[Resolu] Eo.st
Forum Sécurité - Virus : [Resolu] Eo.st
bonjour j'ai également eo.st
je vous mets le contenu fixnavi.txt
Search Navipromo version 3.7.1 commencé le 19/01/2009 à 12:59:34.24
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : IBM BIOS Ver 2QKT25.0
USER : JeanMarc ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
D:\ (Local Disk) - NTFS - Total:105 Go (Free:29 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
Z:\ (CD or DVD)
Recherche executé en mode normal
*** Recherche Programmes installés ***
Favorit
Live-Player
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
...\Live-Player trouvé !
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
...\Live-Player trouvé !
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\jeanmarc\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.ATI\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\atig\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\CHRIST~2\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\CHRIST~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\jeanmarc\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JEANMA~1.JEA\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\richard\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\usersql\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\jeanmarc\locals~1\applic~1" ***
...\Live-Player trouvé !
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.ATI\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\atig\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\CHRIST~2\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\jeanmarc\locals~1\applic~1" ***
...\Live-Player trouvé !
*** Recherche dossiers dans "C:\DOCUME~1\JEANMA~1.JEA\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\richard\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\usersql\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\jeanmarc\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.ATI\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\atig\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\CHRIST~2\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\CHRIST~1\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\jeanmarc\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JEANMA~1.JEA\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\richard\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\usersql\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\jeanmarc\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1.ATI\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\atig\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\CHRIST~2\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\jeanmarc\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\JEANMA~1.JEA\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\richard\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\usersql\locals~1\applic~1" *
*** Recherche fichiers ***
c:\docume~1\alluse~1\bureau\Live-Player.lnk trouvé !
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
HKEY_CURRENT_USER\Software\Lanconfig
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kswyg"="\"c:\\documents and settings\\jeanmarc\\local settings\\application data\\kswyg.exe\" kswyg"
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\jeanmarc\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1.ATI\locals~1\applic~1" :
* Dans "C:\DOCUME~1\atig\locals~1\applic~1" :
* Dans "C:\DOCUME~1\CHRIST~2\locals~1\applic~1" :
* Dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" :
* Dans "C:\DOCUME~1\jeanmarc\locals~1\applic~1" :
* Dans "C:\DOCUME~1\JEANMA~1.JEA\locals~1\applic~1" :
* Dans "C:\DOCUME~1\richard\locals~1\applic~1" :
* Dans "C:\DOCUME~1\usersql\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le 19/01/2009 à 13:06:22.64 ***
que faut il faire
Message édité par jmperu le 20-01-2009 à 17:12:53
Je laisse un Helper t'indiqué que faire mais... tu peux à mon avis, déjà désinstaller Live player.
Répondre à zeby3
| zeby3 a écrit : Je laisse un Helper t'indiqué que faire mais... tu peux à mon avis, déjà désinstaller Live player. |
c'est fait
Salut,
- Relance Navilog1, fais l'option 2 et poste le rapport (C:\cleannavi.txt).
voici le contenu
Clean Navipromo version 3.7.1 commencé le 19/01/2009 à 14:31:50.91
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : IBM BIOS Ver 2QKT25.0
USER : JeanMarc ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
D:\ (Local Disk) - NTFS - Total:105 Go (Free:29 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
Z:\ (CD or DVD)
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Le rapport n'est pas complet.
voici la suite après redémarrage du pc
Clean Navipromo version 3.7.1 commencé le 19/01/2009 à 14:31:50.91
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : IBM BIOS Ver 2QKT25.0
USER : JeanMarc ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
D:\ (Local Disk) - NTFS - Total:105 Go (Free:29 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
Z:\ (CD or DVD)
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\jeanmarc\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\ADMINI~1.ATI\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\atig\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\CHRIST~2\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\jeanmarc\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\JEANMA~1.JEA\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\richard\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\usersql\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\jeanmarc\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.ATI\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\atig\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\CHRIST~2\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\jeanmarc\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JEANMA~1.JEA\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\richard\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\usersql\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\jeanmarc\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.ATI\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\atig\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\CHRIST~2\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\jeanmarc\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JEANMA~1.JEA\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\richard\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\usersql\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\jeanmarc\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.ATI\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\atig\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\CHRIST~2\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\jeanmarc\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JEANMA~1.JEA\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\richard\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\usersql\menudm~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\jeanmarc\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
* Dans "C:\Documents and Settings\jeanmarc\locals~1\applic~1" *
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
* Dans "C:\DOCUME~1\ADMINI~1.ATI\locals~1\applic~1" *
* Dans "C:\DOCUME~1\atig\locals~1\applic~1" *
* Dans "C:\DOCUME~1\CHRIST~2\locals~1\applic~1" *
* Dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" *
* Dans "C:\DOCUME~1\jeanmarc\locals~1\applic~1" *
* Dans "C:\DOCUME~1\JEANMA~1.JEA\locals~1\applic~1" *
* Dans "C:\DOCUME~1\richard\locals~1\applic~1" *
* Dans "C:\DOCUME~1\usersql\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Recherche autres dossiers et fichiers connus ***
*** Nettoyage terminé le 19/01/2009 à 14:39:07.19 ***
Ok, désinstalle Navilog1.
- Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
- Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
- Double-clique sur l'icône AD-Remover située sur ton Bureau.
- Au menu principal, choisis l'option A.
- Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note :
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
voici
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
Start at: 14:51:17 | 19/01/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: JEANMARCP | User: JeanMarc ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- Z:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 69
+--------------------| Boonty/Boonty Games Elements Found :
.
.
+--------------------| Eorezo Elements Found :
.
.
+--------------------| Everest Casino/Everest Poker Elements Found :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :
.
.
+--------------------| It's TV Elements Found :
.
+--------------------| Sweetim Elements Found :
.
.
