Redirection de page internet

Résolu
odulvic Messages postés 352 Statut Membre -  
odulvic Messages postés 352 Statut Membre -
Bonjour à tous ;)
je pense avoir un problème de redirections de page et je ne trouve pas le logiciel qui pourrais corriger ce problème, en effet ma page de d'accueil sur firefox et ie7 et google mais quant je me connect par le biais de mes explorateurs j'ai bien la page google mais gogle et ecris avec 2"ll" (goglleet je recois des erreurs que je n'avais jamais eu auparavent .
merci de me vennir en aide (^_*)!!
Configuration: Windows XP
Firefox 3.5.3

24 réponses

  • 1
  • 2
  1. eZula Messages postés 3509 Statut Contributeur 392
     
    Bonjour,

    télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc2633.zi­p sur ton bureau

    dézippe le dossier, double-clique sur GenProc.bat [img]http://forum.telecharger.01net.com/forum/­lies/jeanchretien1-3.gif/img et poste le contenu du rapport qui s'ouvre

    Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html
    1
    1. odulvic Messages postés 352 Statut Membre 218
       
      ezula voici le rapport de gen proc ^^.

      Rapport GenProc 2.633 [1] - 28/09/2009 à 19:32:24
      @ Windows XP Service Pack 3 - Mode normal
      @ Mozilla Firefox (3.5.3) [Navigateur par défaut]

      GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :


      Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
      - coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
      C:\Program Files\EsetOnlineScanner\log.txt




      ~~~~ INFORMATION COMPLEMENTAIRE ~~~~


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:33:43, on 28/09/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16876)
      Boot mode: Normal

      Running processes:
      D:\WINDOWS\System32\smss.exe
      D:\WINDOWS\system32\winlogon.exe
      D:\WINDOWS\system32\services.exe
      D:\WINDOWS\system32\lsass.exe
      D:\WINDOWS\system32\nvsvc32.exe
      D:\WINDOWS\system32\svchost.exe
      D:\WINDOWS\System32\svchost.exe
      D:\WINDOWS\system32\spoolsv.exe
      D:\Program Files\Avira\AntiVir Desktop\sched.exe
      D:\Program Files\Avira\AntiVir Desktop\avguard.exe
      D:\WINDOWS\Explorer.EXE
      D:\WINDOWS\RTHDCPL.EXE
      D:\Program Files\Creative\USB SBAudigy2 NX\DVDAudio\CTDVDDet.EXE
      D:\Program Files\Creative\USB SBAudigy2 NX\Surround Mixer\CTSysVol.exe
      D:\WINDOWS\system32\RunDll32.exe
      D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      D:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
      D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
      D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
      D:\Program Files\Java\jre6\bin\jusched.exe
      D:\WINDOWS\system32\rundll32.exe
      D:\WINDOWS\system32\ctfmon.exe
      D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
      D:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
      D:\Program Files\DAEMON Tools Lite\daemon.exe
      D:\Program Files\Bonjour\mDNSResponder.exe
      D:\WINDOWS\system32\CTsvcCDA.exe
      D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
      D:\Program Files\Java\jre6\bin\jqs.exe
      D:\WINDOWS\system32\svchost.exe
      D:\WINDOWS\System32\TUProgSt.exe
      D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
      D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
      D:\Program Files\uTorrent\uTorrent.exe
      D:\WINDOWS\System32\svchost.exe
      D:\Program Files\Mozilla Firefox\firefox.exe
      D:\Program Files\Windows Live\Messenger\msnmsgr.exe
      D:\Program Files\Windows Live\Contacts\wlcomm.exe
      D:\WINDOWS\system32\cmd.exe
      D:\Documents and Settings\civodul\Bureau\GenProc\outil\civodul_GenProc.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [CTDVDDET] D:\Program Files\Creative\USB SBAudigy2 NX\DVDAudio\CTDVDDet.EXE
      O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\USB SBAudigy2 NX\Surround Mixer\CTSysVol.exe /r
      O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
      O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
      O4 - HKLM\..\Run: [AVFX Engine] D:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
      O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
      O4 - HKLM\..\Run: [SecurDisc] D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [TuneUp MemOptimizer] "D:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
      O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
      O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
      O8 - Extra context menu item: Easy-WebPrint Imprimer - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
      O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
      O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
      O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
      O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
      O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTsvcCDA.exe
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Imapi Helper - Alex Feinman - D:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
      O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - D:\WINDOWS\System32\TuneUpDefragService.exe
      O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - D:\WINDOWS\System32\TUProgSt.exe
      0
  2. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    Salut, fais ceci :

    RSIT ----->

    [x] Télécharge Random's System Information Tool à cette adresse : http://images.malwareremoval.com/random/RSIT.exe

    [x] Double clique sur " RSIT.exe ".

    [x] Clique sur " Continue ".

    [x] Si hijackthis n'est pas présent il sera automatiquement téléchargé et tu devras accepter la license.

    [x] Une fois l'analyse finie, deux fichiers ( info.txt & log.txt ) s'ouvriront.

    [x] Copie colle le contenu des deux rapports dans ton prochain message

    -------> Si jamais tu as fermé les rapports sans faire attention, ils sont sous C:\rsit
    0
  3. odulvic Messages postés 352 Statut Membre 218
     
    merci Xplode je fais ça de suite et je te tiens au courant !!
    0
    1. Xplode Messages postés 9212 Statut Contributeur sécurité 726
       
