Problème de popup (winantivirus, drive cleane

Résolu
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   -  
blondin777 Messages postés 6155 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour à tous,
Je me rends compte que je ne suis pas le seul à avoir ce problème mais comme chaque cas est différent je me tourne vers vous pour m'aider à le résoudre : j'ai depuis quelques jours des fenêtres de winantivirus2006, winantispyware, windoctor2006 etc qui s'ouvrent intempestivement!
que dois-je faire? j'ai évidemment passé avast, ccleaner, adaware. j'ai comme parefeu ZoneAlarm.
Merci d'avance
A voir également:

21 réponses

  • 1
  • 2
Réponse 1 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
J'ai déjà envoyé celui de clean.zip

C'est toujours le même:
26/04/2007 a 11:35:50,75

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\ALCXMNTR.EXE FOUND

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\p2p\" FOUND
*** Fin du rapport !
2
Réponse 2 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Voici le rapport navilog....

Search Navipromo version 1.1.5 commencé le 26/04/2007 à 10:25:04,39

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Documents and Settings\HP_Administrateur\Bureau
Mise a jour le 13.04.2007 a 20h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***




*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\HP_Administrateur\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1061.

[+] Started on 04/26/07 at 10:25:08.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ...........................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 04/26/07 at 10:26:59 (return code = 0).


*** Recherche fichiers ***




*** Recherche cles registre ***


Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control



*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

C:\WINDOWS\system32\rrqss.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\rrqss.bak2 trouvé ! infection Vundo possible non traité par cet outil !

2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********


*** Analyse Terminé le 26/04/2007 à 10:27:51,71 ***
2
Réponse 3 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
voilà le rapport SmitFraudFix....

SmitFraudFix v2.171

Rapport fait à 11:26:37,98, 26/04/2007
Executé à partir de C:\Documents and Settings\HP_Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Administrateur


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Administrateur\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_ADM~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 16.92.3.242
DNS Server Search Order: 16.92.3.243
DNS Server Search Order: 16.81.3.243
DNS Server Search Order: 16.118.3.243

Description: SAGEM Wi-Fi 11g USB adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer=16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
HKLM\SYSTEM\CCS\Services\Tcpip\..\{F4D5FA04-DD6C-4B66-8D80-CE936FBD5609}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer=16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F4D5FA04-DD6C-4B66-8D80-CE936FBD5609}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer=16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
HKLM\SYSTEM\CS3\Services\Tcpip\..\{F4D5FA04-DD6C-4B66-8D80-CE936FBD5609}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
2
Réponse 4 / 21
blondin777 Messages postés 6155 Date d'inscription   Statut Contributeur Dernière intervention   945
 
Salut.

Fais un clic droit sur ce lien :

http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip

Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
Patientes jusqu'au message :

"Analyse Termine le ..... "

Appuies sur une touche comme demandé, le bloc-notes va s'ouvrir.
Copies-colles l'intégralité içi. Refermes le bloc-notes.

télécharges « Hijackthis »:

http://telechargement.zebulon.fr/138-HijackThis.html

*Installes-le dans un dossier créé spécialement à la racine de ta partition principale (généralement c:\).
Donc tu l'installes dans C:\ et pas dans C: \.........\........\.
*Renommes le en hij.exe par exemple
*Double cliques sur hij.exe
*Cliques sur le fichier > « exécute » > « do a scan and save a logfile ».
*Une fois fini tu vas avoir un « rapport.txt » (dans le dossier où tu l’as installé)
*Postes ici ce rapport

Démo pour cocher et fixer les lignes:

http://pageperso.aol.fr/balltrap34/Hijenr.gif
http://pageperso.aol.fr/balltrap34/demohijack.htm
1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Et voilà le rapport hijack this....

Logfile of HijackThis v1.99.1
Scan saved at 10:33:36, on 26/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\ALCXMNTR.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - C:\Program Files\ReGetDx\iebar.dll
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
1
Réponse 6 / 21
blondin777 Messages postés 6155 Date d'inscription   Statut Contributeur Dernière intervention   945
 
Appuies en même temps sur Ctrl+Alt+suppr>>onglet processus, et désactive ce processus:

C:\WINDOWS\ALCXMNTR.EXE

Dans hijackthis, coches et fixes ces lignes:

R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

http://www.atribune.org/ccount/click.php?id=4

Double-clique VundoFix.exe afin de le lancer.
Clique sur le bouton "Scan for Vundo"
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
Démarre ton PC à nouveau.
Copie/colle le contenu du rapport situé dans C:\vundofix.txt

Repostes un log hijakthis après.
1
Réponse 7 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Voici le rapport de VundoFix...
VundoFix V6.3.20

Checking Java version...

Java version is 1.5.0.5
Old versions of java are exploitable and should be removed.

Scan started at 10:55:30 26/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\cgpouoch.dll
C:\WINDOWS\system32\ckpsrfbf.dll
C:\WINDOWS\system32\dkkbjhwf.dll
C:\WINDOWS\system32\fccayyx.dll
C:\WINDOWS\system32\fcccawx.dll
C:\WINDOWS\system32\iyawwrgx.dll
C:\WINDOWS\system32\kfppokak.dll
C:\WINDOWS\system32\nlngtvca.dll
C:\WINDOWS\system32\oqtss.ini
C:\WINDOWS\system32\risdsujf.dll
C:\WINDOWS\system32\rrqss.bak1
C:\WINDOWS\system32\rrqss.bak2
C:\WINDOWS\system32\rrqss.ini
C:\WINDOWS\system32\saytsxgo.dll
C:\WINDOWS\system32\ssqrr.dll
C:\WINDOWS\system32\sstqo.dll
C:\WINDOWS\system32\ssttu.dll
C:\WINDOWS\system32\ubobjnyx.dll
C:\WINDOWS\system32\uttss.ini
C:\WINDOWS\system32\xxyyvsq.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\cgpouoch.dll
C:\WINDOWS\system32\cgpouoch.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ckpsrfbf.dll
C:\WINDOWS\system32\ckpsrfbf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\dkkbjhwf.dll
C:\WINDOWS\system32\dkkbjhwf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fccayyx.dll
C:\WINDOWS\system32\fccayyx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fcccawx.dll
C:\WINDOWS\system32\fcccawx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\iyawwrgx.dll
C:\WINDOWS\system32\iyawwrgx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kfppokak.dll
C:\WINDOWS\system32\kfppokak.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nlngtvca.dll
C:\WINDOWS\system32\nlngtvca.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oqtss.ini
C:\WINDOWS\system32\oqtss.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\risdsujf.dll
C:\WINDOWS\system32\risdsujf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\rrqss.bak1
C:\WINDOWS\system32\rrqss.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\rrqss.bak2
C:\WINDOWS\system32\rrqss.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\rrqss.ini
C:\WINDOWS\system32\rrqss.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\saytsxgo.dll
C:\WINDOWS\system32\saytsxgo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssqrr.dll
C:\WINDOWS\system32\ssqrr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\sstqo.dll
C:\WINDOWS\system32\sstqo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssttu.dll
C:\WINDOWS\system32\ssttu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ubobjnyx.dll
C:\WINDOWS\system32\ubobjnyx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\uttss.ini
C:\WINDOWS\system32\uttss.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xxyyvsq.dll
C:\WINDOWS\system32\xxyyvsq.dll Has been deleted!