+--------------------| Added Scan :
+---------- SCANNING PREFS.JS ... ( # Mozilla user preferences )
..\7s84w2rn.default\prefs.js :
~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~
* BROWSER STARTUP HOMEPAGE: "http://eo.st"
.
FOUND - user_pref("browser.startup.homepage", "http://eo.st" );
+---------------------------------------------------------------------------+
~~~~ INTERNET EXPLORER VERSION 7.0.5730.11 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://go.microsoft.com/fwlink/?LinkId=69157
+---------------------------------------------------------------------------+
[~1671 BYTES] - "C:\AD-REPORT-SCAN-19.01.2009.LOG"
End at: 14:52:04 | 19/01/2009 - Time elapsed: 46.8 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 44 Lines ]
+---------------------------------------------------------------------------+
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
- Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.
- Coche A à l'écran de sélection :
- Puis choisis S, le programme va travailler.
- Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report.log)
/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\
il y a eu n plantage voici le contenu de ad_report _clean.log
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
*** LIMITED TO ***
Boonty/Boontygames
Eorezo
Everest casino/Everest poker
Funwebproduct/Myway/Mywebsearch
It's TV
Sweetim
******************
Start at: 15:04:00 | 19/01/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
Boot mode: Normal
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: JEANMARCP | User: JeanMarc ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- Z:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 68
(!) ---- IE start pages reset
+--------------------| Boonty/Boonty Games Elements Deleted :
.
.
+--------------------| Eorezo Elements Deleted :
.
.
+--------------------| Everest Casino/Everest Poker Elements Deleted :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Deleted :
.
.
+--------------------| It's TV Elements Deleted :
.
+--------------------| Sweetim Elements Deleted :
.
.
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+--------------------| Added Scan :
+---------- SCANNING PREFS.JS ... ( # MOZILLA USER PREFERENCES )
..\7s84w2rn.default\prefs.js :
~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~
* BROWSER STARTUP HOMEPAGE: "http://eo.st"
.
contenu du fichier scan
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
Start at: 14:51:17 | 19/01/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: JEANMARCP | User: JeanMarc ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- Z:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 69
+--------------------| Boonty/Boonty Games Elements Found :
.
.
+--------------------| Eorezo Elements Found :
.
.
+--------------------| Everest Casino/Everest Poker Elements Found :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :
.
.
+--------------------| It's TV Elements Found :
.
+--------------------| Sweetim Elements Found :
.
.
+--------------------| Added Scan :
+---------- SCANNING PREFS.JS ... ( # Mozilla user preferences )
..\7s84w2rn.default\prefs.js :
~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~
* BROWSER STARTUP HOMEPAGE: "http://eo.st"
.
FOUND - user_pref("browser.startup.homepage", "http://eo.st" );
+---------------------------------------------------------------------------+
~~~~ INTERNET EXPLORER VERSION 7.0.5730.11 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://go.microsoft.com/fwlink/?LinkId=69157
+---------------------------------------------------------------------------+
[~1671 BYTES] - "C:\AD-REPORT-SCAN-19.01.2009.LOG"
End at: 14:52:04 | 19/01/2009 - Time elapsed: 46.8 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 44 Lines ]
+---------------------------------------------------------------------------+
j'avais perdu mon réseau il y a une violation dans SR_GUI
1/
- Va dans Mes documents (Par exemple).
- Rends-toi à l'onglet Affichage
- Menu "Outils "
- Clique sur "Options des dossiers... "
- Puis clique sur l'onglet "Affichage"
- Coche la case "Afficher les fichiers et dossiers cachés"
- Clique sur le bouton "Appliquer à tous les dossiers" puis clique sur "OK"
Tuto : http://pitcatsite.ovh.org/php/dossierwindows.php
2/
- Rends-toi dans ce dossier : C:\Documents and Settings\JeanMarc\Application Data\Mozilla\Firefox\Profiles\7s84w2rn.default\
- Clique droit sur pref.js et choisis Modifier. Cherche browser.startup.homepage et modifie "http://eo.st" en ce que tu veux en page d'accueil.
- Sauvegarde le fichier puis redémarre Firefox.
je n'ai pas besoin de faire ta dernière manipulation je n'avais dèjà plus la page eo.st
merci on peut dire que c'est résolu
- Désinstalle AD-Remover.
Tu ne préfères pas que je vérifie s'il n'y a pas d'autres infections dans ton PC ?
je veux bien mais comment faire
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparait à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
Logfile of random's system information tool 1.05 (written by random/random)
Run by JeanMarc at 2009-01-19 16:42:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 5 GB (12%) free of 40 GB
Total RAM: 1014 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:42:31, on 19/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\EpsonPHLog.exe
C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\EpsonPH.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\system32\eTCrtMng.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office97\Office\OSA.EXE
C:\Program Files\NCR\OPOS\Utils\NCRWedgeStartup.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CodeGear\RAD Studio\6.0\bin\BSQLServer.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\eTSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\InterBase Corp\InterBase\bin\ibguard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
C:\Program Files\NCR\Retail\NCRLoader.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
C:\Program Files\NCR\FitClient\NCRDLLLoader.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\InterBase Corp\InterBase\bin\ibserver.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
D:\telechargement\RSIT.exe
C:\Program Files\trend micro\JeanMarc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 172.17.30.80 RR-CRE-PRO
O1 - Hosts: 134.214.100.214 OSCAR
O1 - Hosts: 172.17.30.106 ATIGSRV2000
O1 - Hosts: 83.206.38.17 AXIS
O1 - Hosts: 213.11.83.104 AXISV4
O1 - Hosts: 172.17.30.117 TROY
O1 - Hosts: 172.17.30.211 SAFEPAY1
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [eTCertManger] C:\WINDOWS\system32\eTCrtMng.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-276718181-273759331-1515820621-1021\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'usersql')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office97\Office\OSA.EXE
O4 - Global Startup: ib_affinity.bat.lnk = C:\ib_affinity.bat
O4 - Global Startup: Microsoft Office Outlook 2003 (2).lnk = ?