      Je laisse le topic à eZula qui a posté en premier, suis sa procédure.
      0
  4. eZula Messages postés 3509 Statut Contributeur 392
     
    de rien
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. odulvic Messages postés 352 Statut Membre 218
     
    voici le rapport du fichier texte "info"

    info.txt logfile of random's system information tool 1.06 2009-09-28 19:13:34

    ======Uninstall list======

    -->"D:\Program Files\Creative\USB SBAudigy2 NX\Program\Ctzapxx.EXE" SBUSB.INI /U /S /L:FRN
    -->D:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->D:\WINDOWS\NuNInst.exe /UNINSTALL
    -->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    -->D:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->D:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->D:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->D:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->D:\WINDOWS\UNRecode.exe /UNINSTALL
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{1A6AAC11-0860-11D7-908C-00A0C98173F1}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{1A6AAC11-0860-11D7-908C-00A0C98173F1}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\Setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\Setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{4D0803DB-8FC8-4C97-AE1F-1C3DCA357B01}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{5549DC52-211C-44BE-8347-0C22812DEB31}\setup.exe" -l0x9
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9814AC8C-FDA8-431F-A6EB-D7294E2D362E}\setup.exe" -l0x9
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x40c
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x40c /remove
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9
    -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{E5ABA5FD-EE3D-4F15-895D-B32321E6C96B}\setup.exe" -l0x40c
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
    Adobe AIR-->D:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
    Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
    Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
    Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
    Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
    Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
    Adobe CS4 Master Collection Lifetime Licence Crack-->D:\PROGRA~1\Adobe\UNWISE.EXE D:\PROGRA~1\Adobe\INSTALL.LOG
    Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
    Adobe Dreamweaver CS3-->D:\Program Files\Fichiers communs\Adobe\Installers\ad19d2ae8332572b119cf35fd0a30d8\Setup.exe
    Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}
    Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
    Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
    Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
    Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
    Adobe Flash CS4 Extension - Flash Lite STI fr-->MsiExec.exe /I{BD423B54-8668-44B6-8610-D24514445E88}
    Adobe Flash CS4 Professional-->D:\Program Files\Fichiers communs\Adobe\Installers\a68eec966ce913ddaa63251dc82ed31\Setup.exe --uninstall=1
    Adobe Flash CS4 STI-fr-->MsiExec.exe /I{48F9998C-3BA0-42D3-82E6-5882441EB8CE}
    Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
    Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}
    Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{786547F9-59BB-4FA3-B2D8-327FF1F14870}
    Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
    Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
    Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
    Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
    Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
    Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
    Adobe Photoshop CS4-->D:\Program Files\Fichiers communs\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
    Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
    Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
    Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
    Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
    Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
    Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
    Adobe Setup-->MsiExec.exe /I{D2E18162-47FB-4216-8AB3-F420C1AF75A4}
    Adobe Setup-->MsiExec.exe /I{EED50C97-C79E-4149-BD82-7C5A22437708}
    Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
    Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
    AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
    AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
    Advanced Archive Password Recovery (remove only)-->D:\Program Files\ElcomSoft\ARCHPR\uninstall.exe
    Advanced Video FX Engine-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9 /remove
    Advanced ZIP Password Recovery (remove only)-->D:\Program Files\ElcomSoft\AZPR\uninstall.exe
    Aide & Didacticiels Wink-->D:\Program Files\DebugMode\Wink\Uninstal.exe
    Amapi 3D-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\EOVIA\Amapi 3D\Uninst.isu"
    Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
    ArcSoft PhotoStudio 5.5-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    Astroburn Lite-->D:\Program Files\Astroburn Lite\uninst.exe
    Avira AntiVir Personal - Free Antivirus-->D:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    AviSynth 2.5-->"D:\Program Files\AviSynth 2.5\Uninstall.exe"
    Bit Che-->"D:\Program Files\Bit Che\unins000.exe"
    CamStudio-->D:\Program Files\CamStudio\uninstall.exe
    Canon MP Navigator 2.0-->"D:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove D:\Program Files\Canon\MP Navigator 2.0\uninst.ini
    Canon MP150-->"D:\WINDOWS\system32\CanonMP Uninstaller Information\{CA9A3609-3ECC-4574-8824-A8161A71A603}\DelDrv.exe" /U:{CA9A3609-3ECC-4574-8824-A8161A71A603} /L0x000c
    Canon Utilities Easy-PhotoPrint-->D:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
    CCleaner (remove only)-->"D:\Program Files\CCleaner\uninst.exe"
    Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
    Connection Booster 4.0.0.0-->"D:\Program Files\Connection Booster\unins000.exe"
    ConvertHelper 2.2-->"D:\Program Files\ConvertHelper\unins000.exe"
    Cool Beans NFO Creator 2.0.1.3-->"D:\Program Files\Cool Beans NFO Creator\unins000.exe"
    Creative EAX Console-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\Setup.exe" -l0x40c /remove
    Creative Live! Cam Center-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c /remove
    Creative Live! Cam Doodling-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{5549DC52-211C-44BE-8347-0C22812DEB31}\setup.exe" -l0x9 /remove
    Creative Live! Cam FX Creator-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9814AC8C-FDA8-431F-A6EB-D7294E2D362E}\setup.exe" -l0x9 /remove
    Creative Live! Cam Voice Driver (1.01.02.0410)-->D:\WINDOWS\CtDrvIns.exe -uninstall -script PD1370.uns -unsext NT -plugin P1370Pin.dll -pluginres CtCamPin.crl
    Creative MediaSource-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\setup.exe" -l0x40c /remove
    Creative Photo Calendar-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x40c /remove
    Creative Photo Manager-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c /remove
    Creative Software AutoUpdate-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
    Creative System Information-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
    Creative WaveStudio 7-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove
    Creative WebCam Center-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{E5ABA5FD-EE3D-4F15-895D-B32321E6C96B}\setup.exe" -l0x40c /remove
    DebugMode Wink-->"D:\Program Files\DebugMode\Wink\uninst.exe"
    Device Control-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c /remove
    Easy-WebPrint-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
    eMule-->"G:\eMule\Uninstall.exe"
    ffdshow [rev 2936] [2009-05-03]-->"D:\Program Files\ffdshow\unins000.exe"
    Free Video to Flash Converter version 4.1-->"D:\Program Files\DVDVideoSoft\Free Video to Flash Converter\unins000.exe"
    French App Name-->msiexec /qb /x {95264530-5A22-8E7E-FE9D-D63A927BCAEA}
    French App Name-->MsiExec.exe /I{95264530-5A22-8E7E-FE9D-D63A927BCAEA}
    HijackThis 2.0.2-->"D:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Installation Windows Live-->D:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    ISO Recorder-->MsiExec.exe /I{DFC6573E-124D-4026-BFA4-B433C9D3FF21}
    Jasc Animation Shop 3-->MsiExec.exe /I{174D5678-D941-433C-BD23-58A5C7B0D36D}
    Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
    kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
    Lecteur Windows Media 11-->"D:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    MAGIX 3D Maker Version à télécharger 6.0.0.4 (F)-->D:\Program Files\MAGIX\3D_Maker_Version_a_telecharger\unwise.exe
    Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
    MediaCoder 0.6.0-->D:\Program Files\MediaCoder\uninst.exe
    MediaInfo 0.7.21-->D:\Program Files\MediaInfo\uninst.exe
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmv9vcm.inf, Uninstall
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"D:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"D:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"D:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->D:\WINDOWS\system32\MacroMed\Flash\genuinst.exe D:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mozilla Firefox (3.5.3)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Nero 7 Premium-->MsiExec.exe /X{7516254D-7F98-49DD-8209-5D2208BD1036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA Drivers-->D:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA nView Desktop Manager-->D:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
    NVIDIA WDM Drivers-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\Setup.exe"
    OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Paramètres de haut-parleur Creative-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\Setup.exe" -l0x40c /remove
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    PDFCreator-->D:\Program Files\PDFCreator\unins000.exe
    Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
    Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
    Realtek High Definition Audio Driver-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    Spybot - Search & Destroy-->"D:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
    System Requirements Lab-->D:\Program Files\SystemRequirementsLab\Uninstall.exe
    Thrustmaster Force Feedback Driver-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe" -l0x40c -removeonly
    TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
    Uninstall 1.0.0.1-->"D:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    USB Sound Blaster Audigy 2 NX-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FE3BE471-773C-11D7-AB2D-0090271A23A2}\SETUP.EXE" -l0x40c
    Utilitaire Effets vidéos avancés-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{4D0803DB-8FC8-4C97-AE1F-1C3DCA357B01}\setup.exe" -l0x40c /remove
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Windows Media Format 11 runtime-->"D:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