Performing Repairs to the registry.
Done!
1
Réponse 8 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Et voici maintenant le nouveau log hijack this...

Logfile of HijackThis v1.99.1
Scan saved at 11:08:14, on 26/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\bwcchsii.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7866594A-BEF3-4F58-AEBC-4AA092EFCB1c} - C:\WINDOWS\system32\ynlagqgi.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {C9EBADCB-93D8-4849-8F4E-1E7A083D302C} - C:\WINDOWS\system32\ssqrr.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - C:\Program Files\ReGetDx\iebar.dll
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
1
Réponse 9 / 21
blondin777 Messages postés 6155 Date d'inscription   Statut Contributeur Dernière intervention   945
 
Télécharge SmitfraudFix

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'option 1 (Recherche)
Poste le rapport ici

****************
Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
Ouvre le dossier Clean qui se trouve sur ton bureau.
Double-clic sur clean.cmd.
Une fenêtre noire va apparaître, suis les consignes.
Poste le rapport qui se trouve ici C:\rapport_clean.txt

*******************

Dans hijackthis,coches et fixes ces lignes:

O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\bwcchsii.dll
O2 - BHO: (no name) - {7866594A-BEF3-4F58-AEBC-4AA092EFCB1c} - C:\WINDOWS\system32\ynlagqgi.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {C9EBADCB-93D8-4849-8F4E-1E7A083D302C} - C:\WINDOWS\system32\ssqrr.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL

1
Réponse 10 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Et maintenant le rapport de clean...

26/04/2007 a 11:28:42,64

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\ALCXMNTR.EXE FOUND

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\p2p\" FOUND
*** Fin du rapport !
1
Réponse 11 / 21
blondin777 Messages postés 6155 Date d'inscription   Statut Contributeur Dernière intervention   945
 
Il est clean

J'attends l'autre rapport.
1
Réponse 12 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
C'est un nouveau rapport hijack this que tu attends?
1
Réponse 13 / 21
blondin777 Messages postés 6155 Date d'inscription   Statut Contributeur Dernière intervention   945
 
Désolé, j'avais pas fait gaffe.

Tu peux passer clean en option 2 et repasses le en option 1.
1
Réponse 14 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Moi ausii je suis désolé de ne'avoir pu continuer la discussion, je n'arrivais plus à me connescter sur CCM.

Bon, je t'explique. J'ai fais l'option 2 dans clean.zip, la suppression à fonctionné sauf avec ce fichier: "C:\Program Files\p2p\" FOUND .

Alors j'ai redémarré le PC en mode sans échec, mais je n'ai pas réussi à lancer clean dans ce mode.
J'ai à nouveau redémarré et cette fois en mode normal.
J'ai relancé l'option 2 de clean.zip et voilà le rapport....

26/04/2007 a 12:00:54,50

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
1
Réponse 15 / 21
blondin777 Messages postés 6155 Date d'inscription   Statut Contributeur Dernière intervention   945
 
Ok.

T'as toujours tes fenêtres?

Si c'est le cas, fais ça:

**Télécharge la version d'essai d'AVG Anti-Spyware 7.5 ici :
https://www.avg.com/en-ww/free-antivirus-download
et l'installer.

Son tuto (merci malekal_morte) : https://www.malekal.com/avg-antivirus-free-antivirus-gratuit-pour-proteger-son-pc-des-virus/

Démarrer AVG antispyware. Cliquer sur "mise à jour", cliquer sur le bouton "Commencer la mise à jour" et attendre la fin de cette mise à jour puis, fermer le programme.
Redemarrer en mode sans échec, relancer AVG AS et cliquer sur l'onglet "scanner" puis sur "Analyse complète du système".
Une fois le scan terminé, il t'affiche un rapport. Cliquer sur "configurer..." en bas a gauche et choisir "supprimer". Ensuite cliquer sur "Appliquer toutes les actions ", ca va supprimer toutes les infections détectées.
Ensuite cliquer sur "Enregistrer le rapport d'analyse" -> "enregistrer sous" et enregistrer le rapport où bon te semble, afin de me l'envoyer dans ta prochaine réponse.

Pour vérifier, scanne ton PC avec cet antivirus en ligne (sous IE et accepte l’activX) :
http://www.bitdefender.fr/bd/site/search.php#
Clique sur « Bitdefender scan on line » suis les instructions.
Et colle le rapport.