O4 - Global Startup: NCR Wedge Startup.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = atig.local
O17 - HKLM\Software\..\Telephony: DomainName = atig.local
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Elève pcAnywhere (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: BlackfishSQL - CodeGear - C:\Program Files\CodeGear\RAD Studio\6.0\bin\BSQLServer.exe
O23 - Service: BorneMonecarte (BorneMonecar) - Unknown owner - D:\Developpement\Version 6\BrnMonecar.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Epson Point of Service Log Service (EpsonPOSLog) - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\EpsonPHLog.exe
O23 - Service: Epson Point of Service Port Handler (EpsonPOSPort) - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\EpsonPH.exe
O23 - Service: eToken Notification Service (ETOKSRV) - Aladdin Knowledge Systems, Ltd. - C:\WINDOWS\system32\eTSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - InterBase Software Corp. - C:\Program Files\InterBase Corp\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - InterBase Software Corp. - C:\Program Files\InterBase Corp\InterBase\bin\ibserver.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NCR DLL Loader Service (NCRDLLLoaderService) - NCR - C:\Program Files\NCR\FitClient\NCRDLLLoader.exe
O23 - Service: NCR Loader Service (NCRLoader) - NCR Corporation - C:\Program Files\NCR\Retail\NCRLoader.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Visibroker Activation Daemon (oad) - Unknown owner - C:\PROGRA~1\Borland\vbroker\bin\oad.exe
O23 - Service: VisiBroker Smart Agent (osagent) - Unknown owner - C:\PROGRA~1\Borland\vbroker\bin\osagent.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
--
End of file - 11932 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Cantine.job
C:\WINDOWS\tasks\Faire_chauffer.job
C:\WINDOWS\tasks\il_est_18h.job
C:\WINDOWS\tasks\il_est_midi.job
C:\WINDOWS\tasks\Magnétophone.job
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2007-02-16 63048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-02-02 110652]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}]
CPwmIEBrowserHelper Object - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2006-05-12 719616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2007-02-16 161352]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Mouse Suite 98 Daemon"=C:\WINDOWS\system32\ICO.EXE [2005-04-13 49152]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"LPManager"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [2006-03-22 106496]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2006-05-12 2333440]
"Realtime Monitor"=C:\PROGRA~1\CA\ETRUST~1\realmon.exe [2003-03-21 487696]
"eTCertManger"=C:\WINDOWS\system32\eTCrtMng.exe [2004-12-13 102400]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-08-11 143360]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-08-11 172032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-08-11 143360]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Démarrage d'Office.lnk - C:\Program Files\Microsoft Office97\Office\OSA.EXE
ib_affinity.bat.lnk - C:\ib_affinity.bat
Microsoft Office Outlook 2003 (2).lnk - C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
NCR Wedge Startup.lnk - C:\Program Files\NCR\OPOS\Utils\NCRWedgeStartup.exe
VPN Client.lnk - C:\WINDOWS\Installer\{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}\Icon3E5562ED7.ico
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify]
C:\Program Files\Lenovo\AwayTask\AwayNotify.dll [2006-04-18 49152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ckpNotify]
C:\WINDOWS\system32\ckpNotify.dll [2006-04-09 24674]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-08-11 217088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PCANotify]
C:\WINDOWS\system32\PCANotify.dll [2004-11-05 8704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe:*:Enabled:VPN-1 SecuRemote/SecureClient service"
"C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe:*:Enabled:VPN-1 SecuRemote/SecureClient application"
"C:\Program Files\CheckPoint\SecuRemote\bin\scc.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\scc.exe:*:Enabled:VPN-1 SecuRemote/SecureClient command line"
"C:\Program Files\CheckPoint\SecuRemote\bin\SR_SDS.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\SR_SDS.exe:*:Enabled:VPN-1 SecuRemote/SecureClient SDS agent"
"C:\Program Files\CheckPoint\SecuRemote\bin\SR_Diagnostics.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\SR_Diagnostics.exe:*:Enabled:VPN-1 SecuRemote/SecureClient diagnostics"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe:*:Enabled:VPN-1 SecuRemote/SecureClient service"
"C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe:*:Enabled:VPN-1 SecuRemote/SecureClient application"
"C:\Program Files\CheckPoint\SecuRemote\bin\scc.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\scc.exe:*:Enabled:VPN-1 SecuRemote/SecureClient command line"
"C:\Program Files\CheckPoint\SecuRemote\bin\SR_SDS.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\SR_SDS.exe:*:Enabled:VPN-1 SecuRemote/SecureClient SDS agent"
"C:\Program Files\CheckPoint\SecuRemote\bin\SR_Diagnostics.exe"="C:\Program Files\CheckPoint\SecuRemote\bin\SR_Diagnostics.exe:*:Enabled:VPN-1 SecuRemote/SecureClient diagnostics"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 1 months======
2009-01-19 16:42:06 ----D---- C:\Program Files\trend micro
2009-01-19 16:42:05 ----D---- C:\rsit
2009-01-19 14:50:24 ----D---- C:\Program Files\Ad-remover
2009-01-19 14:31:50 ----A---- C:\cleannavi.txt
2009-01-19 12:59:34 ----A---- C:\fixnavi.txt
2009-01-19 12:58:01 ----D---- C:\Program Files\Navilog1