    ======Security center information======

    AV: AntiVir Desktop

    ======System event log======

    Computer Name: CIVODUL88
    Event Code: 7
    Message:
    Record Number: 3390
    Source Name: incdrm
    Time Written: 20090824070651.000000+120
    Event Type: erreur
    User:

    Computer Name: CIVODUL88
    Event Code: 17
    Message: AVGNTFLT successfully loaded

    Record Number: 3389
    Source Name: avgntflt
    Time Written: 20090824070651.000000+120
    Event Type: Informations
    User:

    Computer Name: CIVODUL88
    Event Code: 4201
    Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{5F392B9F-DE24-416E-8C87-CD2E60BBA8F7} était connectée au réseau,
    et a lancé une opération normale sur la carte réseau.

    Record Number: 3388
    Source Name: Tcpip
    Time Written: 20090824070651.000000+120
    Event Type: Informations
    User:

    Computer Name: CIVODUL88
    Event Code: 121
    Message: Port A is up with 100 MBps/sec

    Record Number: 3387
    Source Name: yukonwxp
    Time Written: 20090824070651.000000+120
    Event Type: Informations
    User:

    Computer Name: CIVODUL88
    Event Code: 7000
    Message: Le service adfs n'a pas pu démarrer en raison de l'erreur :
    Le fichier spécifié est introuvable.

    Record Number: 3386
    Source Name: Service Control Manager
    Time Written: 20090824070643.000000+120
    Event Type: erreur
    User:

    =====Application event log=====

    Computer Name: CIVODUL88
    Event Code: 1517
    Message: Windows a sauvegardé le Registre utilisateur CIVODUL88\civodul alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.

    Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

    Record Number: 1163
    Source Name: Userenv
    Time Written: 20090901072115.000000+120
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: CIVODUL88
    Event Code: 302
    Message: msnmsgr (3024) \\.\D:\Documents and Settings\civodul\Local Settings\Application Data\Microsoft\Messenger\ludovic.bonard@hotmail.fr\SharingMetadata\Working\database_2A24_656C_2465_3C47\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.

    Record Number: 1162
    Source Name: ESENT
    Time Written: 20090901070508.000000+120
    Event Type: Informations
    User:

    Computer Name: CIVODUL88
    Event Code: 301
    Message: msnmsgr (3024) \\.\D:\Documents and Settings\civodul\Local Settings\Application Data\Microsoft\Messenger\ludovic.bonard@hotmail.fr\SharingMetadata\Working\database_2A24_656C_2465_3C47\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\D:\Documents and Settings\civodul\Local Settings\Application Data\Microsoft\Messenger\ludovic.bonard@hotmail.fr\SharingMetadata\Working\database_2A24_656C_2465_3C47\fsr.log.

    Record Number: 1161
    Source Name: ESENT
    Time Written: 20090901070507.000000+120
    Event Type: Informations
    User:

    Computer Name: CIVODUL88
    Event Code: 301
    Message: msnmsgr (3024) \\.\D:\Documents and Settings\civodul\Local Settings\Application Data\Microsoft\Messenger\ludovic.bonard@hotmail.fr\SharingMetadata\Working\database_2A24_656C_2465_3C47\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\D:\Documents and Settings\civodul\Local Settings\Application Data\Microsoft\Messenger\ludovic.bonard@hotmail.fr\SharingMetadata\Working\database_2A24_656C_2465_3C47\fsr0005A.log.

    Record Number: 1160
    Source Name: ESENT
    Time Written: 20090901070507.000000+120
    Event Type: Informations
    User:

    Computer Name: CIVODUL88
    Event Code: 300
    Message: msnmsgr (3024) \\.\D:\Documents and Settings\civodul\Local Settings\Application Data\Microsoft\Messenger\ludovic.bonard@hotmail.fr\SharingMetadata\Working\database_2A24_656C_2465_3C47\dfsr.db: Le moteur de base de données initialise la procédure de récupération.

