to-peer,se met dans le dossier incoming/Shared afin d'être expédié à toutes les personnes qui partagent tes téléchargements...=> http://www.virustraq.com/info_virus/10134/details/

Maintenant que tu sais, c'est à toi de voir... est ce que ca vaut le coup de risquer une grosse infection(et mettre tes données en peril)? La plupart des logiciels payants ont un équivalent en freeware.

Comme tu as pu voir, les cracks sont à 90% des infections déguisées...et c'est comme ca que tu as toi même infecté ton pc: tu as téléchargé Bagle !

 

@+

[hesteban2005]

comment je fait pour "demarrer" Hijackthis.... ou alors je suis vraiment trop nul.... merci......

 

 

comment je fait pour "demarrer" Hijackthis.... ou alors je suis vraiment trop nul.... merci......

[Thanos]

salut

 

Excuse moi, bêtise de ma part!! hijackthis n'est pas encore présent sur ton pc: c'est DSS qui va s'occuper de le télécharger et de l'installer!

 

L'étape suivante, on la fera après avoir utilisé DSS >>

 

2) Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

 

O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBLive\RemoteCenter\Rc\Rcman.exe

 

-Ferme tous les programmes et clique sur "Fix Checked"

 

Donc, la marche à suivre >>

 

- Mettre Antivir à jour

- Redémarrer le pc en mode sans échec

- Désinstaller ComboFix

- Scanner le pc avec Antivir

- Redémarrer le pc

- Lancer DSS qui va lui même créer un rapport hijackthis (intégré au rapport main.txt)

- Poster les rapports d'Antivir et de DSS.

 

désolé pour le contretemps

Modifié le 23 mars 2008 par Thanos

[hesteban2005]

...bonjour Thanos.. voici les rappports Antivir:

 

 

 

AntiVir PersonalEdition Classic

Report file date: dimanche 23 mars 2008 13:01

 

Scanning for 1161960 virus strains and unwanted programs.

 

Licensed to: Avira AntiVir PersonalEdition Classic

Serial number: 0000149996-ADJIE-0001

Platform: Windows XP

Windows version: (Service Pack 2) [5.1.2600]

Username: Propriétaire

Computer name: DOUDOU

 

Version information:

BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00

AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29

AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51

LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47

LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20

ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15

ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 22:31:04

ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 22:30:24

ANTIVIR3.VDF : 7.0.3.64 16384 Bytes 22/03/2008 22:29:56

AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 20/03/2008 22:31:12

AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26

AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17

AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24

AVPACK32.DLL : 7.6.0.3 360488 Bytes 20/03/2008 22:31:12

AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06

AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33

AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18

NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42

RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13

RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37

SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

 

Configuration settings for the scan:

Jobname..........................: Complete system scan

Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp

Logging..........................: low

Primary action...................: interactive

Secondary action.................: ignore

Scan master boot sector..........: off

Scan boot sector.................: on

Boot sectors.....................: F:,

Scan memory......................: on

Process scan.....................: on

Scan registry....................: on

Search for rootkits..............: off

Scan all files...................: All files

Scan archives....................: on

Recursion depth..................: 20

Smart extensions.................: on

Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,

Macro heuristic..................: on

File heuristic...................: medium

Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

 

Start of the scan: dimanche 23 mars 2008 13:01

 

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

11 processes with 11 modules were scanned

 

Start scanning boot sectors:

Boot sector 'C:\'

[NOTE] No virus was found!

Boot sector 'E:\'

[NOTE] No virus was found!

Boot sector 'F:\'

[NOTE] No virus was found!

 

Starting to scan the registry.

The registry was scanned ( '63' files ).

 

 

Starting the file scan:

 

Begin scan in 'C:\'

C:\pagefile.sys

[WARNING] The file could not be opened!

Begin scan in 'E:\' <DD1>

E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip

[0] Archive type: ZIP

--> WebcamMax 4.0.1.0 (Key+Serial).exe

[DETECTION] Is the Trojan horse TR/Killav.NX.1

[iNFO] The file was moved to '4848e0b0.qua'!