2009-01-15 07:50:50 ----A---- C:\SetupPOS.ini
2009-01-14 15:31:47 ----D---- C:\Program Files\OPOS
2009-01-14 14:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 13:37:43 ----D---- C:\Program Files\Fichiers communs\DVDVideoSoft
2009-01-13 16:55:30 ----A---- C:\WINDOWS\system32\edgeport.exe
2009-01-13 16:55:30 ----A---- C:\WINDOWS\system32\EdgeCoIn.dll
2009-01-13 16:03:54 ----D---- C:\Program Files\NCR
2009-01-08 16:30:39 ----D---- C:\Program Files\Mythicsoft
2009-01-08 12:59:36 ----D---- C:\Documents and Settings\jeanmarc\Application Data\gtk-2.0
2009-01-08 12:57:49 ----D---- C:\Program Files\GIMP-2.0
2009-01-06 14:21:23 ----A---- C:\WINDOWS\system32\LogBrn.txt
======List of files/folders modified in the last 1 months======
2009-01-19 16:42:06 ----RD---- C:\Program Files
2009-01-19 16:40:14 ----D---- C:\Program Files\Mozilla Firefox
2009-01-19 16:34:31 ----D---- C:\WINDOWS\Temp
2009-01-19 16:05:54 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-19 16:03:18 ----A---- C:\WINDOWS\system32\PROCDB.INI
2009-01-19 15:57:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-19 15:49:53 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-19 15:42:11 ----SHD---- C:\WINDOWS\CSC
2009-01-19 15:07:15 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-19 15:07:01 ----D---- C:\WINDOWS\system32\drivers
2009-01-19 14:39:07 ----AD---- C:\WINDOWS\system32
2009-01-19 14:00:06 ----AD---- C:\WINDOWS
2009-01-19 12:59:25 ----D---- C:\WINDOWS\Prefetch
2009-01-19 11:11:30 ----D---- C:\SWSHARE
2009-01-16 15:20:30 ----D---- C:\Documents and Settings\jeanmarc\Application Data\DWRCC
2009-01-16 13:43:23 ----D---- C:\AtigGest
2009-01-16 13:35:52 ----D---- C:\Navette
2009-01-16 09:26:59 ----D---- C:\Documents and Settings\All Users\Application Data\Embarcadero
2009-01-15 16:36:15 ----SHD---- C:\Config.Msi
2009-01-15 16:36:00 ----SHD---- C:\WINDOWS\Installer
2009-01-15 10:08:43 ----D---- C:\Documents and Settings
2009-01-15 07:32:29 ----HD---- C:\WINDOWS\inf
2009-01-14 14:35:15 ----ASHD---- C:\WINDOWS\system32\dllcache
2009-01-14 14:34:52 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-14 14:32:19 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-01-14 13:37:43 ----D---- C:\Program Files\Fichiers communs
2009-01-14 13:16:48 ----D---- C:\temp
2009-01-14 13:16:46 ----D---- C:\Program Files\Movie Maker
2009-01-14 13:16:17 ----D---- C:\WINDOWS\RegisteredPackages
2009-01-14 13:16:13 ----D---- C:\WINDOWS\security
2009-01-14 13:10:05 ----D---- C:\Documents and Settings\jeanmarc\Application Data\FileZilla
2009-01-13 16:08:58 ----A---- C:\WINDOWS\DUMP6cf2.tmp
2009-01-13 16:07:05 ----A---- C:\WINDOWS\DUMP6c66.tmp
2009-01-12 07:33:38 ----D---- C:\Documents and Settings\All Users\Application Data\VMware
2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-08 17:25:31 ----D---- C:\Tmp
2009-01-08 17:25:31 ----AD---- C:\VALUEADD
2009-01-08 17:25:29 ----D---- C:\Icons
2009-01-08 17:25:29 ----AD---- C:\drivers
2009-01-08 16:29:53 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-07 09:04:26 ----D---- C:\WINDOWS\system32\config
2009-01-06 16:19:09 ----D---- C:\WINDOWS\Registration
2009-01-05 16:01:23 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AW_HOST;AW_HOST; C:\WINDOWS\system32\drivers\aw_host5.sys [2003-10-23 16984]
R1 awecho;awecho; C:\WINDOWS\system32\drivers\awechomd.sys [2004-03-05 8368]
R1 awlegacy;awlegacy; C:\WINDOWS\System32\Drivers\awlegacy.sys [2003-11-17 11165]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684]
R1 FW1;SecuRemote Miniport; C:\WINDOWS\system32\DRIVERS\fw.sys [2006-04-09 2234320]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 NCRBus;NCRBus; C:\WINDOWS\system32\drivers\NCRBus.sys [2007-12-19 41998]
R1 NCRKMPDR;NCR Kernel Mode Peripheral Driver; C:\WINDOWS\system32\drivers\NCRKMPDR.sys [2007-12-19 5932]
R1 vcdrom;Virtual CD-ROM Device Driver; \??\C:\Install\winxpvirtualcdcontrolpanel_21\VCdRom.sys []
R2 CP_OMDRV;Check Point Office Mode Module; C:\WINDOWS\System32\drivers\omdrv.sys [2006-04-09 36400]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-02-02 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-02-02 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-02-02 86652]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-02-02 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-02-02 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-02-02 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-02-02 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-11-18 40544]
R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS []
R2 EpsPort;EpsPort; C:\WINDOWS\system32\drivers\EpsPort.sys [1999-10-29 7648]
R2 Esdpdx01;Esdpdx01; \??\C:\WINDOWS\system32\Drivers\ESDPDX01.SYS []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 INO_FLTR;INO_FLTR; \??\C:\WINDOWS\system32\Drivers\ino_fltr.sys []
R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys []
R2 PrivateDisk;PrivateDisk; \??\C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys []
R2 PROCDD;Pilote de support IPS; C:\WINDOWS\system32\DRIVERS\PROCDD.SYS [2006-04-18 5120]
R2 smi2;smi2; \??\C:\Program Files\SMI2\smi2.sys []
R2 tvtfilter;tvtfilter; \??\C:\WINDOWS\system32\drivers\tvtfilter.sys []
R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\system32\DRIVERS\v2imount.sys [2007-03-28 37864]
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2008-03-03 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\C:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 VNASC;Check Point Virtual Network Adapter - SecureClient; C:\WINDOWS\system32\DRIVERS\vnasc.sys [2006-04-09 109072]
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