    Record Number: 1159
    Source Name: ESENT
    Time Written: 20090901070507.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "NUMBER_OF_PROCESSORS"=2
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 7, GenuineIntel
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_REVISION"=0407
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "windir"=%SystemRoot%

    -----------------EOF-----------------
    0
  7. odulvic Messages postés 352 Statut Membre 218
     
    et voici le fichier texte "log"

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by civodul at 2009-09-28 19:13:19
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive D: has 118 GB (90%) free of 131 GB
    Total RAM: 2047 MB (78% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:13:31, on 28/09/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\nvsvc32.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Avira\AntiVir Desktop\sched.exe
    D:\Program Files\Avira\AntiVir Desktop\avguard.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\RTHDCPL.EXE
    D:\Program Files\Creative\USB SBAudigy2 NX\DVDAudio\CTDVDDet.EXE
    D:\Program Files\Creative\USB SBAudigy2 NX\Surround Mixer\CTSysVol.exe
    D:\WINDOWS\system32\RunDll32.exe
    D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    D:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
    D:\Program Files\Java\jre6\bin\jusched.exe
    D:\WINDOWS\system32\rundll32.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    D:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
    D:\Program Files\DAEMON Tools Lite\daemon.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\WINDOWS\system32\CTsvcCDA.exe
    D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\TUProgSt.exe
    D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    D:\Program Files\uTorrent\uTorrent.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    D:\Program Files\Windows Live\Contacts\wlcomm.exe
    D:\Documents and Settings\civodul\Bureau\RSIT.exe
    D:\Program Files\trend micro\civodul.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [CTDVDDET] D:\Program Files\Creative\USB SBAudigy2 NX\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\USB SBAudigy2 NX\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
    O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [AVFX Engine] D:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [SecurDisc] D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "D:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Imprimer - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Imapi Helper - Alex Feinman - D:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - D:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - D:\WINDOWS\System32\TUProgSt.exe
    0
  8. odulvic Messages postés 352 Statut Membre 218
     
    mince j'avais pas vu que c'est azula ^^
    bon ben alors je fais ce que tu m'as demander aussi azula ou ca iras avec ça ???
    0
  9. eZula Messages postés 3509 Statut Contributeur 392
     
    Scanne ce fichier D:\WINDOWS\system32\drivers\anywluhm.sys sur le site virustotal et poste le résultat
    0
  10. odulvic Messages postés 352 Statut Membre 218
     
    ezula meme avec afficher les fichier cachées je ne trouve pas ce que tu me dis ???
    0
  11. eZula Messages postés 3509 Statut Contributeur 392
     
    dans un shell écris cette instruction :

    TYPE D:\WINDOWS\system32\drivers\anywluhm.sys >> "D:\Documents and Settings\civodul\Bureau\z.txt"


    ensuite scanne le fichier z.txt (sur ton bureau) sur VT
    0
  12. odulvic Messages postés 352 Statut Membre 218
     
    voilu le resultat ezula et merci de m'aider ^^:

    Fichier atapi.sys reçu le 2009.09.28 18:28:19 (UTC)
    Situation actuelle: terminé
    Résultat: 1/41 (2.44%)
    Formaté Formaté
    Impression des résultats Impression des résultats
    Antivirus Version Dernière mise à jour Résultat
    a-squared 4.5.0.24 2009.09.28 -
    AhnLab-V3 5.0.0.2 2009.09.28 -
    AntiVir 7.9.1.27 2009.09.28 -
    Antiy-AVL 2.0.3.7 2009.09.28 -
    Authentium 5.1.2.4 2009.09.28 -
    Avast 4.8.1351.0 2009.09.27 -
    AVG 8.5.0.412 2009.09.28 -
    BitDefender 7.2 2009.09.28 -
    CAT-QuickHeal 10.00 2009.09.26 -
    ClamAV 0.94.1 2009.09.28 -
    Comodo 2462 2009.09.28 -
    DrWeb 5.0.0.12182 2009.09.28 -
    eSafe 7.0.17.0 2009.09.24 Win32.Rootkit
    eTrust-Vet 31.6.6763 2009.09.27 -
    F-Prot 4.5.1.85 2009.09.27 -
    F-Secure 8.0.14470.0 2009.09.28 -
    Fortinet 3.120.0.0 2009.09.28 -
    GData 19 2009.09.28 -
    Ikarus T3.1.1.72.0 2009.09.28 -
    Jiangmin 11.0.800 2009.09.27 -
    K7AntiVirus 7.10.855 2009.09.26 -
    Kaspersky 7.0.0.125 2009.09.28 -
    McAfee 5755 2009.09.28 -
    McAfee+Artemis 5755 2009.09.28 -
    McAfee-GW-Edition 6.8.5 2009.09.28 -
    Microsoft 1.5005 2009.09.23 -
    NOD32 4465 2009.09.28 -
    Norman 6.01.09 2009.09.28 -
    nProtect 2009.1.8.0 2009.09.28 -
    Panda 10.0.2.2 2009.09.28 -
    PCTools 4.4.2.0 2009.09.28 -
    Prevx 3.0 2009.09.28 -
    Rising 21.49.04.00 2009.09.28 -
    Sophos 4.45.0 2009.09.28 -
    Sunbelt 3.2.1858.2 2009.09.28 -
    Symantec 1.4.4.12 2009.09.28 -
    TheHacker 6.5.0.2.020 2009.09.28 -
    TrendMicro 8.950.0.1094 2009.09.25 -
    VBA32 3.12.10.11 2009.09.27 -
    ViRobot 2009.9.28.1960 2009.09.28 -
    VirusBuster 4.6.5.0 2009.09.28 -
    Information additionnelle
    File size: 96512 bytes
    MD5 : 9f3a2f5aa6875c72bf062c712cfa2674
    SHA1 : a719156e8ad67456556a02c34e762944234e7a44
    SHA256: b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9
    PEInfo: PE Structure information

    ( base data )
    entrypointaddress.: 0x159F7
    timedatestamp.....: 0x4802539D (Sun Apr 13 20:40:29 2008)
    machinetype.......: 0x14C (Intel I386)

    ( 9 sections )
    name viradd virsiz rawdsiz ntrpy md5
    .text 0x380 0x97BA 0x9800 6.45 0d7d81391f33c6450a81be1e3ac8c7b7
    NONPAGE 0x9B80 0x18E8 0x1900 6.48 c74a833abd81cc5d037de168e055ad29
    .rdata 0xB480 0xA64 0xA80 4.31 8523651899e28819a14bf9415af25708
    .data 0xBF00 0xD94 0xE00 0.45 3575b51634ae7a56f55f1ee0a6213834
    PAGESCAN 0xCD00 0x157F 0x1580 6.20 dc4c309c4db9576daa752fdd125fccf9
    PAGE 0xE280 0x61DA 0x6200 6.46 40b83d4d552384e58a03517a98eb4863
    INIT 0x14480 0x22BE 0x2300 6.47 906462abc478368424ea462d5868d2e3
    .rsrc 0x16780 0x3E0 0x400 3.36 8fd2d82e745b289c28bc056d3a0d62ab
    .reloc 0x16B80 0xD20 0xD80 6.39 ce2b0898cc0e40b618e5df9099f6be45

