Sujet Précédent Sujet Suivant

Fenètre CID

TITAI77 -  
 TITAI77 -
Bonjour,
je voudrais savoir s'il vous plait comment se débarrasser de ces maudite fenêtre CID qui s'ouvrent en permanence sur mon pc portable mais toujours avec IE 7 voici mon hijackLogfile of HijackThis v1.99.1
Scan saved at 11:27:43, on 23/11/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\P4P\P4P.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpressServer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\mehdi\AppData\Local\Temp\Rar$EX00.956\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Amen idol] "C:\ProgramData\Gplwayway.k5nzl3y"
O4 - HKCU\..\Run: [style cool 2 city] "C:\ProgramData\Curb sect aim.6u753v"
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
A voir également:

26 réponses

  • 1
  • 2
Réponse 1 / 26
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
reposte un rapport, ta version hijackthis n'est pas à jour.
0
Utilisateur anonyme
 
Bonjour,
Quelle utilité?
On voit clairement l'infection dans le rapport.

Autant proposer un outil directement ( en l'occurrence LOP S&D ) , tu lui demanderas de mettre HJT plus tard, dans la foulée, quand la suppression de LOP S&D sera effectuée.

++
0
Réponse 2 / 26
neor Messages postés 1119 Statut Membre 30
 
ajout sup de programme

desisntall Crawler toolbar
0
Réponse 3 / 26
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Bonjour

Ta version d'Hijackthis est obsolète, avec Vista il te faut la version 2.0.2
En plus, il est installé dans un répertoire temporaire ce qui risquerait de rendre impossible un retour en arrière.

Désinstalle-le en allant dans panneau de configuration, programmes et fonctionnalités et refais un nouvel Hijackthis en le téléchargeant sur ce lien :

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

0
Réponse 4 / 26
TITAI77
 
QUE DOIS JE FAIRE DONC S4IL VOUS PLAIT ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 26
neor Messages postés 1119 Statut Membre 30
 
--> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
0
Réponse 6 / 26
TITAI77
 
VOICI LE NOUVO Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:09, on 23/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\P4P\P4P.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpressServer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Users\mehdi\AppData\Local\Temp\CUninst.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Amen idol] "C:\ProgramData\Gplwayway.k5nzl3y"
O4 - HKCU\..\Run: [style cool 2 city] "C:\ProgramData\Curb sect aim.6u753v"
O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\Users\mehdi\AppData\Local\Temp\CUninst.exe" "/remove"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
0
Réponse 7 / 26
neor Messages postés 1119 Statut Membre 30
 
faut le rapport généré par lop (C:\lopR.txt)
0
Réponse 8 / 26
TITAI77
 
l'analyse est en train de s'effectuer je le poste dès qu'il arrive
0
Réponse 9 / 26
TITAI77
 