R2 VPN-1;VPN-1 Module; C:\WINDOWS\System32\drivers\vpn.sys [2006-04-09 671472]
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-09 292352]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-06 93952]
R3 AKSIFDH;Aladdin IFD Handler; C:\WINDOWS\system32\DRIVERS\aksifdh.sys [2004-11-30 84636]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-08-28 158208]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2003-09-02 139604]
R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-08-11 6044864]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-05-27 96896]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-15 43264]
R3 TVTPktFilter;TVT Packet Filter Service; C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys [2006-05-12 17664]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2008-03-03 16816]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
S3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 catchme;catchme; \??\C:\DOCUME~1\jeanmarc\LOCALS~1\Temp\catchme.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 EdgeSer;Inside Out Networks Edgeport Driver; C:\WINDOWS\system32\DRIVERS\edgeser.sys [2004-08-26 183534]
S3 G400;G400; C:\WINDOWS\system32\DRIVERS\G400m.sys [2001-08-23 322560]
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 NcrWedge;NCR Wedge Keyboard Filter Driver; C:\WINDOWS\System32\drivers\ncrwedge.sys [2007-12-19 11012]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2003-01-10 16384]
S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2003-02-11 9216]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 TMUSB;EPSON USB Device Driver for TM/BA/EU Printers; C:\WINDOWS\system32\DRIVERS\TMUSBXP.SYS [2007-10-17 46336]
S3 urvpndrv;F5 Networks VPN Adapter; C:\WINDOWS\system32\DRIVERS\urvpndrv.sys []
S3 usbser;Virtual Comm port driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys [2007-03-28 14072]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2007-03-28 128104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]
S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-11 874240]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 BlackfishSQL;BlackfishSQL; C:\Program Files\CodeGear\RAD Studio\6.0\bin\BSQLServer.exe [2008-08-29 65536]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2004-03-02 1425424]
R2 EpsonPOSLog;Epson Point of Service Log Service; C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\EpsonPHLog.exe [2008-04-12 290816]
R2 EpsonPOSPort;Epson Point of Service Port Handler; C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\EpsonPH.exe [2008-04-22 368640]
R2 ETOKSRV;eToken Notification Service; C:\WINDOWS\system32\eTSrv.exe [2004-12-13 90112]
R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 InoRPC;eTrust Antivirus RPC Server; C:\Program Files\CA\eTrust Antivirus\InoRpc.exe [2003-03-21 139536]
R2 InoRT;eTrust Antivirus Realtime Server; C:\Program Files\CA\eTrust Antivirus\InoRT.exe [2003-03-21 225552]
R2 InoTask;eTrust Antivirus Job Server; C:\Program Files\CA\eTrust Antivirus\InoTask.exe [2003-03-21 229648]
R2 InterBaseGuardian;InterBase Guardian; C:\Program Files\InterBase Corp\InterBase\bin\ibguard.exe [1999-09-06 22528]
R2 IPSSVC;Service de base IPS; C:\WINDOWS\system32\IPSSVC.EXE [2006-04-18 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-03-19 335872]
R2 MsDtsServer;SQL Server Integration Services; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2007-03-03 202096]
R2 msftesql$SQL2005;SQL Server FullText Search (SQL2005); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [2005-08-26 92880]
R2 MSFtpsvc;Publication FTP; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 MSOLAP$SQL2005;SQL Server Analysis Services (SQL2005); C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [2007-03-03 14560624]
R2 MSSQL$SQL2005;SQL Server (SQL2005); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-03-03 28771240]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 NCRDLLLoaderService;NCR DLL Loader Service; C:\Program Files\NCR\FitClient\NCRDLLLoader.exe [2007-12-19 61440]
R2 NCRLoader;NCR Loader Service; C:\Program Files\NCR\Retail\NCRLoader.exe [2007-12-19 61440]
R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2007-03-28 3290728]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 SQLAgent$SQL2005;SQL Server Agent (SQL2005); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [2005-10-14 318680]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 SUService;System Update; c:\program files\lenovo\system update\suservice.exe [2008-10-20 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2006-05-12 1974272]
R2 TVT Scheduler;TVT Scheduler; C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
R2 tvtnetwk;tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [2006-05-12 45056]
R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R3 InterBaseServer;InterBase Server; C:\Program Files\InterBase Corp\InterBase\bin\ibserver.exe [1999-09-06 1369600]
S2 BorneMonecar;BorneMonecarte; D:\Developpement\Version 6\BrnMonecar.exe [2009-01-15 652800]
S2 SR_Service;Check Point SecuRemote Service; C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe [2006-04-09 110691]
S2 SR_WatchDog;Check Point SecuRemote WatchDog; C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe [2006-04-09 36964]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 awhost32;Service Elève pcAnywhere; C:\Program Files\Symantec\pcAnywhere\awhost32.exe [2004-11-05 106496]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 oad;Visibroker Activation Daemon; C:\PROGRA~1\Borland\vbroker\bin\oad.exe [1998-03-12 1781248]