    ( 0 imports )

    ( 0 exports )
    TrID : File type identification
    Win32 Executable Generic (68.0%)
    Generic Win/DOS Executable (15.9%)
    DOS Executable Generic (15.9%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    ThreatExpert: https://www.symantec.com?md5=9f3a2f5aa6875c72bf062c712cfa2674
    ssdeep: 1536:MwXpkfV74F1D7yNEZIHRRJMohmus27G1j/XBoDQi7oaRMJfYHFktprll1KbDD0uu:MQ+N74vkEZIxMohjsimBoDTRMBwFktZu
    PEiD : -
    packers (Kaspersky): PE_Patch
    RDS : NSRL Reference Data Set
    0
  13. eZula Messages postés 3509 Statut Contributeur 392
     
    Fichier atapi.sys ?
    0
  14. odulvic Messages postés 352 Statut Membre 218
     
    ben j'ai fais ce que tu m'as dis de faire en inviter de commande et j'ai bien scanner le fichier "z" sur mon buro ^^
    0
  15. eZula Messages postés 3509 Statut Contributeur 392
     
    c'est bizarre il aurait du être mentionné :

    Fichier z.txt reçu le 2009.09.28 18:28:19 (UTC) 


    et non pas "atapi.sys" qui par ailleurs est un pilote légitime...

    Télécharge combofix (sUBs) http://download.bleepingcomputer.com/sUBs/ComboFix.exe sur ton Bureau
    Double clique combofix.exe et suis les instructions.
    Installe la console de récupération si proposé et continue.
    Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    0
    1. odulvic Messages postés 352 Statut Membre 218
       
      vala c'est fait, voilu le rapport de gombofix^^:



      ComboFix 09-09-27.05 - civodul 28/09/2009 22:29.1.2 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1608 [GMT 2:00]
      Lancé depuis: d:\documents and settings\civodul\Bureau\ComboFix.exe
      AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .

      d:\windows\system32\Data

      .
      ((((((((((((((((((((((((((((( Fichiers créés du 2009-08-28 au 2009-09-28 ))))))))))))))))))))))))))))))))))))
      .