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz )
BIOS : BIOS Date: 09/04/08 Ver: 210.000
USER : mehdi ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - NTFS - Total:116 Go (Free:76 Go)
D:\ (Local Disk) - NTFS - Total:106 Go (Free:106 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 23/11/2008|11:46 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[20/10/2008|17:13] C:\Users\mehdi\AppData\Local\Adobe
[19/10/2008|20:20] C:\Users\mehdi\AppData\Local\Apple
[19/10/2008|20:24] C:\Users\mehdi\AppData\Local\Apple Computer
[04/10/2008|11:20] C:\Users\mehdi\AppData\Local\Application Data
[04/10/2008|12:39] C:\Users\mehdi\AppData\Local\ASUS
[04/10/2008|11:27] C:\Users\mehdi\AppData\Local\ATI
[04/10/2008|11:20] C:\Users\mehdi\AppData\Local\GDIPFONTCACHEV1.DAT
[04/10/2008|11:20] C:\Users\mehdi\AppData\Local\Historique
[23/11/2008|02:57] C:\Users\mehdi\AppData\Local\IconCache.db
[16/11/2008|17:49] C:\Users\mehdi\AppData\Local\Microsoft
[04/10/2008|12:55] C:\Users\mehdi\AppData\Local\MigWiz
[04/10/2008|12:10] C:\Users\mehdi\AppData\Local\Mozilla
[04/10/2008|11:27] C:\Users\mehdi\AppData\Local\Power2Go
[23/11/2008|11:46] C:\Users\mehdi\AppData\Local\Temp
[04/10/2008|11:20] C:\Users\mehdi\AppData\Local\Temporary Internet Files
[04/10/2008|11:59] C:\Users\mehdi\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[17/11/2008 20:54][--a------] C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - mehdi.job
[23/11/2008 11:17][--ah-----] C:\Windows\tasks\SA.DAT
[23/11/2008 02:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[20/09/2008|23:38] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[04/10/2008|11:24] C:\ProgramData\Adobe
[19/10/2008|20:19] C:\ProgramData\Apple
[23/11/2008|02:41] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[04/10/2008|12:39] C:\ProgramData\ASUS
[04/10/2008|11:27] C:\ProgramData\ATI
[04/10/2008|11:59] C:\ProgramData\byte loud style cool
[04/10/2008|11:59] C:\ProgramData\Curb sect aim.6u753v
[04/10/2008|12:37] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[02/11/2006|14:02] C:\ProgramData\Favorites
[04/10/2008|11:59] C:\ProgramData\Gplwayway.6y5x5
[10/10/2008|16:42] C:\ProgramData\Gplwayway.k5nzl3y
[04/10/2008|11:59] C:\ProgramData\Gplwayway.n9v6w
[25/10/2008|11:51] C:\ProgramData\LightScribe
[04/10/2008|12:48] C:\ProgramData\Messenger Plus!
[16/11/2008|17:49] C:\ProgramData\Microsoft
[12/11/2008|21:01] C:\ProgramData\Microsoft Help
[21/09/2008|00:50] C:\ProgramData\P4G
[23/11/2008|02:47] C:\ProgramData\Spyware Terminator
[02/11/2006|14:02] C:\ProgramData\Start Menu
[10/10/2008|16:42] C:\ProgramData\stopidle
[11/10/2008|10:25] C:\ProgramData\Symantec
[20/09/2008|23:44] C:\ProgramData\Temp
[02/11/2006|14:02] C:\ProgramData\Templates
[04/10/2008|11:39] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[20/09/2008|23:38] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[20/10/2008|17:16] C:\Program Files\Adobe
[19/10/2008|20:20] C:\Program Files\Apple Software Update
[21/09/2008|00:52] C:\Program Files\ASUS
[21/09/2008|00:33] C:\Program Files\ATI
[21/09/2008|00:35] C:\Program Files\ATI Technologies
[21/09/2008|00:21] C:\Program Files\ATK Hotkey
[21/09/2008|00:46] C:\Program Files\ATKGFNEX
[21/09/2008|00:21] C:\Program Files\ATKOSD2
[10/11/2008|20:07] C:\Program Files\Circle Developement
[19/10/2008|20:19] C:\Program Files\Common Files
[23/11/2008|11:37] C:\Program Files\Crawler
[20/09/2008|23:45] C:\Program Files\CyberLink
[21/09/2008|00:51] C:\Program Files\InstallShield Installation Information
[21/09/2008|00:18] C:\Program Files\Intel
[19/10/2008|20:22] C:\Program Files\Internet Explorer
[15/11/2008|14:50] C:\Program Files\Java
[04/10/2008|11:59] C:\Program Files\Messenger Plus! Live
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[16/11/2008|17:49] C:\Program Files\Microsoft Office
[20/09/2008|23:35] C:\Program Files\Microsoft Visual Studio
[20/09/2008|23:36] C:\Program Files\Microsoft Works
[20/09/2008|23:35] C:\Program Files\Microsoft.NET
[21/09/2008|00:39] C:\Program Files\Motorola
[16/04/2008|12:26] C:\Program Files\Movie Maker
[15/11/2008|11:27] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[20/09/2008|23:49] C:\Program Files\Norton Internet Security
[21/11/2008|21:02] C:\Program Files\OrCAD_Demo
[21/09/2008|00:50] C:\Program Files\P4G
[21/09/2008|00:51] C:\Program Files\P4P
[21/09/2008|00:40] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[18/11/2008|17:35] C:\Program Files\Spyware Terminator
[04/10/2008|11:40] C:\Program Files\Symantec
[21/09/2008|00:41] C:\Program Files\Synaptics
[23/11/2008|11:41] C:\Program Files\Trend Micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[04/10/2008|12:12] C:\Program Files\VideoLAN
[16/04/2008|12:26] C:\Program Files\Windows Calendar
[16/04/2008|12:26] C:\Program Files\Windows Collaboration
[16/04/2008|12:26] C:\Program Files\Windows Defender
[16/04/2008|12:26] C:\Program Files\Windows Journal
[04/10/2008|11:56] C:\Program Files\Windows Live
[17/10/2008|13:38] C:\Program Files\Windows Mail
[16/04/2008|12:26] C:\Program Files\Windows Media Player
[02/11/2006|13:37] C:\Program Files\Windows NT
[16/04/2008|12:26] C:\Program Files\Windows Photo Gallery
[16/04/2008|12:26] C:\Program Files\Windows Sidebar
[04/10/2008|12:14] C:\Program Files\WinRAR
[21/09/2008|00:45] C:\Program Files\Wireless Console 2