1
Réponse 16 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Bon, j'arrive pas à télécharger les mises à jour de AVG AS.
Je vais donc faire l'analyse avec Spybot.
Si tu as une meilleure idée, n'hésites pas à m'en faire part.
1
Réponse 17 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Voici le rapport spybot éxécuté en mode sans échec... (il a trouvé 2 problèmes et les a résolu: Winsoftware.WinAntispyware...et Microsoft.WindowsSecurityCenter.Antivirus Disable Notify)


--- Search result list ---
Winsoftware.WinAntiSpyware2006: Réglages (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiSpyware 2006 Scanner

Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Réglages (Modification du registre, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-04-26 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-04-18 advcheck.dll (1.5.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-04-25 Includes\Cookies.sbi (*)
2006-12-08 Includes\Dialer.sbi (*)
2007-04-25 Includes\DialerC.sbi (*)
2007-04-04 Includes\Hijackers.sbi (*)
2007-04-25 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-04-25 Includes\KeyloggersC.sbi (*)
2007-03-21 Includes\Malware.sbi (*)
2007-04-25 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-04-25 Includes\PUPSC.sbi (*)
2007-04-25 Includes\Revision.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-04-25 Includes\SecurityC.sbi (*)
2007-03-21 Includes\Spybots.sbi (*)
2007-04-25 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-04-25 Includes\Trojans.sbi (*)
2007-04-25 Includes\TrojansC.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Media Center 2005 / SP4: Correctif n° 2 pour Windows XP Édition Media Center 2005
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Mise à jour pour Lecteur Windows Media 10 (KB913800)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
/ Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
/ Windows XP: Mise à jour de sécurité pour Windows XP (KB923689)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Correctif Windows XP - KB883667
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Correctif pour Windows XP (KB888795)
/ Windows XP / SP3: Correctif Windows XP - KB890175
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif pour Windows XP (KB891593)
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Correctif Windows XP - KB892050
/ Windows XP / SP3: Correctif Windows XP - KB893066
/ Windows XP / SP3: Correctif pour Windows XP (KB893357)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Correctif pour Windows XP (KB899337)
/ Windows XP / SP3: Correctif pour Windows XP (KB899510)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Correctif pour Windows XP (KB902841)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905915)
/ Windows XP / SP3: Correctif pour Windows XP (KB906569)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB908531)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB911280)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918118)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB919007)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920213)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920670)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920683)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920685)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB920872)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB922582)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922819)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923191)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923694)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923980)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924191)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924270)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924667)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926255)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926436)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927779)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927802)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928090)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928255)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928843)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB929969)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB930178)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931261)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931784)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB931836)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB932168)


--- Startup entries list ---
Located: HK_LM:Run, Autoconfigurateur WiFi Neuf
command: C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
file: C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
size: 122880
MD5: 29b69a3baf1cc83114110b664ad9bf64

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 75392
MD5: 0b75e6ec8adc572d55f9b05a46fe3de3

Located: HK_LM:Run, ftutil2
command: rundll32.exe ftutil2.dll,SetWriteCacheMode
file: C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: f5402cd47b7389ddc21f92119a906eee

Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: c81be1b951c36e97d3da90da745da5f7

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: f5402cd47b7389ddc21f92119a906eee

Located: HK_LM:Run, nwiz
command: nwiz.exe /installquiet /keeploaded /nodetect
file: C:\WINDOWS\system32\nwiz.exe
size: 1519616
MD5: 0033ce6494554e47514d3487c9a8f93d

Located: HK_LM:Run, PWRISOVM.EXE
command: C:\Program Files\PowerISO\PWRISOVM.EXE
file: C:\Program Files\PowerISO\PWRISOVM.EXE
size: 200704
MD5: 63ff498268fed7262753f3975fd04860

Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 237568
MD5: f3eaea279f09a7779c18793c87640794

Located: HK_LM:Run, ZoneAlarm Client
command: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
file: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
size: 919280
MD5: 3e1731c55f77d150791d4c7e87ad4e5c

Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259

Located: HK_CU:RunOnce, NeroHomeFirstStart
command: C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe
file: C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe
size: 16944
MD5: 2c5afa72ab69c825fe3ac40278d20f63

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 07/07/2006 12:29:52
Date (last access): 26/04/2007 14:08:10
Date (last write): 07/07/2006 12:29:52
Filesize: 324416
Attributes: hidden archive
MD5: 52A70C80A446FA3BBCDAF59A9AB26AF4
CRC32: B1456034
Version: 4.0.249.1

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://www.google.com/intl/fr/toolbar/ie/index.html
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 16/04/2007 16:47:18
Date (last access): 26/04/2007 13:49:12
Date (last write): 19/01/2007 23:56:04
Filesize: 2436160
Attributes: readonly archive
MD5: 6D44E0C3B43D27484FBB355E470C4188
CRC32: 2DE875CD
Version: 4.0.1601.4978



--- ActiveX list ---
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_01\bin\
Long name: npjpi160_01.dll
Short name: NPJPI1~1.DLL
Date (created): 14/03/2007 02:04:46
Date (last access): 26/04/2007 14:08:12
Date (last write): 14/03/2007 03:43:42
Filesize: 132760
Attributes: archive
MD5: F112FB2FD2EF66D439799E3F834DF000
CRC32: D2B09219
Version: 6.0.0.6



--- Process list ---
PID: 0 ( 0) [System]
PID: 208 ( 4) \SystemRoot\System32\smss.exe
PID: 276 ( 208) \??\C:\WINDOWS\system32\csrss.exe
PID: 300 ( 208) \??\C:\WINDOWS\system32\winlogon.exe
PID: 344 ( 300) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
PID: 356 ( 300) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 9F3744A5C6F49291A7A685040A013399
PID: 508 ( 344) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 568 ( 344) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 632 ( 344) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 892 ( 864) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 4C33E5B9A6197B6ED215F6CFBA0A2DAA
PID: 1112 ( 892) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 26/04/2007 14:09:56

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---


--- Uninstall list ---
Otto (0D20D36D-A11C-444c-9AF7-70CBFED42ECF)
uninstall cmd: "C:\Program Files\FrenchOtto\uninstallotto.exe"

EA SPORTS online 2007 (82A44D22-9452-49FB-00FB-CEC7DCAF7E23)
uninstall cmd: C:\Program Files\Jeux\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe

GemMaster Mystic (99A88D57-2C93-491B-87B8-E41A870FB6BE)
uninstall cmd: "C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"

ABC (remove only) (ABC)
uninstall cmd: C:\Program Files\P2P\ABC\Uninstall.exe

Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: https://www.adaware.com/

(AddressBook)