E:\Emule-incoming\WebcamMax CamFrog Camtasia With Patches or Serials.zip

[0] Archive type: ZIP

--> Webcam Apps/Camfrog Video Chat v3/Camfrog 3.6 Patch.exe

[DETECTION] Is the Trojan horse TR/Agent.41984.E

[iNFO] The file was moved to '4848e0d0.qua'!

Begin scan in 'F:\' <DD2>

F:\Musiques\Frédéric FRANCOIS\Frédéric.Francois.60.Chansons.3.Cd.ace

[0] Archive type: ACE

--> Frdric FRANCOIS_60 Chansons_3 Cd\Frdric FRANCOIS_60 Chansons-Inside-Back.jpg

[WARNING] Error creating the file

--> Frdric FRANCOIS_60 Chansons_3 Cd\Frdric FRANCOIS_60 Chansons-Inside-Front.jpg

[WARNING] No further files can be extracted from this archive. The archive will be closed

[WARNING] No further files can be extracted from this archive. The archive will be closed

F:\Musiques\musiques packard a trier du 28.07.06\Abba-.The.Definitive.Collection.ace

[0] Archive type: ACE

--> Abba front.jpg

[WARNING] Error creating the file

--> Abba back.jpg

[WARNING] No further files can be extracted from this archive. The archive will be closed

[WARNING] No further files can be extracted from this archive. The archive will be closed

 

 

End of the scan: lundi 24 mars 2008 01:47

Used time: 12:45:27 min

 

The scan has been done completely.

 

7794 Scanning directories

288351 Files were scanned

2 viruses and/or unwanted programs were found

0 Files were classified as suspicious:

0 files were deleted

0 files were repaired

2 files were moved to quarantine

0 files were renamed

1 Files cannot be scanned

288349 Files not concerned

3008 Archives were scanned

7 Warnings

0 Notes

 

 

le rapport dss:

 

Deckard's System Scanner v20071014.68

Run by Propriétaire on 2008-03-24 03:04:07

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

-- System Restore --------------------------------------------------------------

 

System Restore is disabled; attempting to re-enable...success.

 

 

-- Last 1 Restore Point(s) --

1: 2008-03-24 02:04:11 UTC - RP1 - Point de vérification système

 

 

Backed up registry hives.

Performed disk cleanup.

 

System Drive C: has 6.19 GiB (less than 15%) free.

 

 

-- HijackThis Clone ------------------------------------------------------------

 

 

Emulating logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2008-03-24 03:06:43

Platform: Windows XP Service Pack 2 (5.01.2600)

MSIE: Internet Explorer (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\system32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\system32\CTSVCCDA.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I0F2.EXE

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\qttask.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe

C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray.exe

C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe

C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe

C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe

C:\Program Files\Netropa\Onscreen Display\osd.exe

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\WebcamMax\wcmmon.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\PowerCheck\PowerCheck.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

C:\Documents and Settings\Propriétaire\Bureau\dss.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [sbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe

O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe"

O4 - HKLM\..\Run: [mmtray2k] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe"

O4 - HKLM\..\Run: [mmtraylsi] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe"

O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [Yahoo! Pager] ~"C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: PowerCheck.lnk = C:\Program Files\PowerCheck\PowerCheck.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.secuser.com (HKCU)

O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB

O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1180917174218

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll

O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll

O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL

O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL

O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slserv.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

 

 

--

End of file - 14467 bytes

 

-- File Associations -----------------------------------------------------------

 

All associations okay.

 

 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 

R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil©>

R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>

R2 CamthWDM (WebcamMax, WDM Video Capture) - c:\windows\system32\drivers\camthwdm.sys <Not Verified; YewSoft; Cam Theme>

R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys

R3 ASAPIW2k - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; Pinnacle Systems GmbH; asapi>

R3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows ® 2000 DDK driver>

R3 BlueletSCOAudio (Bluetooth SCO Audio Service) - c:\windows\system32\drivers\blueletscoaudio.sys <Not Verified; IVT Corporation; Windows ® 2000 DDK driver>