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[21/09/2008|00:52] C:\Program Files\Common Files\Adobe
[21/11/2008|20:57] C:\Program Files\Common Files\Apple
[20/09/2008|23:35] C:\Program Files\Common Files\DESIGNER
[21/09/2008|00:37] C:\Program Files\Common Files\InstallShield
[20/09/2008|23:44] C:\Program Files\Common Files\LightScribe
[16/11/2008|17:51] C:\Program Files\Common Files\microsoft shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[04/11/2008|19:25] C:\Program Files\Common Files\Symantec Shared
[20/09/2008|23:31] C:\Program Files\Common Files\System
[04/10/2008|11:53] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 83 Processes )

iexplore.exe ~ [PID:3184]
iexplore.exe ~ [PID:5700]
IEXPLORE.EXE ~ [PID:5464]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\Gplwayway.6y5x5
C:\ProgramData\Gplwayway.n9v6w
C:\ProgramData\Curb sect aim.6u753v
C:\ProgramData\Gplwayway.k5nzl3y

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\byte loud style cool
C:\ProgramData\byte loud style cool\Data Bib.exe
C:\Program Files\Circle Developement

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amen idol"="\"C:\\ProgramData\\Gplwayway.k5nzl3y\""
"style cool 2 city"="\"C:\\ProgramData\\Curb sect aim.6u753v\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-23 11:49:56
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 77

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:550][D:18]-> C:\Users\mehdi\AppData\Local\Temp
[F:62][D:1]-> C:\Users\mehdi\AppData\Roaming\MICROS~1\Windows\Cookies
[F:37][D:4]-> C:\Users\mehdi\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 23/11/2008|11:55 - Option : [1]

--------------------\\ Fin du rapport a 11:55:17
[ UAC => 1 ]
0
Réponse 10 / 26
neor Messages postés 1119 Statut Membre 30
 
va dans ajout sup de programme
recherche msnplus
et desinstall les sponsors
0
TITAI77
 
je viens de désinstaller les sponsor je vais attendre pour voir si les fenêtre continue de s'ouvrir en tout cas merci infiniment pour votre aide qui m'a été précieuse!!
0
TITAI77 > TITAI77
 
une autre fenêtre CID vient encore de s'ouvrir
0
TITAI77 > TITAI77
 
j'ai cru a une erreur mais oui les fenêtres CID sont encore bien présentent et continue a s'afficher
0
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232 > TITAI77
 
C'est un peu logique !
Tu n'as pas fait l'option 2 de Lop...

Relance Lop S&D


* Choisis cette fois ci l'Option 2 (Suppression)

* Ne ferme pas la fenêtre lors de la suppression !

* Poste le rapport généré (C:\lopR.txt)
0
Réponse 11 / 26
Utilisateur anonyme
 
Re,

Je me permet d'intervenir. 

une autre fenêtre CID vient encore de s'ouvrir

Faut pas crier victoire trop vite ..

1/ Désactive l'UAC : https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

2/ Relance Lop S&D,

* Choisis cette fois ci l'Option 2 ( Suppression )

* Ne ferme pas la fenêtre lors de la suppression !

* Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

3/ Re-Désactive l'UAC : https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

4/ Pour " C:\Program Files\Crawler " ,

Télécharge ToolBar-S&D ( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

Lances l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar-S&D.
Sélectionnes la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Postes le rapport généré. (C:\TB.txt)

++
0
Réponse 12 / 26
TITAI77
 
voici le rapport de recherche de toolbar -----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz )
BIOS : BIOS Date: 09/04/08 Ver: 210.000
USER : mehdi ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - NTFS - Total:116 Go (Free:76 Go)
D:\ (Local Disk) - NTFS - Total:106 Go (Free:106 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 23/11/2008|12:26 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Default_Page_URL"="https://www.asus.com/fr/"
"Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.asus.com/fr/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 23/11/2008|12:31 - Option : [1]