Ask Toolbar (AskPBar Uninstall)
uninstall cmd: rundll32 C:\PROGRA~1\AskPBar\bar\1.bin\AskPBar.dll,O
publisher: Ask.com
help link: http://help.mysearch.com/searchbar.html

(AudioPlugin.dll)
uninstall cmd: c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

avast! Antivirus 4.7 (avast!)
version (major): 4
version (minor): 7
install location: C:\PROGRA~1\ALWILS~1\Avast4
install source: C:\PROGRA~1\ALWILS~1\Avast4\setup
uninstall cmd: rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
publisher: Alwil Software
help link: https://www.avast.com/fr-fr/index

AVS DVD Player version 2.3 (AVS DVD Player_is1)
install location: C:\Program Files\AVSMedia\DVDPlayer\
uninstall cmd: "C:\Program Files\AVSMedia\DVDPlayer\unins000.exe"
publisher: Online Media Technologies Ltd.
contact: info@avsmedia.com
help link: http://www.avsmedia.com/support/index.aspx

Microsoft Away Mode 6.0.0160.0 (AwayMode160)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/902437

CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

(Connection Manager)

(CopyNow.dll)
uninstall cmd: c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}

(DataPlugin.dll)
uninstall cmd: c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}

(DirectAnimation)

(DirectDrawEx)

(DXM_Runtime)

(EAFunctions.dll)
uninstall cmd: c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}

Ease Audio Converter 4.20 (Ease Audio Converter_is1)
install location: C:\Program Files\easetech\EaseAudioConverter\
uninstall cmd: "C:\Program Files\easetech\EaseAudioConverter\unins000.exe"

(Fontcore)

Guitar Pro 5.0 (Guitar Pro 5_is1)
install location: C:\Program Files\Guitar Pro 5\
uninstall cmd: "C:\Program Files\Guitar Pro 5\unins000.exe"
publisher: Arobas Music
help link: https://www.guitar-pro.com/

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Hijackthis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

HP Document Viewer 5.3 5.3 (HP Document Viewer)
uninstall cmd: C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true

HP Imaging Device Functions 7.0 7.0 (HP Imaging Device Functions)
uninstall cmd: C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true

HP Photosmart Premier Software 6.0 6.0 (HP Photo & Imaging)
uninstall cmd: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true

HP Photosmart for Media Center PC (HP Photosmart for Media Center PC)
uninstall cmd: c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u

HP Solution Center 7.0 7.0 (HP Solution Center & Imaging Support Tools)
uninstall cmd: C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true

OCR Software by I.R.I.S 7.0 7.0 (HPOCR)
uninstall cmd: C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

Amélioration de nos services Customer Experience Enhancement -1.0.0.1680 (InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79})
version: 16777216
version (major): 1
estimated size: 336
install date: 20050101
install source: C:\hp\tmp\src\
uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
publisher: Hewlett-Packard

SmartSound Quicktracks Plugin 3.0.2.7 (InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E})
version: 50331650
version (major): 3
estimated size: 16790
install date: 20070415
install location: C:\Program Files\SmartSound Software\Quicktracks\
install source: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\_is1C2\
uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
publisher: SmartSound Software Inc
comments: Built by SmartSound Software Inc.
contact: Customer Support Department
help link: https://www.smartsound.com/support
help telephone: 1-818-920-9122

Services Internet FE UI-1.0.0.1680 (InstallShield_{5CFD7508-7774-48FE-8280-7A3C0AE71755})
version: 16777216
version (major): 1
estimated size: 1932
install date: 20050101
install source: C:\hp\tmp\src\
uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
publisher: Hewlett Packard

(InstallShield_{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38})

MainConcept for Software Encoder 1.1.0.26 (InstallShield_{E7A02A01-C75A-4490-A168-5CA709A3D862})
version: 16842752
version (major): 1
version (minor): 1
estimated size: 3488
install date: 20050101
install location: C:\Program Files\MainConcept\
install source: C:\hp\drivers\TVTuner_ASUS_Tiger_LNA\
uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
publisher: MainConcept

Pro Evolution Soccer 6 1.00.0000 (InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514})
version: 16777216
version (major): 1
estimated size: 1418148
install date: 20070422
install location: C:\Program Files\Jeux\KONAMI\Pro Evolution Soccer 6\
install source: K:\
uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1036
publisher: KONAMI

KaraFun 1.16a (KaraFun_is1)
install date: 20070415
install location: C:\Program Files\KaraFun\
uninstall cmd: "C:\Program Files\KaraFun\unins000.exe"
publisher: Recisio
help link: https://www.karafun.com/

(KB884016)

(KB884267)

(KB885353)

(KB886612)

(KB887078)

(KB887626)

(KB888656)

Correctif pour Windows XP (KB888795) 3 (KB888795)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/888795

(KB889858)

(KB891122)

Correctif pour Windows XP (KB891593) 2 (KB891593)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/891593

(KB892313)

(KB893240)

(KB893241)

3.1 (KB893803)
help link: https://support.microsoft.com/en-us/help/893803/windows-installer-3-1-v2-3-1-4000-2435-is-available

(KB895181)

(KB895316)

(KB895572)

Correctif Windows XP - KB895961 1 (KB895961)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/895961

(KB897586)

(KB898549)

Correctif pour Windows XP (KB899337) 5 (KB899337)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899337

Correctif pour Windows XP (KB899510) 1 (KB899510)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/899510

Correctif n° 2 pour Windows XP Édition Media Center 2005 (KB900325)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/900325

(KB900399)

(KB902344)

Correctif pour Windows XP (KB902841) 1 (KB902841)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/902841

Hotfix for Windows Media Player 10 (KB903157) (KB903157)
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/903157

(KB907658)

(KB911565)

(KB911854)

Enhanced Multimedia Keyboard Solution (KBD)
uninstall cmd: C:\HP\KBD\Install.exe /u

(KBKB895961)

Language pack for Ad-Aware SE (Language pack for Ad-Aware SE)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.de

LimeWire PRO 4.13.2 4.13.2 (LimeWire)
uninstall cmd: "C:\Program Files\LimeWire\uninstall.exe"
publisher: Lime Wire, LLC
help link: http://www.limewire.com/support

Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

4.9.1.8211 (MailFrontier Desktop)
publisher: MailFrontier

Media Player Classic fr 6.4.9.0 (Media Player Classic)
install location: C:\Program Files\Media Player Classic
uninstall cmd: "C:\Program Files\Media Player Classic\uninstall.exe"

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

(Microsoft Interactive Training)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu

(MobileOptionPack)

Mozilla Firefox (2.0.0.3) 2.0.0.3 (fr) (Mozilla Firefox (2.0.0.3))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox

(MPlayer2)

Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://www.microsoft.com/fr-fr/?ref=go

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL

(NeroBackItUp!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

(NeroMediaHome!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

(NeroRecode!UninstallKey)
uninstall cmd: C:\WINDOWS\UNRecode.exe /UNINSTALL

(NeroShowTime!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

(NeroVision!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroVision.exe /UNINSTALL

(NetMeeting)

Neuf - Kit de connexion 6.7.10.1 (Neuf_Kit)
uninstall cmd: C:\Program Files\Neuf\Kit\uninstall.exe
publisher: Neuf
help link: http://abonnes.neuf.fr
help telephone: 0892 222 109

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

(OutlookExpress)

PC-Doctor 5 for Windows 5.00.3311.03 (PC-Doctor 5 for Windows)
install location: C:\Program Files\PC-Doctor 5 for Windows\
uninstall cmd: C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
publisher: PC-Doctor, Inc.
comments: Personal Computer Diagnostics Software
contact: Customer Support Depertment

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

PowerISO (PowerISO)
uninstall cmd: "C:\Program Files\PowerISO\uninstall.exe"

Microsoft Office Professional Plus 2007 12.0.4518.1014 (PROPLUS)
install location: C:\Program Files\Microsoft Office
uninstall cmd: "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
publisher: Microsoft Corporation

PS2 (PS2)
uninstall cmd: C:\WINDOWS\system32\ps2.exe uninstall

Python 2.2.3 2.2.3 (Python 2.2.3)
uninstall cmd: C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
publisher: PythonLabs at Zope Corporation
help link: https://www.python.org/

Python 2.2 pywin32 extensions (build 203) (pywin32-py2.2)
uninstall cmd: "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

ReGet Deluxe 4.3 Beta (ReGetDx)
uninstall cmd: C:\Program Files\ReGetDx\regetdx.exe -uninstall

(SchedulingAgent)

(ShockwaveFlash)

Skype 3.1 3.1 (Skype_is1)
install location: C:\Program Files\Skype\Phone\
uninstall cmd: "C:\Program Files\Skype\Phone\unins000.exe"
publisher: Skype Technologies S.A.
help link: http://ui.skype.com/ui/0/3.1.0.152/en/help

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

Ulead Photo Express 3.0 SE (Ulead Photo Express 3.0 SE)
uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\IS32Inst.dll"

µTorrent 1.6 (uTorrent)
install location: C:\Program Files\P2P\uTorrent
uninstall cmd: "C:\Program Files\P2P\uTorrent\uninstall.exe"

Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify)
install date: 20070415
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905474

Windows Media Encoder 9 Series (Windows Media Encoder 9)
uninstall cmd: msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: https://support.microsoft.com/en-us

Lecteur Windows Media 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

WinRAR archiver (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

(WMCSetup)

Windows Media Format 11 runtime (WMFDist11)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Windows Media Player 11 (wmp11)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build Number 5716

ZoneAlarm 7.0.337.000 (ZoneAlarm)
uninstall cmd: C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
publisher: Check Point, Inc
help link: C:\Program Files\Zone Labs\ZoneAlarm\Aide\zaclients.chm

Nero 7 7.02.6387 ({06024F70-15BC-4447-B53A-F1A7BBA21036})
version: 117577971
version (major): 7
version (minor): 2
estimated size: 592690
install date: 20070415
install location: C:\Program Files\Nero\Nero 7\
install source: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\NeroDemo12518\
uninstall cmd: MsiExec.exe /I{06024F70-15BC-4447-B53A-F1A7BBA21036}
publisher: Nero AG
comments: Nero AG
contact: techsupport@nero.com retail-support@nero.com chinese-techsupport@nero.com
help link: techsupport@nero.com retail-support@nero.com chinese-techsupport@nero.com
help telephone: xxxxxxxxxxxxxx

Sonic RecordNow Data 2.0.4 ({075473F5-846A-448B-BCB3-104AA1760205})
version: 33554436
version (major): 2
estimated size: 14281
install date: 20050101
install source: c:\hp\tmp\src\SC_DATA_204\
uninstall cmd: MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
publisher: Sonic Solutions
help link: http://support.sonic.com/

AiO_Scan 50.0.206.000 ({0B33B738-AD79-4E32-90C5-E67BFB10BBFF})
version: 838861006
version (major): 50
estimated size: 197
install date: 20050101
install source: c:\hp\tmp\src\CDB\setup\AiO_Scan\
publisher: Hewlett-Packard

DocumentViewer 53.0.13.000 ({172975EB-9465-4861-95B5-C7BB6D3DE62A})
version: 889192461
version (major): 53
estimated size: 27586
install date: 20050101
install source: c:\hp\tmp\src\CDA\setup\DocumentViewer\
publisher: Hewlett-Packard

CP_CalendarTemplates1 60.0.155.000 ({1CB34CE9-0E6B-493F-BB66-3425E5DF76E5})
version: 1006633115
version (major): 60
estimated size: 2333
install date: 20050101
install source: c:\hp\tmp\src\setup\CP_CalendarTemplates1\
publisher: Hewlett-Packard

Sonic MyDVD Plus 6.2.0 ({21657574-BD54-48A2-9450-EB03B2C7FC29})
version: 100794368
version (major): 6
version (minor): 2
estimated size: 120510
install date: 20050101
install source: c:\hp\tmp\src\
uninstall cmd: MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
publisher: Sonic Solutions
help link: http://support.sonic.com/