R3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>

R3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys

R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete>

R3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>

R3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>

R3 ZDPSp50 (ZDPSp50 NDIS Protocol Driver) - c:\windows\system32\drivers\zdpsp50.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>

 

S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>

S3 BTNetFilter (Bluetooth Network Filter) - c:\windows\system32\drivers\btnetfilter.sys

S3 catchme - c:\docume~1\propri~1\locals~1\temp\catchme.sys (file missing)

S3 EraserUtilDrv10741 - c:\program files\fichiers communs\symantec shared\eengine\eraserutildrv10741.sys (file missing)

S3 LHidUsbK (Logitech SetPoint USB Receiver device driver) - c:\windows\system32\drivers\lhidusbk.sys (file missing)

S3 LMouKE (Logitech SetPoint Mouse Filter Driver) - c:\windows\system32\drivers\lmouke.sys (file missing)

S3 PCANDIS5 (PCANDIS5 Protocol Driver) - c:\windows\system32\pcandis5.sys (file missing)

S3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys (file missing)

S3 ZDCndis5 (ZDCndis5 Protocol Driver) - c:\windows\system32\zdcndis5.sys (file missing)

S3 ZDPNDIS5 (ZDPNDIS5 NDIS Protocol Driver) - c:\windows\system32\zdpndis5.sys (file missing)

 

 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 

R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>

R2 BlueSoleil Hid Service - c:\program files\ivt corporation\bluesoleil\btntservice.exe

R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; C-Dilla Ltd; SafeCast Windows NT>

R2 nhksrv (Netropa NHK Server) - c:\program files\netropa\multimedia keyboard\nhksrv.exe

R3 NMIndexingService - "c:\program files\fichiers communs\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>

 

S2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" (file missing)

S2 PinnacleSys.MediaServer (Pinnacle Systems Media Service) - "c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe" <Not Verified; Pinnacle Systems; Media Server>

S2 Planificateur LiveUpdate automatique - "c:\program files\symantec\liveupdate\aluschedulersvc.exe" (file missing)

S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe

 

 

-- Device Manager: Disabled ----------------------------------------------------

 

No disabled devices found.

 

 

-- Files created between 2008-02-24 and 2008-03-24 -----------------------------

 

2008-03-23 12:55:11 0 d-------- C:\hesteban2005

2008-03-21 02:37:28 0 d-------- C:\Program Files\Microsoft Silverlight

2008-03-20 23:27:33 0 d-------- C:\Program Files\Avira

2008-03-20 23:27:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira

2008-03-20 15:41:17 0 d-------- C:\WINDOWS\system32\drivers\down

2008-03-19 16:29:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab

2008-03-19 16:29:24 0 d-------- C:\WINDOWS\system32\Kaspersky Lab

2008-03-19 07:47:16 0 d-------- C:\Program Files\Alwil Software

2008-03-17 19:26:53 399360 --a------ C:\WINDOWS\system32\Smab.dll

2008-03-17 19:26:52 70656 --a------ C:\WINDOWS\system32\i420vfw.dll <Not Verified; www.helixcommunity.org; Helix I420 YUV Codec>

2008-03-17 19:26:52 27648 --a------ C:\WINDOWS\system32\AVSredirect.dll

2008-03-17 19:26:52 66560 --a------ C:\WINDOWS\MOTA113.exe

2008-03-17 19:26:51 217073 --a------ C:\WINDOWS\meta4.exe

2008-03-17 18:32:11 0 d-------- C:\3gptemp

2008-03-17 18:28:32 0 d-------- C:\Program Files\MIKSOFT

2008-03-03 03:34:07 0 d--hs---- C:\found.002

2008-03-03 03:05:47 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2008-03-02 06:10:44 0 d--hs--c- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-03-02 06:10:29 0 d-------- C:\Program Files\Windows Live

2008-03-02 06:09:46 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-02-29 02:28:05 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Smart PC Solutions

2008-02-29 02:28:02 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

2008-02-29 02:26:46 0 d-------- C:\Program Files\Smart PC Solutions

 

 

-- Find3M Report ---------------------------------------------------------------

 