-----------\\ Fin du rapport a 12:31:43,67
0
Réponse 13 / 26
TITAI77
 
et voici le rapport de lop R --------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz )
BIOS : BIOS Date: 09/04/08 Ver: 210.000
USER : mehdi ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - NTFS - Total:116 Go (Free:76 Go)
D:\ (Local Disk) - NTFS - Total:106 Go (Free:106 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 23/11/2008|12:22 )

[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\byte loud style cool\Data Bib.exe
Supprime! - C:\ProgramData\Gplwayway.6y5x5
Supprime! - C:\ProgramData\Gplwayway.n9v6w
Supprime! - C:\ProgramData\Curb sect aim.6u753v
Supprime! - C:\ProgramData\Gplwayway.k5nzl3y
Supprime! - C:\ProgramData\byte loud style cool
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[20/10/2008|17:13] C:\Users\mehdi\AppData\Local\Adobe
[19/10/2008|20:20] C:\Users\mehdi\AppData\Local\Apple
[19/10/2008|20:24] C:\Users\mehdi\AppData\Local\Apple Computer
[04/10/2008|11:20] C:\Users\mehdi\AppData\Local\Application Data
[04/10/2008|12:39] C:\Users\mehdi\AppData\Local\ASUS
[04/10/2008|11:27] C:\Users\mehdi\AppData\Local\ATI
[04/10/2008|11:20] C:\Users\mehdi\AppData\Local\GDIPFONTCACHEV1.DAT
[04/10/2008|11:20] C:\Users\mehdi\AppData\Local\Historique
[23/11/2008|12:17] C:\Users\mehdi\AppData\Local\IconCache.db
[16/11/2008|17:49] C:\Users\mehdi\AppData\Local\Microsoft
[04/10/2008|12:55] C:\Users\mehdi\AppData\Local\MigWiz
[04/10/2008|12:10] C:\Users\mehdi\AppData\Local\Mozilla
[04/10/2008|11:27] C:\Users\mehdi\AppData\Local\Power2Go
[23/11/2008|12:23] C:\Users\mehdi\AppData\Local\Temp
[04/10/2008|11:20] C:\Users\mehdi\AppData\Local\Temporary Internet Files
[04/10/2008|11:59] C:\Users\mehdi\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[17/11/2008 20:54][--a------] C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - mehdi.job
[23/11/2008 12:18][--ah-----] C:\Windows\tasks\SA.DAT
[23/11/2008 12:17][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[20/09/2008|23:38] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[04/10/2008|11:24] C:\ProgramData\Adobe
[19/10/2008|20:19] C:\ProgramData\Apple
[23/11/2008|02:41] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[04/10/2008|12:39] C:\ProgramData\ASUS
[04/10/2008|11:27] C:\ProgramData\ATI
[04/10/2008|12:37] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[02/11/2006|14:02] C:\ProgramData\Favorites
[25/10/2008|11:51] C:\ProgramData\LightScribe
[16/11/2008|17:49] C:\ProgramData\Microsoft
[12/11/2008|21:01] C:\ProgramData\Microsoft Help
[21/09/2008|00:50] C:\ProgramData\P4G
[23/11/2008|02:47] C:\ProgramData\Spyware Terminator
[02/11/2006|14:02] C:\ProgramData\Start Menu
[10/10/2008|16:42] C:\ProgramData\stopidle
[11/10/2008|10:25] C:\ProgramData\Symantec
[20/09/2008|23:44] C:\ProgramData\Temp
[02/11/2006|14:02] C:\ProgramData\Templates
[04/10/2008|11:39] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[20/09/2008|23:38] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[20/10/2008|17:16] C:\Program Files\Adobe
[19/10/2008|20:20] C:\Program Files\Apple Software Update
[21/09/2008|00:52] C:\Program Files\ASUS
[21/09/2008|00:33] C:\Program Files\ATI
[21/09/2008|00:35] C:\Program Files\ATI Technologies
[21/09/2008|00:21] C:\Program Files\ATK Hotkey
[21/09/2008|00:46] C:\Program Files\ATKGFNEX
[21/09/2008|00:21] C:\Program Files\ATKOSD2
[19/10/2008|20:19] C:\Program Files\Common Files
[20/09/2008|23:45] C:\Program Files\CyberLink
[21/09/2008|00:51] C:\Program Files\InstallShield Installation Information
[21/09/2008|00:18] C:\Program Files\Intel
[19/10/2008|20:22] C:\Program Files\Internet Explorer
[15/11/2008|14:50] C:\Program Files\Java
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[16/11/2008|17:49] C:\Program Files\Microsoft Office
[20/09/2008|23:35] C:\Program Files\Microsoft Visual Studio
[20/09/2008|23:36] C:\Program Files\Microsoft Works
[20/09/2008|23:35] C:\Program Files\Microsoft.NET
[21/09/2008|00:39] C:\Program Files\Motorola
[16/04/2008|12:26] C:\Program Files\Movie Maker
[23/11/2008|12:20] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[20/09/2008|23:49] C:\Program Files\Norton Internet Security
[21/11/2008|21:02] C:\Program Files\OrCAD_Demo
[21/09/2008|00:50] C:\Program Files\P4G
[21/09/2008|00:51] C:\Program Files\P4P
[21/09/2008|00:40] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[18/11/2008|17:35] C:\Program Files\Spyware Terminator
[04/10/2008|11:40] C:\Program Files\Symantec
[21/09/2008|00:41] C:\Program Files\Synaptics
[23/11/2008|11:41] C:\Program Files\Trend Micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[04/10/2008|12:12] C:\Program Files\VideoLAN
[16/04/2008|12:26] C:\Program Files\Windows Calendar
[16/04/2008|12:26] C:\Program Files\Windows Collaboration
[16/04/2008|12:26] C:\Program Files\Windows Defender
[16/04/2008|12:26] C:\Program Files\Windows Journal
[04/10/2008|11:56] C:\Program Files\Windows Live
[17/10/2008|13:38] C:\Program Files\Windows Mail
[16/04/2008|12:26] C:\Program Files\Windows Media Player
[02/11/2006|13:37] C:\Program Files\Windows NT
[16/04/2008|12:26] C:\Program Files\Windows Photo Gallery
[16/04/2008|12:26] C:\Program Files\Windows Sidebar
[04/10/2008|12:14] C:\Program Files\WinRAR
[21/09/2008|00:45] C:\Program Files\Wireless Console 2