Windows Live Sign-in Assistant 4.000.249.1 ({22B3CC30-77B8-419C-AA4B-F571FDF5D66D})
version: 67109113
version (major): 4
estimated size: 1112
install date: 20070415
install source: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
publisher: Microsoft Corporation

Amélioration de nos services Customer Experience Enhancement -1.0.0.1680 ({23012310-3E05-46A5-88A9-C6CBCABCAC79})
version: 16777216
version (major): 1
estimated size: 336
install date: 20050101
install source: C:\hp\tmp\src\
publisher: Hewlett-Packard

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"

HPPhotoSmartExpress 70.0.170.000 ({2376813B-2E5A-4641-B7B3-A0D5ADB55229})
version: 1174405290
version (major): 70
estimated size: 10146
install date: 20070416
install source: E:\setup\HPPhotoSmartExpress\
publisher: Hewlett-Packard

CP_Package_Variety2 60.0.155.000 ({23B35809-5E4A-4F14-8332-1CDEDDFAC089})
version: 1006633115
version (major): 60
estimated size: 8609
install date: 20050101
install source: c:\hp\tmp\src\setup\CP_Package_Variety2\
publisher: Hewlett-Packard

SkinsHP1 60.0.155.000 ({2A548002-9042-4083-A270-B67473DE1073})
version: 1006633115
version (major): 60
estimated size: 5
install date: 20050101
install source: c:\hp\tmp\src\setup\SkinsHP1\
publisher: Hewlett-Packard

HP Deskjet Printer Preload 10.1.0 ({2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0})
version: 167837696
version (major): 10
version (minor): 1
estimated size: 25158
install date: 20050101
install location: c:\hp\drivers\printers\deskjet\
install source: c:\hp\drivers\printers\deskjet\
uninstall cmd: MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
publisher: Hewlett-Packard Company
comments: Removing this preload will not affect installed Deskjet printers. Reinstallation will require the CD that accompanies the printer.
contact: Customer Support Department
help link: https://www8.hp.com/fr/fr/home.html
help telephone:

Sonic Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E})
version: 50331648
version (major): 3
estimated size: 2444
install date: 20050101
install source: c:\hp\tmp\src\UPDATEMANAGER_MSI\
uninstall cmd: MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
publisher: Sonic Solutions

J2SE Runtime Environment 5.0 Update 5 1.5.0.50 ({3248F0A8-6813-11D6-A77B-00B0D0150050})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 155209
install date: 20050101
install source: C:\Documents and Settings\Administrateur\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
publisher: Sun Microsystems, Inc.
contact: https://www.java.com/en/
help link: https://www.java.com/en/
readme: C:\Program Files\Java\jre1.5.0_05\README.txt

Java(TM) SE Runtime Environment 6 Update 1 1.6.0.10 ({3248F0A8-6813-11D6-A77B-00B0D0160010})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 137306
install date: 20070425
install source: http://javadl.sun.com/webapps/download/GetFile/1.6.0_01-b06/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
publisher: Sun Microsystems, Inc.
contact: https://www.java.com/en/
help link: https://www.java.com/en/
readme: C:\Program Files\Java\jre1.6.0_01\README.txt

HP Photosmart 330,380,420,470,7800,8000,8200 Series 8.1 ({33D6CC28-9F75-4d1b-A11D-98895B3A3729})
uninstall cmd: C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true

WebFldrs XP 9.50.7523 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2608
install date: 20051010
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: https://www.microsoft.com/en-us/windows/

muvee autoProducer unPlugged 1.2 1.20.100 ({35DD9A1D-B340-4F41-A8B0-6EEBFB119280})
version: 18088036
install location: C:\Program Files\muvee Technologies\muvee autoProducer unPlugged 1.2 - HPD
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}\setup.exe" -l0x40c
publisher: muvee Technologies
help link: http://store.muvee.com/?f=support&k=&w=01030408&l=1036

PanoStandAlone 70.0.170.000 ({363790D2-DA98-41DD-9C9F-69FA36B169DE})
version: 1174405290
version (major): 70
estimated size: 1771
install date: 20070416
install source: E:\setup\PanoStandAlone\
publisher: Hewlett-Packard

OptionalContentQFolder 1.00.0000 ({36D620AD-EEBA-4973-BA86-0C9AE6396620})
version: 16777216
version (major): 1
install date: 20050101
install source: c:\hp\tmp\src\setup\QFolder\
publisher: Hewlett-Packard

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20070415
install source: c:\b15ada5f89ef25d2f6d9\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/927978/ms06-071-security-update-for-microsoft-xml-core-services-4-0

HP Boot Optimizer 2.0.5.1 ({3BA95526-6AE0-4B87-A62D-17187EF565FC})
uninstall cmd: C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
publisher: Hewlett-Packard Company
help link: www.hp.com

RandMap 60.0.155.000 ({3FE0CFAB-584A-4AA5-B8CD-C32284CFA308})
version: 1006633115
version (major): 60
estimated size: 22628
install date: 20050101
install source: c:\hp\tmp\src\setup\RandMap\
publisher: Hewlett-Packard

BufferChm 70.0.170.000 ({45B8A76B-57EC-4242-B019-066400CD8428})
version: 1174405290
version (major): 70
estimated size: 137
install date: 20070416
install source: E:\setup\BufferChm\
publisher: Hewlett-Packard

HP DVD Play 1.0 ({45D707E9-F3C4-11D9-A373-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall

CP_Panorama1Config 60.0.155.000 ({494D17B5-3369-4905-8C4B-80C972C5E0FF})
version: 1006633115
version (major): 60
estimated size: 13
install date: 20050101
install source: c:\hp\tmp\src\setup\CP_Panorama1Config\
publisher: Hewlett-Packard

SmartSound Quicktracks Plugin 3.0.2.7 ({4A7FDA4D-F4D7-4A49-934A-066D59A43C7E})
version: 50331650
version (major): 3
estimated size: 16790
install date: 20070415
install location: C:\Program Files\SmartSound Software\Quicktracks\
install source: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\_is1C2\
publisher: SmartSound Software Inc
comments: Built by SmartSound Software Inc.
contact: Customer Support Department
help link: https://www.smartsound.com/support
help telephone: 1-818-920-9122

cp_LightScribeConfig 60.0.155.000 ({4DA4012B-39AF-48c2-B23B-A4D570D233A6})
version: 1006633115
version (major): 60
estimated size: 37
install date: 20050101
install source: c:\hp\tmp\src\setup\cp_LightScribeConfig\
publisher: Hewlett-Packard