2008-03-23 12:43:04 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Azureus

2008-03-21 02:19:38 79520 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT

2008-03-21 02:04:45 0 d-------- C:\Program Files\Microsoft Works

2008-03-19 17:19:25 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared

2008-03-19 06:35:31 0 d-------- C:\Program Files\Movie Maker

2008-03-19 06:00:14 0 d-------- C:\Program Files\Fichiers communs

2008-03-18 01:17:16 0 d-------- C:\Program Files\WebcamMax

2008-03-18 00:48:55 0 d-------- C:\Program Files\Ripp-it_AM

2008-03-18 00:45:04 12208 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys

2008-03-18 00:42:09 0 d-------- C:\Program Files\AviSynth 2.5

2008-03-16 11:20:03 0 d-------- C:\Program Files\eMule

2008-03-10 06:31:46 0 d-------- C:\Program Files\Azureus

2008-03-02 07:50:50 0 d-------- C:\Program Files\MSN Messenger

2008-02-27 05:55:38 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Camfrog

2008-02-17 05:18:34 0 d-------- C:\Program Files\Namtuk

2008-02-14 05:22:32 0 d-------- C:\Program Files\MSECache

2008-02-12 03:55:18 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Google

2008-02-12 03:53:37 0 d-------- C:\Program Files\Google

2008-02-01 07:36:46 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Adobe

2008-02-01 01:41:29 0 d-------- C:\Program Files\Fichiers communs\Real

2008-02-01 01:40:45 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Real

2008-01-31 02:40:40 0 d-------- C:\Program Files\SlySoft

2008-01-28 23:43:16 0 d-------- C:\Program Files\KC Softwares

2008-01-27 23:35:39 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Webcammax

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"="SOUNDMAN.EXE" [16/09/2004 19:39 C:\WINDOWS\SOUNDMAN.EXE]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [25/02/2004 15:15]

"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [25/02/2004 16:15]

"SbUsb AudCtrl"="sbusbdll.dll" [09/07/2004 03:27 C:\WINDOWS\system32\sbusbdll.dll]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [11/05/2000 00:00]

"EPSON Stylus Photo R300 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.exe" [11/09/2003 04:00]

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [13/09/2004 14:49]

"MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [19/06/2002 08:50]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 00:11]

"QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [04/06/2007 18:22]

"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [12/01/2006 14:40]

"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [22/02/2005 20:05]

"PMCS"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" [29/09/2004 07:39]

"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [10/11/2003 16:06]

"PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [23/09/2004 17:56]

"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [27/12/2006 15:53]

"MMTray"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" [25/03/2003 04:49]

"mmtray2k"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" [25/03/2003 04:49]

"mmtraylsi"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" [25/03/2003 04:49]

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [10/11/2006 11:35]

"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [25/02/2004 16:06]

"CTSysVol"="C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [17/09/2003 10:43]

"WebcamMaxMoniter"="C:\Program Files\WebcamMax\wcmmon.exe" [01/08/2007 01:55]

"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [20/03/2008 23:31]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 13:00]

"RemoteCenter"="C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE" []

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [19/07/2007 13:18]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [15/01/2007 15:14]

"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [27/12/2006 15:53]

"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [30/03/2006 15:45]

"Yahoo! Pager"="~C:\Program Files\Yahoo!\Messenger\ypager.exe" []

 

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [20/09/2005 9:28:16]

D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [04/11/2004 18:50:52]

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [04/11/2004 18:28:24]

Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 21:05:26]

PowerCheck.lnk - C:\Program Files\PowerCheck\PowerCheck.exe [16/09/2004 16:03:54]

Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [17/12/2002 16:23:32]

Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [18/06/2007 11:22:58]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"=0 (0x0)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"DisableRegistryTools"=0 (0x0)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

 

 

 

-- End of Deckard's System Scanner: finished at 2008-03-24 03:07:45 ------------

 

 

 

[color="#0000FF"]le rapport extra.txt de dss, je sais pas si il fallait le poster, donc je le poste!! [/color]

 

 

03:17 24/03/2008Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

 

-- System Information ----------------------------------------------------------

 

Microsoft Windows XP Édition familiale (build 2600) SP 2.0

Architecture: X86; Language: French

 

CPU 0: AMD Athlon 64 Processor 3000+

Percentage of Memory in Use: 55%

Physical Memory (total/avail): 1022.73 MiB / 455.47 MiB

Pagefile Memory (total/avail): 2461.56 MiB / 1909.92 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1916.55 MiB

 

C: is Fixed (NTFS) - 48.83 GiB total, 6.19 GiB free.