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[21/09/2008|00:52] C:\Program Files\Common Files\Adobe
[21/11/2008|20:57] C:\Program Files\Common Files\Apple
[20/09/2008|23:35] C:\Program Files\Common Files\DESIGNER
[21/09/2008|00:37] C:\Program Files\Common Files\InstallShield
[20/09/2008|23:44] C:\Program Files\Common Files\LightScribe
[16/11/2008|17:51] C:\Program Files\Common Files\microsoft shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[04/11/2008|19:25] C:\Program Files\Common Files\Symantec Shared
[20/09/2008|23:31] C:\Program Files\Common Files\System
[04/10/2008|11:53] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 79 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-23 12:26:10
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 77

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:551][D:18]-> C:\Users\mehdi\AppData\Local\Temp
[F:74][D:1]-> C:\Users\mehdi\AppData\Roaming\MICROS~1\Windows\Cookies
[F:47][D:4]-> C:\Users\mehdi\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 23/11/2008|11:55 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 23/11/2008|12:32 - Option : [2]

--------------------\\ Fin du rapport a 12:32:15
[ UAC => 1 ]
0
Réponse 14 / 26
Utilisateur anonyme
 
Re,

Re-re-désactive L'uac ;)

Puis,

● Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
● Double clique sur RSIT.exe pour lancer l'outil.
● Clique sur ' continue ' à l'écran Disclaimer.
● Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
● Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

++
0
Réponse 15 / 26
TITAI77
 
Logfile of random's system information tool 1.04 (written by random/random)
Run by mehdi at 2008-11-23 12:49:35
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 78 GB (65%) free of 119 GB
Total RAM: 3070 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:54, on 23/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\P4P\P4P.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpressServer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\mehdi\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\mehdi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
0
Réponse 16 / 26
TITAI77
 