      2009-09-28 17:13 . 2009-09-28 17:13 -------- d-----w- d:\program files\trend micro
      2009-09-28 17:13 . 2009-09-28 17:13 -------- d-----w- D:\rsit
      2009-09-27 17:35 . 2009-09-27 17:35 -------- d-----w- d:\documents and settings\All Users\Application Data\Simply Super Software
      2009-09-27 15:57 . 2009-09-27 15:57 -------- d-----w- d:\documents and settings\civodul\Local Settings\Application Data\Xara
      2009-09-27 15:57 . 2009-09-27 15:57 -------- d-----w- d:\program files\WMV9_VCM
      2009-09-27 15:56 . 2009-09-27 15:56 -------- d-----w- d:\program files\Fichiers communs\MAGIX Shared
      2009-09-27 15:56 . 2009-09-27 15:56 -------- d-----w- d:\documents and settings\All Users\Application Data\MAGIX
      2009-09-27 15:56 . 2009-09-27 15:56 -------- d-----w- d:\program files\MAGIX
      2009-09-27 15:56 . 2007-04-27 08:43 120200 ----a-w- d:\windows\system32\DLLDEV32i.dll
      2009-09-27 15:55 . 2009-09-27 16:02 -------- d-----w- d:\windows\system32\MAGIX
      2009-09-27 15:55 . 2008-04-15 14:14 700416 ----a-w- d:\windows\system32\mgxoschk.dll
      2009-09-26 08:49 . 2009-09-26 08:49 -------- d-----w- d:\program files\Fichiers communs\Wise Installation Wizard
      2009-09-26 08:35 . 2009-09-26 08:35 -------- d-----w- d:\documents and settings\civodul\Application Data\OpenCandy
      2009-09-26 08:35 . 2009-09-26 09:01 -------- d-----w- d:\program files\MediaInfo
      2009-09-24 18:35 . 2009-09-24 18:36 -------- d-----w- d:\documents and settings\civodul\Application Data\Dream Aquarium
      2009-09-23 19:32 . 2009-09-23 19:32 -------- d-----w- d:\documents and settings\civodul\Application Data\Micro Application
      2009-09-19 08:18 . 2009-09-19 08:18 -------- d-----w- d:\program files\Cool Beans NFO Creator
      2009-09-16 16:13 . 2009-09-16 16:13 -------- d-----w- d:\program files\DebugMode
      2009-09-13 12:19 . 2009-09-13 15:02 -------- d-----w- d:\program files\CamStudio
      2009-09-12 19:48 . 2009-09-12 19:48 -------- d-----w- d:\documents and settings\All Users\Application Data\Astroburn Lite
      2009-09-12 19:48 . 2009-09-12 19:48 -------- d-----w- d:\program files\Astroburn Toolbar
      2009-09-12 19:48 . 2009-09-13 11:25 -------- d-----w- d:\program files\Astroburn Lite
      2009-09-12 19:47 . 2009-09-12 19:47 -------- d-----w- d:\documents and settings\civodul\Application Data\Astroburn Lite
      2009-09-12 17:20 . 2007-04-04 16:53 81768 ----a-w- d:\windows\system32\xinput1_3.dll
      2009-09-12 17:20 . 2007-04-04 16:55 261480 ----a-w- d:\windows\system32\xactengine2_7.dll
      2009-09-12 16:30 . 2009-09-12 19:18 -------- d-----w- d:\program files\1C Company
      2009-09-12 16:26 . 2005-01-28 09:49 106496 ----a-w- d:\windows\system32\GUStrLib.dll
      2009-09-12 16:26 . 2006-11-23 10:10 31744 ----a-w- d:\windows\system32\tmffbdrv.dll
      2009-09-12 16:26 . 2006-11-23 10:09 131072 ----a-w- d:\windows\system32\tmffbcpl.dll
      2009-09-12 16:26 . 2009-09-12 16:26 -------- d-----w- d:\program files\Thrustmaster
      2009-09-12 15:56 . 2009-09-12 15:56 -------- d-----w- d:\program files\NVIDIA Corporation
      2009-09-12 15:56 . 2009-09-12 15:56 -------- d-----w- d:\documents and settings\All Users\Application Data\NVIDIA Corporation
      2009-09-12 15:55 . 2009-08-16 22:57 485920 ----a-w- d:\windows\system32\nvudisp.exe
      2009-09-12 15:55 . 2009-08-11 10:35 485920 ----a-w- d:\windows\system32\NVUNINST.EXE
      2009-09-12 15:06 . 2009-09-12 15:06 -------- d-----w- d:\documents and settings\civodul\Application Data\SystemRequirementsLab
      2009-09-12 14:37 . 2005-01-28 08:44 24576 ----a-r- d:\windows\system32\AsIO.dll
      2009-09-12 14:37 . 2004-10-14 09:52 4962 ----a-r- d:\windows\system32\drivers\AsIO.sys
      2009-09-10 04:56 . 2009-06-21 21:47 153088 -c----w- d:\windows\system32\dllcache\triedit.dll
      2009-09-08 16:37 . 2009-09-08 16:37 -------- d-----w- d:\windows\system32\XPSViewer
      2009-09-08 16:37 . 2009-09-08 16:37 -------- d-----w- d:\program files\MSBuild
      2009-09-08 16:37 . 2009-09-08 16:37 -------- d-----w- d:\program files\Reference Assemblies
      2009-09-08 16:37 . 2008-07-06 12:06 89088 -c----w- d:\windows\system32\dllcache\filterpipelineprintproc.dll
      2009-09-08 16:37 . 2008-07-06 12:06 575488 -c----w- d:\windows\system32\dllcache\xpsshhdr.dll
      2009-09-08 16:37 . 2008-07-06 12:06 575488 ------w- d:\windows\system32\xpsshhdr.dll
      2009-09-08 16:37 . 2008-07-06 12:06 117760 ------w- d:\windows\system32\prntvpt.dll
      2009-09-08 16:37 . 2008-07-06 10:50 597504 -c----w- d:\windows\system32\dllcache\printfilterpipelinesvc.exe
      2009-09-08 16:37 . 2008-07-06 12:06 1676288 -c----w- d:\windows\system32\dllcache\xpssvcs.dll
      2009-09-08 16:37 . 2008-07-06 12:06 1676288 ------w- d:\windows\system32\xpssvcs.dll
      2009-09-08 10:00 . 2008-10-16 12:06 268648 ----a-w- d:\windows\system32\mucltui.dll
      2009-09-08 10:00 . 2008-10-16 12:06 208744 ----a-w- d:\windows\system32\muweb.dll
      2009-09-08 04:57 . 2009-09-09 19:27 -------- d-----w- d:\documents and settings\civodul\Application Data\Windows Live Writer
      2009-09-08 04:57 . 2009-09-08 04:57 -------- d-----w- d:\documents and settings\civodul\Local Settings\Application Data\Windows Live Writer
      2009-09-07 17:40 . 2009-09-28 16:52 -------- d-----w- d:\documents and settings\civodul\Tracing
      2009-09-07 17:36 . 2009-09-07 17:36 -------- d-----w- d:\program files\Microsoft
      2009-09-07 17:36 . 2009-09-07 17:36 -------- d-----w- d:\program files\Windows Live SkyDrive
      2009-09-07 17:35 . 2009-09-07 17:40 -------- d-----w- d:\program files\Windows Live
      2009-09-07 17:31 . 2009-09-07 17:31 -------- d-----w- d:\program files\Fichiers communs\Windows Live
      2009-09-06 15:28 . 2009-09-06 15:28 -------- d-----w- D:\DVDVideoSoft
      2009-09-06 15:28 . 2002-01-05 13:37 344064 ----a-w- d:\windows\system32\msvcr70.dll
      2009-09-06 15:27 . 2009-09-06 15:28 -------- d-----w- d:\program files\Fichiers communs\DVDVideoSoft
      2009-09-06 15:27 . 2009-09-06 15:27 -------- d-----w- d:\program files\DVDVideoSoft
      2009-09-06 13:03 . 2009-09-20 15:11 -------- d-----w- d:\program files\MediaCoder
      2009-09-06 12:50 . 2009-09-06 12:50 -------- d-----w- d:\program files\AviSynth 2.5
      2009-09-06 12:04 . 2009-09-06 12:04 -------- d-----w- d:\program files\ConvertHelper
      2009-09-06 11:45 . 2009-09-06 11:45 -------- d-----w- d:\program files\Adobe Media Player
      2009-09-06 11:45 . 2009-09-06 11:45 -------- d-----w- d:\program files\Fichiers communs\Adobe AIR
      2009-09-06 11:39 . 2009-09-06 12:02 -------- d-----w- d:\documents and settings\civodul\dwhelper
      2009-09-06 11:06 . 2009-09-09 18:10 -------- d-----w- d:\documents and settings\civodul\Local Settings\Application Data\WMTools Downloaded Files
      2009-09-05 09:33 . 2000-07-14 21:00 101888 ----a-w- d:\windows\system32\VB6STKIT.DLL
      2009-09-05 09:33 . 2009-09-05 09:33 -------- d-----w- d:\program files\Connection Booster
      2009-08-30 19:32 . 2009-09-27 19:34 -------- d---a-w- d:\documents and settings\All Users\Application Data\TEMP
      2009-08-30 12:18 . 2009-09-27 17:09 -------- d-----w- d:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
      2009-08-30 12:18 . 2009-08-30 12:22 -------- d-----w- d:\program files\Spybot - Search & Destroy