S3 osagent;VisiBroker Smart Agent; C:\PROGRA~1\Borland\vbroker\bin\osagent.exe [1998-03-12 193536]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon80;Débogueur distant Visual Studio 2005; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-12-09 2799808]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Player\vmware-authd.exe [2008-03-03 109104]
S4 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2008-03-03 121392]
S4 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe [2007-03-23 269104]
S4 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2008-03-03 150064]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-01-19 16:42:33
======Uninstall list======
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Access - Aide-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6FA39A7-26B1-480A-BC74-6D17531AC222}\Setup.exe" -l0x40c UNINSTALL
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Agent Ransack Version 1.7.3-->"C:\Program Files\Mythicsoft\Agent Ransack\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Araxis Merge v6.5-->MsiExec.exe /I{208CFCB7-F574-41EE-A291-9D59F4BB408A}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
BDE-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Borland\Common Files\BDE\DeIsL1.isu" -c"C:\Program Files\Borland\Common Files\BDE\_ISREG32.DLL" -cC:\PROGRA~1\Borland\COMMON~1\BDE\_ISREG32.DLL
Boost Libraries for C++Builder 2009-->"C:\Documents and Settings\All Users\Application Data\{2A1601C1-08A4-41E8-A2AA-44C40EDBAA2D}\boost_setup.exe" REMOVE=TRUE MODIFY=FALSE
Boost Libraries for C++Builder 2009-->C:\Documents and Settings\All Users\Application Data\{2A1601C1-08A4-41E8-A2AA-44C40EDBAA2D}\boost_setup.exe
Borland Delphi 5-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Borland\Delphi5\Uninst.isu" -cC:\WINDOWS\system32\D5UNINST.DLL
Burn4Free CD and DVD-->"C:\Program Files\Burn4Free\uninstall.exe"
CA eTrust Antivirus-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\CA\eTrust Antivirus\Uninst.isu" -c"C:\Program Files\CA\eTrust Antivirus\InoSetup.dll"
Check Point VPN-1 SecureClient NGX R60 HFA1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FCF2FC0-8268-11D4-A313-0006290D766E}\setup.exe" ADD_REMOVE
Cisco Systems VPN Client-->MsiExec.exe /X{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}
Client Security Solution-->MsiExec.exe /I{48227AEB-DC8E-4A90-A274-0B4A39D699B1}
CodeGear Delphi and C++Builder 2009 Database Pack-->"C:\Documents and Settings\All Users\Application Data\{0C3BE91F-5194-44C0-80FF-246E0251D2BD}\dbpack_setup.exe" REMOVE=TRUE MODIFY=FALSE
CodeGear Delphi and C++Builder 2009 Database Pack-->C:\Documents and Settings\All Users\Application Data\{0C3BE91F-5194-44C0-80FF-246E0251D2BD}\dbpack_setup.exe
CodeGear Delphi and C++Builder 2009 Help System-->"C:\Documents and Settings\All Users\Application Data\{7A0BDD12-2C4E-4120-BFFF-7B14DA13BE27}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
CodeGear Delphi and C++Builder 2009 Help System-->C:\Documents and Settings\All Users\Application Data\{7A0BDD12-2C4E-4120-BFFF-7B14DA13BE27}\Setup.exe
CodeGear RAD Studio 2009-->"C:\Documents and Settings\All Users\Application Data\{65B1AA84-C1DF-4A2E-A28C-E242BD7DE4B3}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
CodeGear RAD Studio 2009-->MsiExec.exe /I{A2B58B18-5D04-4006-9713-B6945880746E}
CodeStuff Starter-->"C:\Program Files\CodeStuff\Starter\unStarter.exe"
Compatibilité descendante de Microsoft SQL Server 2005-->MsiExec.exe /I{21231181-7EDF-4151-8F26-27D7678FFAB5}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DameWare Mini Remote Control-->MsiExec.exe /I{731FF1CF-152D-4856-BB95-9F838669E59E}
Delphi 3-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Borland\Delphi 3\DeIsL1.isu" -cC:\WINDOWS\system32\D3UNINST.DLL
Documentation en ligne de Microsoft SQL Server 2005 (français)-->MsiExec.exe /I{D9D5B160-5EC1-4746-9B37-51DFCDAEBCD4}
EPSON Advanced Printer Driver 4-->C:\Program Files\InstallShield Installation Information\{11FF6AF6-0141-4EF8-829A-989459A1E5D8}\Setup.exe -runfromtemp -l0x0009 -removeonly
EPSON Advanced Printer Driver-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\AdvUninst.isu -y -c"C:\WINDOWS\system32\AdvUninst.dll
EPSON APD4 Point and Print Support-->MsiExec.exe /X{4BB82AD9-0CF6-4E14-BD75-C1AB657C2914}
EPSON OPOS ADK Version 2.40-->C:\PROGRA~1\OPOS\Epson2\Uninstaller.exe
EPSON STM/Driver Sample-->C:\WINDOWS\EpsSample.exe
eToken Run Time Environment 3.60-->MsiExec.exe /I{D8027DE9-D42B-4847-8377-9292C6C4A761}
Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
FileZilla Client 3.0.11.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Foxit PDF Editor-->C:\Program Files\Foxit Software\PDF Editor\uninstall.exe
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
GDR 1406 for SQL Server Analysis Services 2005 ENU (KB932557)-->C:\WINDOWS\OLAP9_KB932557_ENU\Hotfix.exe /Uninstall
GDR 1406 for SQL Server Database Services 2005 ENU (KB932557)-->C:\WINDOWS\SQL9_KB932557_ENU\Hotfix.exe /Uninstall
GDR 1406 for SQL Server Integration Services 2005 ENU (KB932557)-->C:\WINDOWS\DTS9_KB932557_ENU\Hotfix.exe /Uninstall
GDR 1406 for SQL Server Notification Services 2005 ENU (KB932557)-->C:\WINDOWS\NS9_KB932557_ENU\Hotfix.exe /Uninstall
GDR 1406 for SQL Server Tools and Workstation Components 2005 ENU (KB932557)-->C:\WINDOWS\SQLTools9_KB932557_ENU\Hotfix.exe /Uninstall
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)-->C:\WINDOWS\SQL9_KB948109_ENU\Hotfix.exe /Uninstall
GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
HelloDevice Manager V2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6D09FF2-8426-43ED-82B3-3001E9B40ACE}\Setup.exe"
Help Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{986F64DC-FF15-449D-998F-EE3BCEC6666A}\Setup.exe" -l0x40c -AddRemove