HPProductAssistant 70.0.170.000 ({4EA684E9-5C81-4033-A696-3019EC57AC3A})
version: 1174405290
version (major): 70
estimated size: 4539
install date: 20070416
install source: E:\setup\hpproductassistant\
publisher: Hewlett-Packard

CP_Package_Variety1 60.0.155.000 ({522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1})
version: 1006633115
version (major): 60
estimated size: 7393
install date: 20050101
install source: c:\hp\tmp\src\setup\CP_Package_Variety1\
publisher: Hewlett-Packard

FullDPAppQFolder 1.00.0000 ({53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C})
version: 16777216
version (major): 1
install date: 20050101
install source: c:\hp\tmp\src\hpsw\setup\QFolder\
publisher: Hewlett-Packard

NewCopy 50.0.206.000 ({54E3707F-808E-4fd4-95C9-15D1AB077E5D})
version: 838861006
version (major): 50
estimated size: 2282
install date: 20050101
install source: c:\hp\tmp\src\CDB\setup\newcopy\
publisher: Hewlett-Packard

cp_PosterPrintConfig 60.0.155.000 ({54F0998F-73C8-4b51-8286-FE903C231BED})
version: 1006633115
version (major): 60
estimated size: 29
install date: 20050101
install source: c:\hp\tmp\src\setup\cp_PosterPrintConfig\
publisher: Hewlett-Packard

neroxml 1.0.0 ({56C049BE-79E9-4502-BEA7-9754A3E60F9B})
version: 16777216
version (major): 1
estimated size: 48
install date: 20070415
install source: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\NeroDemo12518\Redist\
uninstall cmd: MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
publisher: Nero AG
contact: Nero AG

HP PSC & OfficeJet 5.3.B ({5B79CFD1-6845-4158-9D7D-6BE89DF2C135})
uninstall cmd: "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
publisher: HP
help link: https://support.hp.com/us-en?openCLC=true

Services Internet FE UI-1.0.0.1680 ({5CFD7508-7774-48FE-8280-7A3C0AE71755})
version: 16777216
version (major): 1
estimated size: 1932
install date: 20050101
install source: C:\hp\tmp\src\
publisher: Hewlett Packard

QuickTime 7.1.5.120 ({5E863175-E85D-44A6-8968-82507D34AE7F})
version: 117506053
version (major): 7
version (minor): 1
estimated size: 72139
install date: 20070415
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IXP392.TMP\
uninstall cmd: MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
publisher: Apple Computer, Inc.
contact: Assistance AppleCare
help link: https://support.apple.com/fr-fr
help telephone: (33) 0825 888 024

Sonic Express Labeler 2.1.0 ({6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 13855
install date: 20050101
install source: c:\hp\tmp\src\EXPRESSLABELER_20\
uninstall cmd: MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
publisher: Sonic Solutions

WebReg 70.0.170.000 ({66910000-8B30-4973-A159-6371345AFFA5})
version: 1174405290
version (major): 70
estimated size: 529
install date: 20070416
install source: E:\setup\WebReg\
publisher: Hewlett-Packard

eSupportQFolder 1.00.0000 ({66E6CE0C-5A1E-430C-B40A-0C90FF1804A8})
version: 16777216
version (major): 1
estimated size: 124
install date: 20070416
install source: E:\setup\QFolder\
publisher: Hewlett-Packard

AiOSoftwareNPI 70.0.149.000 ({68763C27-235D-4165-A961-FDEA228CE504})
version: 1174405269
version (major): 70
estimated size: 3392
install date: 20070416
install source: E:\setup\AiOSoftwarenpi\
publisher: Hewlett-Packard

Toolbox 70.0.170.000 ({6909F917-5499-482e-9AA1-FAD06A99F231})
version: 1174405290
version (major): 70
estimated size: 5717
install date: 20070416
install source: E:\setup\Toolbox\
publisher: Hewlett-Packard

HP Photosmart Essential 1.9.1.3 ({6994491D-D491-48F1-AE1F-E179C1FFFC2F})
version: 17367041
version (major): 1
version (minor): 9
estimated size: 8265
install date: 20070416
install location: C:\Program Files\HP\Photosmart Essential\
install source: E:\setup\ImageZoneExpress\
uninstall cmd: MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
publisher: HP

Readme 70.0.149.000 ({736C803C-DD3B-4015-BC51-AFB9E67B9076})
version: 1174405269
version (major): 70
estimated size: 48
install date: 20070416
install source: E:\setup\readme\
publisher: Hewlett-Packard

OpenOffice.org 2.0 2.0.9044 ({752783F5-0CFC-44C3-9E1F-CAF17C4508E7})
version: 33563476
version (major): 2
estimated size: 233943
install date: 20070415
install source: C:\Program Files\Open Office\
uninstall cmd: MsiExec.exe /I{752783F5-0CFC-44C3-9E1F-CAF17C4508E7}
publisher: OpenOffice.org
comments: OpenOffice.org 2.0 (fr) (OOC680m7(Build:9044))
contact: Support technique
help link: http://fr.openoffice.org
help telephone: x-xxx-xxx-xxx

PSTAPlugin 8.01.0000 ({755EC5E3-FD51-46bd-A57F-7A2D56FBF061})
version: 134283264
version (major): 8
version (minor): 1
estimated size: 1293
install date: 20050101
install source: c:\hp\tmp\src\setup\PSTAPlugin\
publisher: Hewlett-Packard

Ulead Photo Express 6
({760B29F2-8663-419B-A025-5A55066E130B})

CP_Package_Basic1 60.0.155.000 ({766633B3-1AFA-44B6-A3FC-1DE991CD9C52})
version: 1006633115
version (major): 60
estimated size: 2245
install date: 20050101
install source: c:\hp\tmp\src\setup\CP_Package_Basic1\
publisher: Hewlett-Packard