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2009-09-28 20:32 . 2009-07-17 10:59 -------- d-----w- d:\documents and settings\civodul\Application Data\uTorrent
      2009-09-23 19:32 . 2009-07-10 14:56 18968 ----a-w- d:\documents and settings\civodul\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2009-09-20 09:15 . 2009-07-10 15:13 1324 ----a-w- d:\windows\system32\d3d9caps.dat
      2009-09-19 15:52 . 2009-07-16 15:39 -------- d-----w- d:\documents and settings\civodul\Application Data\Canon
      2009-09-12 17:57 . 2009-07-21 15:53 -------- d-----w- d:\program files\Windows Media Connect 2
      2009-09-12 16:26 . 2009-07-10 14:45 -------- d--h--w- d:\program files\InstallShield Installation Information
      2009-09-12 15:41 . 2009-07-10 16:06 -------- d-----w- d:\program files\Creative
      2009-09-08 16:41 . 2004-08-05 12:00 80508 ----a-w- d:\windows\system32\perfc00C.dat
      2009-09-08 16:41 . 2004-08-05 12:00 500482 ----a-w- d:\windows\system32\perfh00C.dat
      2009-08-27 23:23 . 2009-08-27 23:23 -------- d-----w- d:\program files\Alex Feinman
      2009-08-20 17:27 . 2009-07-10 15:03 411368 ----a-w- d:\windows\system32\deploytk.dll
      2009-08-20 17:27 . 2009-08-20 17:27 -------- d-----w- d:\program files\Java
      2009-08-18 18:37 . 2009-07-10 16:55 55656 ----a-w- d:\windows\system32\drivers\avgntflt.sys
      2009-08-17 01:03 . 2009-08-17 01:03 3674112 ----a-w- d:\windows\system32\nvwssr.dll
      2009-08-17 01:02 . 2009-08-17 01:02 229376 ----a-w- d:\windows\system32\nvmccs.dll
      2009-08-16 22:57 . 2009-08-16 22:57 868352 ----a-w- d:\windows\system32\nvapi.dll
      2009-08-16 22:57 . 2009-08-16 22:57 2189856 ----a-w- d:\windows\system32\nvcuvid.dll
      2009-08-16 22:57 . 2009-08-16 22:57 2002944 ----a-w- d:\windows\system32\nvcuda.dll
      2009-08-16 22:57 . 2009-08-16 22:57 1706528 ----a-w- d:\windows\system32\nvcuvenc.dll
      2009-08-16 22:57 . 2009-08-16 22:57 1597690 ----a-w- d:\windows\system32\nvdata.bin
      2009-08-16 22:57 . 2009-08-16 22:57 155648 ----a-w- d:\windows\system32\nvcodins.dll
      2009-08-16 22:57 . 2009-08-16 22:57 155648 ----a-w- d:\windows\system32\nvcod.dll
      2009-08-16 22:57 . 2009-08-16 22:57 10457088 ----a-w- d:\windows\system32\nvoglnt.dll
      2009-08-16 22:57 . 2006-04-28 07:47 7729568 ----a-w- d:\windows\system32\drivers\nv4_mini.sys
      2009-08-16 22:57 . 2006-04-28 07:47 5845760 ----a-w- d:\windows\system32\nv4_disp.dll
      2009-08-16 09:32 . 2009-07-14 15:57 -------- d-----w- d:\documents and settings\civodul\Application Data\Creative
      2009-08-14 20:37 . 2009-08-14 20:36 -------- d-----w- d:\documents and settings\civodul\Application Data\dvdcss
      2009-08-14 20:28 . 2009-08-14 20:28 -------- d-----w- d:\program files\VideoLAN
      2009-08-14 19:26 . 2009-07-16 19:12 -------- d-----w- d:\documents and settings\civodul\Application Data\Ahead
      2009-08-13 10:28 . 2009-08-13 10:27 -------- d-----w- d:\documents and settings\civodul\Application Data\muvee Technologies
      2009-08-10 20:00 . 2009-08-10 20:00 -------- d-----w- d:\program files\Bonjour
      2009-08-10 20:00 . 2009-07-15 05:21 -------- d-----w- d:\program files\Fichiers communs\Adobe
      2009-08-05 09:00 . 2004-08-05 12:00 205312 ----a-w- d:\windows\system32\mswebdvd.dll
      2009-08-01 20:31 . 2009-07-19 07:16 -------- d-----w- d:\documents and settings\All Users\Application Data\nView_Profiles
      2009-07-29 18:24 . 2009-07-29 18:24 604488 ----a-w- d:\windows\system32\TUProgSt.exe
      2009-07-29 18:24 . 2009-07-29 18:24 361288 ----a-w- d:\windows\system32\TuneUpDefragService.exe
      2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- d:\windows\system32\sirenacm.dll
      2009-07-24 00:53 . 2009-07-24 00:53 717296 ----a-w- d:\windows\system32\drivers\sptd.sys
      2009-07-17 19:03 . 2004-08-05 12:00 58880 ----a-w- d:\windows\system32\atl.dll
      2009-07-15 09:48 . 2009-07-29 18:24 29000 ----a-w- d:\windows\system32\uxtuneup.dll
      2009-07-13 21:43 . 2004-08-05 12:00 286208 ----a-w- d:\windows\system32\wmpdxm.dll
      2009-07-10 16:59 . 2009-07-10 16:59 0 ----a-w- d:\windows\nsreg.dat
      2009-07-10 15:13 . 2009-07-10 15:13 552 ----a-w- d:\windows\system32\d3d8caps.dat
      2009-07-10 14:45 . 2009-07-10 14:45 294912 ----a-w- d:\windows\HideWin.exe
      2009-07-10 14:25 . 2009-07-10 14:25 21892 ----a-w- d:\windows\system32\emptyregdb.dat
      .

      ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="d:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
      "TuneUp MemOptimizer"="d:\program files\TuneUp Utilities 2009\MemOptimizer.exe" [2009-07-16 163144]
      "DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTDVDDET"="d:\program files\Creative\USB SBAudigy2 NX\DVDAudio\CTDVDDet.EXE" [2003-06-17 45056]
      "CTSysVol"="d:\program files\Creative\USB SBAudigy2 NX\Surround Mixer\CTSysVol.exe" [2003-07-09 57344]
      "avgnt"="d:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
      "AVFX Engine"="d:\program files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-10-19 20480]
      "OpwareSE2"="d:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
      "SecurDisc"="d:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-09-26 1629480]
      "SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-08-20 149280]
      "nwiz"="d:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
      "NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
      "RTHDCPL"="RTHDCPL.EXE" - d:\windows\RTHDCPL.EXE [2005-05-25 14477312]
      "SbUsb AudCtrl"="sbusbdll.dll" - d:\windows\system32\sbusbdll.dll [2004-08-19 97792]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
      "NoRecentDocsNetHood"= 1 (0x1)