E: is Fixed (NTFS) - 92.03 GiB total, 3.83 GiB free.

F: is Fixed (NTFS) - 92.02 GiB total, 40.66 GiB free.

G: is CDROM (No Media)

I: is Removable (No Media)

J: is CDROM (No Media)

 

\\.\PHYSICALDRIVE0 - SAMSUNG SP2514N - 232.88 GiB - 3 partitions

\PARTITION0 (bootable) - Système de fichiers installable - 48.83 GiB - C:

\PARTITION1 - Étendu avec Inter. 13 étendue - 184.05 GiB - E: - F:

 

\\.\PHYSICALDRIVE1 - EPSON Stylus Storage USB Device

 

 

 

-- Security Center -------------------------------------------------------------

 

AUOptions is scheduled to auto-install.

Windows Internal Firewall is enabled.

 

FirstRunDisabled is set.

AntiVirusDisableNotify is set.

AntivirusOverride is set.

FirewallOverride is set.

 

Unable to create WMI object.

 

-- Environment Variables -------------------------------------------------------

 

ALLUSERSPROFILE=C:\Documents and Settings\All Users

APPDATA=C:\Documents and Settings\Propriétaire\Application Data

CLIENTNAME=Console

CommonProgramFiles=C:\Program Files\Fichiers communs

COMPUTERNAME=DOUDOU

ComSpec=C:\WINDOWS\system32\cmd.exe

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Documents and Settings\Propriétaire

LOGONSERVER=\\DOUDOU

NUMBER_OF_PROCESSORS=1

OS=Windows_NT

Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter;C:\Program Files\Fichiers communs\Ahead\Lib\

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 15 Model 12 Stepping 0, AuthenticAMD

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=0c00

ProgramFiles=C:\Program Files

PROMPT=$P$G

SESSIONNAME=Console

SystemDrive=C:

SystemRoot=C:\WINDOWS

TEMP=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp

TMP=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp

USERDOMAIN=DOUDOU

USERNAME=Propriétaire

USERPROFILE=C:\Documents and Settings\Propriétaire

windir=C:\WINDOWS

__COMPAT_LAYER=DisableNXShowUI

 

 

-- User Profiles ---------------------------------------------------------------

 

Propriétaire (admin)

Administrateur (new local, admin)

 

 

-- Add/Remove Programs ---------------------------------------------------------

 

--> "C:\Program Files\Creative\SBLive 24-Bit External\Program\Ctzapxx.EXE" SBUSB.INI /U /S /L:FRN

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL

--> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu

--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu" -c"C:\WINDOWS\StiRegstFre.dll"

--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL

--> C:\WINDOWS\UNRecode.exe /UNINSTALL

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1494984B-9AC5-4F16-B61A-C21D5EFCC1C4}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1494984B-9AC5-4F16-B61A-C21D5EFCC1C4}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A6AAC11-0860-11D7-908C-00A0C98173F1}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A6AAC11-0860-11D7-908C-00A0C98173F1}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27B9131D-CEFA-42C5-8D7D-56EFD80BAA25}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D1A81AA-ED90-11D6-86D3-00055DF3561E}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDFC3C8D-823E-4FCF-870B-E756B27CB57E}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC0DD8AE-3DC0-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC0DD8AE-3DC0-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c /remove

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

ABBYY FineReader 5.0 Sprint --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}

ABBYY FineReader 6.0 --> MsiExec.exe /I{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}

ACE Mega CoDecS Pack --> "C:\Program Files\ACE Mega CoDecS Pack\unins000.exe"

Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 7.0.9 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}

Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe

ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\SETUP.EXE" -l0x40c -uninst

ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x3f3f

ATI Control Panel --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"

ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

ATI HYDRAVISION --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe"

Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"

Azureus --> C:\Program Files\Azureus\Uninstall.exe

BlueSoleil --> MsiExec.exe /X{63D1A44F-E1FD-4460-BE0A-8745012F67EF}

Camfrog Video Chat 4.1 (remove only) --> "C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe"

Capture My Screen 1 --> "C:\Program Files\Namtuk\Capture My Screen\unins000.exe"

CastleNet 56K PCI Modem --> C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove

Classic PhoneTools --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}\setup.exe" -l0x40c

Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}

Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta) --> MsiExec.exe /X{30120000-00B2-040C-0000-0000000FF1CE}

Composant de Presto! BizCard 4.0 pour Windows CE --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCC30665-B924-4EA0-92F7-D9D676FB70A1}\setup.exe" -l0x40c

Correctif pour Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"

Correctif Windows XP - KB834707 --> C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe

Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe

Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe

Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe

Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe

Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe

Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe

Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"

Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe

Creative MediaSource --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x40c /remove

Creative System Information --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x40c /remove

Creative WebCam Driver --> C:\WINDOWS\CtDrvIns.exe -uninstall USB\VID_041E&PID_400D -plugin P1001Pin.dll -pluginres P1001Pin.crl

DiscAPI --> MsiExec.exe /X{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}

DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER

DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

EasyRecovery Professional --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{268723B7-A994-4286-9F85-B974D5CAFC7B} /l1036

eMule --> "C:\Program Files\eMule\Uninstall.exe"

EPSON CardMonitor --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst

EPSON Copy Utility --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x40c ADDREMOVEDLG

EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r

EPSON Photo Print --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}\setup.exe" -l0x40c MyUninstall

EPSON PhotoQuicker3.5 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst

EPSON PhotoStarter3.1 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst

EPSON Print CD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\SETUP.EXE" -l0x40c -SYSTEM

EPSON PRINT Image Framer Tool2.1 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything

EPSON Scan --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0131B2-CF18-40D9-A331-60A3746C1204}\SETUP.EXE" -l0x40c UNINSTALL

EPSON Smart Panel --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall

Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}

Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"

Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"

HP Appareils photos Photosmart 4.5 --> C:\Program Files\HP\Digital Imaging\{2171F767-B6D7-4651-9198-24A0812AA528}\setup\hpzscr01.exe -datfile hpiscr01.dat

HP Digital Photo Advisor --> MsiExec.exe /X{A157DF9D-462F-4BF9-8C5E-3854BC9CC08F}

HP Image Zone 4.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat

HP Software Update --> MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}

ICD Client 5.3.1.0 --> "C:\Program Files\RawFlow\ICD Clients\unins000.exe"

Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe

KC Softwares IDPhotoStudio --> "C:\Program Files\KC Softwares\IDPhotoStudio\unins000.exe"

Lame ACM MP3 Codec --> C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf

Le journal de votre naissance --> C:\PROGRA~1\ANUMAN~1\LEJOUR~1\UNWISE.EXE C:\PROGRA~1\ANUMAN~1\LEJOUR~1\INSTALL.LOG

Livebox --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe" -l0x40c

LiveUpdate BVRP Software --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -l0x40c

Logitech Print Service --> C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG

Logitech QuickCam --> MsiExec.exe /I{466B21EE-2858-4845-B2B3-056FC544DAA3}

Macrogaming SweetIM 2.0 --> MsiExec.exe /X{D9BBFA60-4514-4F08-A78F-91957F957495}

Micro Application - PrintPratic 4 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC79B672-686B-4C0A-9402-12EA1A04A99C}\Setup.exe" -l0x40c

Micro Application - PrintPratic Edition Photo --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03A80A3C-2E33-4CB2-A0C8-57DACD48CF7C}\Setup.exe" -l0x40c

Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}

Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server Desktop Engine (PINNACLESYS) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}

Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB920342) --> "C:\WINDOWS\$NtUninstallKB920342$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB925720) --> "C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB925876) --> "C:\WINDOWS\$NtUninstallKB925876$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"

MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

Nero 7 Premium --> MsiExec.exe /I{F0A7FB2C-99E2-4884-9187-4BC60B2C1036}

Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe

Package de base Microsoft de service de chiffrement pour cartes à puce --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"

PIF DESIGNER2.1 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59B9F-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything

Pinnacle Hollywood FX for Studio --> C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX for Studio\6.0\uninstal.log

Pinnacle Instant DVD Recorder --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\setup.exe" -l0x40c UNINSTALL

Pinnacle MediaCenter --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe" -l0x40c UNINSTALL

Pinnacle MediaServer --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x40c UNINSTALL

PowerCheck 4.2.3F --> "C:\Program Files\PowerCheck\unins000.exe"

Presto! BizCard 4.1 Fre --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu"

Programme de gestion Camera de Logitech® --> "C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

RAPID --> MsiExec.exe /X{EEECE229-49F6-4851-A73A-99B058221F8C}

Ri4m v5.0.1d --> C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe

Ripp-It Codec Pack v 4.2.6 --> C:\Program Files\Ripp-It Codec Pack\uninst.exe

Sagem Wi-Fi 11g USB adapter (driver) --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2ED60C17-4568-4CD5-830A-03C4688B09A1}\setup.exe" -l0x40c

Sagem Wi-Fi 11g USB adapter (utility) --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAFD22B6-A6C7-4134-AF4E-080BCBCD3493}\setup.exe" -l0x40c

SAMSUNG CDMA Modem Driver Set --> C:\Program Files\SAMSUNG\SAMSUNG CDMA Modem\SSCDUninstall.exe

SAMSUNG Mobile USB Modem 1.0 Software --> C:\Program Files\SAMSUNG\SAMSUNG Mobile USB Modem\1\SS_Uninstall.exe

SAMSUNG Mobile USB Modem Software --> C:\Program Files\SAMSUNG\SAMSUNG Mobile USB Modem\2\SSM_Uninstall.exe

Samsung PC Studio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly

Samsung PC Studio 3 USB Driver Installer --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly

ScanToWeb --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG

Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Smart Office Keyboard --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0208A7E3-0D30-11D4-A1FC-00508B9D1BA2}\Setup.exe" -l0x40c

Smart PC Professional v5.0 --> "C:\Program Files\Smart PC Solutions\Smart PC Professional\unins000.exe"

SmartSound Quicktracks Plugin --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}

Sony USB Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL

Sound Blaster Live! 24-Bit External --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C0054EB-24A5-46A8-80E3-62AAA930DEFA}\SETUP.EXE" -l0x40c

Studio 10 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\setup.exe" -l0x40c UNINSTALL

SweetIM For Internet Explorer 3.0b --> MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}

TV sur PC --> C:\Program Files\Neuf\TV_PC\uninstall.exe

vanBasco's Karaoke Player --> C:\Program Files\vanBasco's Karaoke Player\uninst.exe

VIA Rhine-Family Fast-Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA

WebcamMax --> "C:\Program Files\WebcamMax\uninst.exe"

Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"

Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}

Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"

Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows Presentation Foundation Language Pack (FRA) --> MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}

Windows Workflow Foundation FR Language Pack --> MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}

XML Paper Specification Shared Components Language Pack 1.0 --> "C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

XML Paper Specification Shared Components Pack 1.0 -->

Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL

Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

Yahoo! Toolbar avec bloqueur de fenêtres pop-up --> C:\PROGRA~1\Yahoo!\Common\unyt.exe

Zodiac --> "C:\Program Files\orange\jeux\Zodiac\Uninstall.exe" "C:\Program Files\orange\jeux\Zodiac\install.log"

 

 

-- Application Event Log -------------------------------------------------------

 

Event Record #/Type596 / Error

Event Submitted/Written: 03/24/2008 02:30:07 AM

Event ID/Source: 1802 / SecurityCenter

Event Description:

Le service Centre de sécurité de Windows n'a pas pu établir de requêtes d'événements avec WMI pour contrôler le programme antivirus et le pare-feu tiers.