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Installation du programme de test de la Dll Monecarte (C:\Program Files\TestDLL\)-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\TestDLL\ST6UNST.000"
Installation du programme de test de la Dll Monecarte (d:\test\Lecteur_RFID_MONEO_MONECARTE\) #3-->C:\WINDOWS\st6unst.exe -n "d:\test\Lecteur_RFID_MONEO_MONECARTE\ST6UNST.000"
Installation du programme de test de la Dll Monecarte (d:\test\Lecteur_RFID_MONEO_MONECARTE\)-->C:\WINDOWS\st6unst.exe -n "d:\test\Lecteur_RFID_MONEO_MONECARTE\ST6UNST.LOG"
Installation du programme de test de la Dll Monecarte-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\TestDLL\ST6UNST.LOG"
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
InterBase-->"C:\Program Files\InterBase Corp\InterBase\ibuninst.exe" "C:\Program Files\InterBase Corp\InterBase\ibuninst.000"
InterVideo WinDVD Creator 3-->"C:\Program Files\InstallShield Installation Information\{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LLT Version 4.1-->"C:\Program Files\TELIUM Tools\LLT\unins000.exe"
Macromedia Flash MX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x40c UNINSTALL
MagicDisc 2.6.93-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
MagicDisc 2.7.97-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
MetroSet2-->MsiExec.exe /I{F148FDD0-9940-4BB3-8939-1AA1DA063694}
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Device Emulator version 1.0 - FRA-->MsiExec.exe /X{F6E08BCD-8411-4943-85B6-C8F79AC613AC}
Microsoft Document Explorer 2005 Language Pack - FRA-->MsiExec.exe /X{A0EEDF22-8A8A-45C3-9571-FCCE846ABAED}
Microsoft Document Explorer 2005-->C:\Program Files\Fichiers communs\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office 97 Professional-->C:\Program Files\Microsoft Office97\Office\Install\Acme.exe /w Off97Pro.STF
Microsoft Office FrontPage 2003-->MsiExec.exe /I{9017040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 (SQL2005)-->MsiExec.exe /I{301EC03D-6550-4370-B647-0C92A41A9F42}
Microsoft SQL Server 2005 Analysis Services (SQL2005)-->MsiExec.exe /I{5CD6F039-71A6-464C-8EBD-7838A66762E4}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791}
Microsoft SQL Server 2005 Integration Services-->MsiExec.exe /I{36D69F21-592D-4E86-9E5D-1EC952371819}
Microsoft SQL Server 2005 Mobile [FRA] Developer Tools-->MsiExec.exe /X{8BBF1F9B-846E-412E-A291-D471E5BED251}
Microsoft SQL Server 2005 Notification Services-->MsiExec.exe /I{DD4DDE41-FEBC-49CC-9459-0EA6159497D3}
Microsoft SQL Server 2005 Tools-->MsiExec.exe /I{C47F1AA2-B275-41C9-A8E2-0B0631C1285F}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Compact 3.5 Design Tools FRA-->MsiExec.exe /X{043ECF7B-4724-4F7B-8A9D-BC22719E95F7}
Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB}
Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B2FA9EE829}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{75FF1600-6330-43FA-9022-E0835BF20778}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual Basic 2008 Express - Français-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition - FRA\setup.exe
Microsoft Visual Basic 2008 Express Edition - FRA-->MsiExec.exe /X{ACC61C04-48C5-3F6F-977B-AD33E94E5F40}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual J# .NET Redistributable Package 1.1-->MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}
Microsoft Visual J# 2.0 Redistributable Package-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Microsoft Visual Studio 2005 Premier Partner - FRA-->MsiExec.exe /I{950EBED3-8E80-4461-AD3A-B519006F7C37}
Microsoft Visual Studio 2005 Professional - Français-->C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Studio 2005 Professional Edition - FRA\setup.exe
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module de fusion Borland Database Engine-->MsiExec.exe /X{9745A30C-CBAC-423C-A0CF-3C691A70DB95}
Module de prise en charge linguistique de Microsoft Document Explorer 2005 - FRA-->C:\Program Files\Fichiers communs\Microsoft Shared\Help 8\Microsoft Document Explorer 2005 Language Pack - FRA\install.exe
Module de prise en charge linguistique de Microsoft Visual J# 2.0 Redistributable - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Module de prise en charge linguistique de Microsoft Visual J# 2.0 Redistributable - FRA\install.exe
Module linguistique Microsoft .NET Framework 3.5 - fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mouse Suite-->PMUninst.exe MouseSuite98
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSDN Library for Visual Studio 2005 - French-->MsiExec.exe /X{EFCD9685-7D8B-44D2-B79A-06AD85173269}
MSDN Library pour Visual Studio 2005 - Français-->msiexec /i {EFCD9685-7D8B-44D2-B79A-06AD85173269}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{1787603C-E6E3-42D4-8034-55F358486F1D}
Norton Ghost-->MsiExec.exe /I{B0255743-165B-4BD5-8DA8-37DFB9930012}
OPOS-->C:\OPOS\EPSON1\SETUP.EXE
PC-Doctor 5 for Windows-->C:\Program Files\PCDR5\uninst.exe
PDFCreator 0.7.1}-->C:\Program Files\PDFCreator\unins000.exe
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Rave Reports 7.6.0 BE-->"C:\Program Files\CodeGear\RAD Studio\6.0\RaveReports\unins000.exe"
RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Remove Multimedia Center-->C:\swtools\apps\MMCfTO\customiz\sequencer.exe -fc:\swtools\apps\MMCfTO\customiz\uninst.seq
Rescue and Recovery-->MsiExec.exe /I{7726CF62-7B45-4E6D-9266-615346816BCA}
RestOffice-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\RestOffice\DeIsL1.isu" -c"C:\Program Files\RestOffice\_ISREG32.DLL"
Retail Platform Software for Windows-->MsiExec.exe /I{C21345CE-0A0C-4A16-9B60-CED2C085FA5C}