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "UpdReg"=d:\windows\UpdReg.EXE
      "Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "d:\\Program Files\\uTorrent\\uTorrent.exe"=
      "d:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
      "d:\\WINDOWS\\system32\\sessmgr.exe"=
      "d:\\Program Files\\Bonjour\\mDNSResponder.exe"=
      "d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
      "d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "h:\\eMule\\emule.exe"=
      "d:\\TYPSoft FTP Server\\ftpserv.exe"=
      "d:\\WINDOWS\\system32\\dpnsvr.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "5353:TCP"= 5353:TCP:Adobe CSI CS4

      R2 AntiVirSchedulerService;Avira AntiVir Planificateur;d:\program files\Avira\AntiVir Desktop\sched.exe [10/07/2009 18:55 108289]
      R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;d:\windows\system32\TUProgSt.exe [29/07/2009 20:24 604488]
      R3 P1370Aud;Creative WebCam Audio Control;d:\windows\system32\drivers\P1370Aud.sys [14/07/2009 17:53 93056]
      R3 P1370Aul;PD1370 Lower Filter Driver;d:\windows\system32\drivers\P1370Aul.sys [14/07/2009 17:53 4992]
      R3 P1370VID;Live! Cam Voice;d:\windows\system32\drivers\P1370Vid.sys [14/07/2009 17:53 179328]
      S3 sbusb;Sound Blaster USB Audio Driver;d:\windows\system32\drivers\sbusb.sys [14/07/2009 20:18 911744]

      --- Autres Services/Pilotes en mémoire ---

      *NewlyCreated* - MBR
      *Deregistered* - mbr

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      .
      Contenu du dossier 'Tâches planifiées'

      2009-09-28 d:\windows\Tasks\Maintenance en 1 clic.job
      - d:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 09:00]
      .
      .
      ------- Examen supplémentaire -------
      .
      uStart Page = hxxp://www.google.fr/
      uInternet Settings,ProxyOverride = *.local
      IE: Easy-WebPrint Ajouter à la liste d'impressions - d:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
      IE: Easy-WebPrint Impression rapide - d:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
      IE: Easy-WebPrint Imprimer - d:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
      IE: Easy-WebPrint Prévisualiser - d:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
      DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
      FF - ProfilePath - d:\documents and settings\civodul\Application Data\Mozilla\Firefox\Profiles\wdgpoy27.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
      FF - component: d:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
      FF - component: d:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll
      FF - component: d:\documents and settings\civodul\Application Data\Mozilla\Firefox\Profiles\wdgpoy27.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
      FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

      ---- PARAMETRES FIREFOX ----
      FF - user.js: network.http.max-persistent-connections-per-server - 4
      FF - user.js: nglayout.initialpaint.delay - 600
      FF - user.js: content.notify.interval - 600000
      FF - user.js: content.max.tokenizing.time - 1800000
      FF - user.js: content.switch.threshold - 600000
      .
      - - - - ORPHELINS SUPPRIMES - - - -

      AddRemove-eMule - g:\emule\Uninstall.exe



      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-09-28 22:33
      Windows 5.1.2600 Service Pack 3 NTFS

      Recherche de processus cachés ...

      Recherche d'éléments en démarrage automatique cachés ...

      Recherche de fichiers cachés ...

      Scan terminé avec succès
      Fichiers cachés: 0

      **************************************************************************
      .
      --------------------- DLLs chargées dans les processus actifs ---------------------

      - - - - - - - > 'winlogon.exe'(1664)
      d:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

      - - - - - - - > 'explorer.exe'(2900)
      d:\program files\NVIDIA Corporation\nView\nview.dll
      d:\program files\NVIDIA Corporation\nView\NVWRSFR.DLL
      d:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll
      d:\program files\Fichiers communs\Ahead\Lib\NeroSearchBar.dll
      d:\program files\Fichiers communs\Ahead\Lib\MFC71U.DLL
      d:\program files\Fichiers communs\Ahead\Lib\BCGCBPRO860un71.dll
      d:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
      d:\windows\system32\eappprxy.dll
      d:\windows\system32\WPDShServiceObj.dll
      d:\windows\system32\PortableDeviceTypes.dll
      d:\windows\system32\PortableDeviceApi.dll
      d:\windows\system32\nvwddi.dll
      d:\program files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
      d:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
      d:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
      .
      Heure de fin: 2009-09-28 22:35
      ComboFix-quarantined-files.txt 2009-09-28 20:35

      Avant-CF: 123 473 387 520 octets libres
      Après-CF: 123 442 458 624 octets libres

      WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
      [boot loader]
      timeout=2
      default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
      [operating systems]
      c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
      multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect /noguiboot

      259 --- E O F --- 2009-09-11 12:07
      0
  16. afideg Messages postés 10466 Date d'inscription   Statut Contributeur sécurité Dernière intervention   602
     
    Bonsoir vous deux,
    Salut Nicos ;)

    L'internaute annonce: « ... j'ai bien la page google mais gogle et ecris avec 2"ll" »

    J'ai également eu cet affichage de GOOGLLE hier.
    Aujourd'hui, c'est redevenu correct sans aucune intervention.

    Peut-être Google voulait-il prendre son envol ?
    Bonne chance.

    Albert.

    0
  17. odulvic Messages postés 352 Statut Membre 218
     
    bhaaaa merci afideg si il n'y a rien d'etrange dans mes rapport alors on laisse tomber sinon on en profite pour netoyer mon pc j'attend une reponse de mon helpeur (^_*)
    0
  18. odulvic Messages postés 352 Statut Membre 218
     
    oki ezula je fais le scan et je te poste les nouvelles demain soir vers 19h en attendant merci beaucoup et bonne fin de soirée bye bye a demain (^_*)
    0
  19. odulvic Messages postés 352 Statut Membre 218
     
    salut azula bon ben j'ai fais le scan il n'y a rien a part des cookies.
    alors docteur tu en pense quoi ??^^
    0
  20. eZula Messages postés 3509 Statut Contributeur 392
     
    OIù en sont les problèmes ?
    0
    1. odulvic Messages postés 352 Statut Membre 218
       
      bonjour azula,
      j'ai fais le scan sur le site que tu m'as donner il n'as rien trouver a part quelque cookies
      0
  • 1
  • 2