 

Event Record #/Type595 / Warning

Event Submitted/Written: 03/24/2008 02:28:53 AM

Event ID/Source: 19011 / MSSQL$PINNACLESYS

Event Description:

(SpnRegister) : Error 1355

 

Event Record #/Type594 / Warning

Event Submitted/Written: 03/24/2008 02:28:46 AM

Event ID/Source: 2 / LOGITECH

Event Description:

 

 

Event Record #/Type583 / Error

Event Submitted/Written: 03/23/2008 04:15:08 AM

Event ID/Source: 1802 / SecurityCenter

Event Description:

Le service Centre de sécurité de Windows n'a pas pu établir de requêtes d'événements avec WMI pour contrôler le programme antivirus et le pare-feu tiers.

 

Event Record #/Type582 / Warning

Event Submitted/Written: 03/23/2008 04:13:55 AM

Event ID/Source: 19011 / MSSQL$PINNACLESYS

Event Description:

(SpnRegister) : Error 1355

 

 

 

-- Security Event Log ----------------------------------------------------------

 

No Errors/Warnings found.

 

 

-- System Event Log ------------------------------------------------------------

 

Event Record #/Type660232 / Error

Event Submitted/Written: 03/24/2008 02:31:55 AM

Event ID/Source: 7016 / Service Control Manager

Event Description:

Le service SmartLinkService a signalé un état actuel 0 non valide.

 

Event Record #/Type660211 / Error

Event Submitted/Written: 03/24/2008 02:30:23 AM

Event ID/Source: 7000 / Service Control Manager

Event Description:

Le service Pinnacle Systems Media Service n'a pas pu démarrer en raison de l'erreur :

%%1053

 

Event Record #/Type660210 / Error

Event Submitted/Written: 03/24/2008 02:30:23 AM

Event ID/Source: 7009 / Service Control Manager

Event Description:

Délai (30000 millisecondes) d'attente pour une connexion du service Pinnacle Systems Media Service.

 

Event Record #/Type660209 / Error

Event Submitted/Written: 03/24/2008 02:30:22 AM

Event ID/Source: 7000 / Service Control Manager

Event Description:

Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur :

%%3

 

Event Record #/Type660208 / Error

Event Submitted/Written: 03/24/2008 02:30:20 AM

Event ID/Source: 7001 / Service Control Manager

Event Description:

Le service Configuration automatique sans fil dépend du service NDIS mode utilisateur E/S Protocole qui n'a pas pu démarrer en raison de l'erreur :

%%1058

 

 

 

-- End of Deckard's System Scanner: finished at 2008-03-24 03:07:45 ------------

 

 

merci de ton aide....@ plus...Hesteban 2005... [/color]

[Thanos]

salut

 

Antivir a détecté et mis en quarantaine d'autres infections >>

E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip

[0] Archive type: ZIP

--> WebcamMax 4.0.1.0 (Key+Serial).exe

[DETECTION] Is the Trojan horse TR/Killav.NX.1

[iNFO] The file was moved to '4848e0b0.qua'!

Tu vois pourquoi j'insistait sur les cracks/sérials etc... ? ils sont à l'origine de la majeure partie des infections! à banir donc...

 

Elimine le dossier suivant > C:\WINDOWS\system32\drivers\down

 

J'aimerai que tu recherches et que tu élimines ce fichier > C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE

 

Note: il a été infecté par Bagle, mais je ne le vois pas dans ton rapport Antivir: assure toi qu'il soit bien éliminé.

 

Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE

-Ferme tous les programmes et clique sur "Fix Checked"

 

Il y a des restes de Norton sur le pc >>

 

Télécharge Norton_Removal_Tool sur ton bureau.

 

Double clique sur l'icône de Norton Removal tool pour lancer l'utilitaire. Suis les indications à l'écran : il est possible que tu doives redémarrer plusieurs fois.

 

Une dernière fois, on repasse un scan en ligne Kaspersky (la dernière je te rassure!) pour être certain que bagle n'est plus!

 

Poste stp le rapport de Kaspersky ainsi qu'un dernier rapport hijackthis après ca

 

Courage!