PSPrinters08 8.01.0000 ({769A295C-DCF4-41d6-AFBA-7D9394B23AFE})
version: 134283264
version (major): 8
version (minor): 1
estimated size: 21421
install date: 20050101
install source: c:\hp\tmp\src\setup\PSPrinters08\
publisher: Nom de votre société
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

AiOSoftware 50.0.206.000 ({7850A6D2-CBEA-4728-9877-F1BEDEA9F619})
version: 838861006
version (major): 50
estimated size: 2918
install date: 20050101
install source: c:\hp\tmp\src\CDB\setup\AiOSoftware\
publisher: Hewlett-Packard

Sonic_PrimoSDK 60.0.155.000 ({79F8E1D4-36C1-439C-95FA-F695050B5B07})
version: 1006633115
version (major): 60
estimated size: 1803
install date: 20050101
install source: c:\hp\tmp\src\setup\Sonic_PrimoSDK\
publisher: Hewlett-Packard

DocumentViewerQFolder 1.00.0000 ({7C03270C-4FAB-4F5C-B10D-52FEDA190790})
version: 16777216
version (major): 1
install date: 20050101
install source: c:\hp\tmp\src\CDA\setup\QFolder\
publisher: Hewlett-Packard

ProductContextNPI 70.0.149.000 ({7E7B7865-6C80-4373-8BC1-C2EB9431F9DE})
version: 1174405269
version (major): 70
estimated size: 2149
install date: 20070416
install source: C:\Program Files\HP\Digital Imaging\{A9F5421F-DA70-4C77-BB97-8D77EC33ED5E}\
publisher: Hewlett-Packard

cp_UpdateProjectsConfig 60.0.155.000 ({80AE27BA-B0ED-4288-A8B9-D8194BCF4115})
version: 1006633115
version (major): 60
install date: 20050101
install source: c:\hp\tmp\src\setup\cp_UpdateProjectsConfig\
publisher: Hewlett-Packard

Status 70.0.170.000 ({8331C3EA-0C91-43AA-A4D4-27221C631139})
version: 1174405290
version (major): 70
estimated size: 3292
install date: 20070416
install source: E:\setup\Status\
publisher: Hewlett-Packard

PhotoGallery 60.0.155.000 ({869C3062-4745-4949-B6C9-98AF24D89030})
version: 1006633115
version (major): 60
estimated size: 52757
install date: 20050101
install source: c:\hp\tmp\src\setup\PhotoGallery\
publisher: Hewlett-Packard

DocProcQFolder 1.00.0000 ({87E2B986-07E8-477a-93DC-AF0B6758B192})
version: 16777216
version (major): 1
estimated size: 120
install date: 20070416
install source: E:\setup\QFolder\
publisher: Hewlett-Packard

DocProc 7.0.0.0 ({8A4CE7FD-9657-4B06-9943-E1819F3D5D67})
version: 117440512
version (major): 7
estimated size: 77615
install date: 20070416
install source: E:\setup\DocProc\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

Unload 7.0.0 ({8CE4E6E9-9D55-43FB-9DDB-688C976BFC05})
version: 117440512
version (major): 7
estimated size: 8389
install date: 20070416
install source: E:\setup\UnloadIntent\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0

Microsoft Software Update for Web Folders (French) 12 12.0.4518.1014 ({90120000-0010-040C-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 2247
install date: 20070415
install source: C:\MSOCache\All Users\{90120000-0010-040C-0000-0000000FF1CE}-C\
publisher: Microsoft Corporation

Microsoft Office Professional Plus 2007 12.0.4518.1014 ({90120000-0011-0000-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 346621
install date: 20070419
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0011-0000-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
publisher: Microsoft Corporation

Update for Outlook 2007 Junk Email Filter (KB932338) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E90DA454-DE6C-45FA-A702-47B614A0159F})
uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E90DA454-DE6C-45FA-A702-47B614A0159F}

Update for Office 2007 (KB932080) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{EDC9CA29-6BC1-471C-828C-7A36109005D7})
uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}

Microsoft Office Access MUI (French) 2007 12.0.4518.1014 ({90120000-0015-040C-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 1634
install date: 20070415
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0015-040C-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Excel MUI (French) 2007 12.0.4518.1014 ({90120000-0016-040C-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 17791
install date: 20070415
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0016-040C-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office PowerPoint MUI (French) 2007 12.0.4518.1014 ({90120000-0018-040C-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 16969
install date: 20070415
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0018-040C-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Publisher MUI (French) 2007 12.0.4518.1014 ({90120000-0019-040C-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 1638
install date: 20070415
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0019-040C-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0019-040C
1
Réponse 18 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Et voici enfin le rapport de Bitdefender en ligne...

BitDefender Online Scanner - Real Time Virus Report







Generated at: Thu, Apr 26, 2007 - 14:26:19









Scan Info







Scanned Files


49191

Infected Files


0















Virus Detected







No virus found.

























This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
1
Réponse 19 / 21
honiahaka Messages postés 25 Date d'inscription   Statut Membre Dernière intervention   16
 
Merci pour tout blodin777.
Je ne sais pas si les résultats sont bons pour toi, mais le problème a l'air d'être résolu.
Encore merci pour ta générosité et ton aide.
1
Réponse 20 / 21
blondin777 Messages postés 6155 Date d'inscription   Statut Contributeur Dernière intervention   945
 
Content pour toi.

Pour finir,

Tu peux supprimer les fichiers de navilog1 qui ont été utilisés pour désinfecter ton ordinateur:

* blbetac.exe
* blbeta.exe
* navilog1.bat
* Process,exe
* regnavi.reg
* traiteregfsbl.bat
* traitementfsbl.bat
* le dossier backupnavi

Ensuite tu fais:

*Démarrer/Panneau de Configuration/Options Internet.
*Choisis l'onglet Contenu puis onglet Certificats.
*Si tu trouves les programmes suivant (en particulier dans Editeurs approuvés), supprime-les :
electronic-group
egroup
Montorgueil
VIP
"Sunny Day Design Ltd"

A+
1