Security Update pour Microsoft Visual Studio 2005 Professional - Français (KB925674)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {124D38C7-5BE5-4D4E-8D6D-9F10DC6B6D11} /package {D061040C-EAF9-4F1B-B0CA-060A31115151}
Security Update pour Microsoft Visual Studio 2005 Professional - Français (KB937060)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {78DD9A0A-4AE1-46D0-B9A6-578EFCA47A3C} /package {D061040C-EAF9-4F1B-B0CA-060A31115151}
SHARP MX-2300/2700/3500/4500/5500/6200/7000 PCL/PS-->C:\Program Files\InstallShield Installation Information\{673E2CB8-8306-4F99-9DF9-6492C2F57072}\setup.exe -l0009 -uninst sn0eis.sii
SnagIt 8-->MsiExec.exe /I{B6F0BE9B-41D7-45A2-9A76-D3DB1A89EC6A}
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic Icons for Lenovo-->MsiExec.exe /I{B334D9AE-1393-423E-97C0-3BDC3360E692}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
SpeedCrunch 0.10-->"C:\Program Files\SpeedCrunch\unins000.exe"
SQLXML4-->MsiExec.exe /I{76FA0254-C3F4-4765-9222-D98058845F7D}
STid MDK version 2.0.0-->"C:\Program Files\STid\MDK\unins000.exe"
Supplément à Productivity Center pour ThinkCentre-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D728E945-256D-4477-B377-6BBA693714AC}\SETUP.EXE" -l0x40c -AddRemove
Symantec pcAnywhere-->MsiExec.exe /I{115E8183-866A-11D3-97DF-0000F8D8F2E9}
System Migration Assistant-->MsiExec.exe /X{9D22599D-E1F4-4934-8B4D-2BBA46662251}
System Update-->MsiExec.exe /X{8675339C-128C-44DD-83BF-0A5D6ABD8297}
ThinkVantage Away Manager-->Rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AWAYTASK.INF
ThinkVantage Productivity Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}\SETUP.EXE" -l0x40c -AddRemove
ThinkVantage Technologies Welcome Message-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1007F41F-7D69-468E-8017-3849A5A973C2}\SETUP.EXE" -l0x40c anything
UltraVNC v1.0.2-->"C:\Program Files\UltraVNC\unins000.exe"
Visual J# .NET Redistributable 1.1- French Language Pack-->MsiExec.exe /X{3B2E8910-C110-4417-86F3-B207BF59708C}
VMware Player-->MsiExec.exe /I{A53A11EA-0095-493F-86FA-A15E8A86A405}
Wallpapers-->MsiExec.exe /I{F386C340-DF4B-4BBA-9503-420FB7EDB395}
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInstx86.exe /u C:\WINDOWS\system32\DRVSTORE\ftdibus_9E256B7D98A828C5E32AA2A56664AF336E092846\ftdibus.inf
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInstx86.exe /u C:\WINDOWS\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\ftdiport.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
C'est ton PC de boulot ?
C'est toi qui a modifié le fichier Hosts ?
---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
- Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
- Double-clique sur le répertoire JavaRa.
- Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
- Choisis Français puis clique sur Select.
- Clique sur Recherche de mises à jour.
- Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
- Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
- L'installation est terminée, reviens à l'écran de JavaRa et clique sur <gras>Effacer les anciennes versions</gras>.
- Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
- Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
- Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
Oui c'est mon poste de travail
le fichier Host a été modifié par moi mais l'adresse OSCAR ne me dit rien
à quoi sert ce nouvel outil
voici le résultat
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Tue Jan 20 08:18:56 2009
Found and removed: C:\Program Files\Java\jre1.5.0_06
Found and removed: C:\Program Files\Java\jre1.6.0_05
Found and removed: C:\Program Files\Java\jre1.6.0_07
Found and removed: Software\JavaSoft\Java2D\1.5.0_06
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\JavaPlugin.150_06
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\JavaPlugin.160_05
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06
Found and removed: Software\Classes\JavaPlugin.160_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05
Found and removed: Software\JavaSoft\Java2D\1.6.0_05
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\
------------------------------------
Finished reporting.
JavaRa sert à mettre à jour Java et à effacer les anciennes versions, tu peux le supprimer.
Le PC va bien ?
Message édité par Destrio5 le 20-01-2009 à 16:20:53
juste avant ton message le pc allait bien
je viens d'avoir un message d'erreur à l'adresse xxxxxxx sur SR_GUI
Ça vient du logiciel SecuRemote.
L'erreur revient souvent ?
non
depuis hier c'est la première fois
dans la partie réseau
check point securemote n'ai pas coché il faut peut être le cocher ??
Je ne sais pas, ce sont des programmes "spéciaux" que tu as sur ton PC.
oui c'est pour la télémaintenance
merci encore pour tout
A+
1/
- Désinstalle HijackThis.
- Télécharge ToolsCleaner2 sur ton Bureau.
- Double-clique sur ToolsCleaner2.exe pour le lancer.
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options Facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
2/
- Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.
- Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.
3/
Un logiciel à posséder :
http://www.commentcamarche.net/tel [...] ti-malware
Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Onglet Mises à jour automatiques).
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) :
http://www.malekal.com/fichiers/pr [...] ection.pdf
4/
---> Ajoute maintenant [Résolu] au titre. Pour cela :
- Clique, dans ton premier message, sur le bouton Editer
.
- Rajoute la mention [Résolu] devant le titre.
- Clique ensuite sur Valider votre message.
Sois plus vigilant sur Internet 
Il y a 2750 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