info.txt logfile of random's system information tool 1.04 2008-11-23 12:50:03

======Uninstall list======

-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {B9896689-DF51-4A16-AAD5-002622D86C72}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ASUS Data Security Manager-->C:\Program Files\InstallShield Installation Information\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}\setup.exe -runfromtemp -l0x0009 -removeonly
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.EXE" -l0x9
ASUS Power4Gear eXtreme-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\setup.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\setup.exe -runfromtemp -l0x0009 -removeonly
ccc-Branding-->MsiExec.exe /I{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}
ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Express Gate-->MsiExec.exe /I{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\ProgramData\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co81.dll,SM56UnInstaller
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.EXE" -l0x9
Norton AntiVirus Help-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
Norton Confidential Core-->MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\SETUP.EXE" /X
Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}
Norton Internet Security-->MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D}
Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
P4P-->C:\Program Files\InstallShield Installation Information\{FC3D290D-79BE-44B7-ABF9-FDD110925930}\setup.exe -runfromtemp -l0x0009 -removeonly
PSpice Student 9.1-->C:\Windows\IsUninst.exe -f"C:\Program Files\OrCAD_Demo\DeIsL1.isu"
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
Symantec Real Time Storage Protection Component-->MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Publisher 2007 Help (KB957249)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4E140A5A-4A90-404A-B955-10C2D98CD3EE}
Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb957829)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}
USB 2.0 1.3M UVC WebCam-->C:\Windows\snuninst.exe /name='USB 2.0 1.3M UVC WebCam'
VLC media player 0.9.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.EXE" -l0x9
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe -runfromtemp -l0x0009 -removeonly

======Security center information======

AV: Norton Internet Security
FW: Norton Internet Security
AS: Windows Defender
AS: Norton Internet Security

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------
0
Réponse 17 / 26
Utilisateur anonyme
 
Re,

Va sur ce lien : https://www.virustotal.com/gui/

Copie/colle ceci : C:\Program Files\P4P\P4P.exe à gauche de ' parcourir ' , puis clique sur ' envoyer le fichier ' > poste le rapport.

++
0
TITAI77
 
voila ^^
Information additionnelle
File size: 778240 bytes
MD5...: d85098bfadbac38bd2b3cbdd08285fdf
SHA1..: 4a0603b0cc7e0779abf6fb53159d6703ee64b945
SHA256: 5f82cad29b8b7bc7a3049d7f9dce0cb830236dd0adca564ed378382423c69950
SHA512: 4131cffc74aab16dbe0253575e864390c03848d42c988c143bb85f69bf9adc9f
b55cb0c1e676d593da4676dd14d25d2e9b114a58d9bb71c61bb2fe19b082ec74
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x421a3b
timedatestamp.....: 0x46b1d397 (Thu Aug 02 12:52:39 2007)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3b59e 0x3c000 6.53 96de366d007802401f2e6b39d36f4d2e
.rdata 0x3d000 0xeac0 0xf000 5.08 82ff2368841d4bb64755321ad6360e41
.data 0x4c000 0x63d4 0x3000 3.46 acf46131e1807cd435b37d7d5082fa5d
.rsrc 0x53000 0x6ea50 0x6f000 5.84 852d6bb93b1cf66796bb926479c2851d

( 16 imports )
> TAPI32.dll: lineInitializeExA, lineNegotiateAPIVersion, lineGetDevCapsA, lineOpenA, lineSetStatusMessages, lineGetMessage, lineGetCallInfoA, lineDrop, lineClose, lineShutdown, lineAnswer, lineMakeCallA, phoneClose, phoneInitializeExA, phoneNegotiateAPIVersion, phoneGetDevCapsA, phoneOpen, phoneShutdown, phoneSetStatusMessages, phoneSetHookSwitch
> WINMM.dll: mciSendCommandA
> gdiplus.dll: GdipDeleteGraphics, GdipGetImageHeight, GdipCreateFromHDC, GdipDrawImageI, GdipFree, GdipAlloc, GdipDeleteBrush, GdipCreateFontFamilyFromName, GdipGetGenericFontFamilySansSerif, GdipDeleteFontFamily, GdipCreateFont, GdipDeleteFont, GdipDisposeImage, GdipCreateBitmapFromStream, GdipCreateBitmapFromStreamICM, GdipCreateSolidFill, GdipDrawString, GdipCloneBrush, GdipCloneImage, GdiplusStartup, GdiplusShutdown, GdipSetSolidFillColor, GdipMeasureString, GdipGetImageWidth
> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA
> KERNEL32.dll: LocalAlloc, LeaveCriticalSection, GlobalReAlloc, GlobalHandle, EnterCriticalSection, TlsGetValue, InitializeCriticalSection, TlsAlloc, TlsSetValue, LocalReAlloc, DeleteCriticalSection, TlsFree, GlobalFlags, InterlockedIncrement, GetCPInfo, GetOEMCP, RaiseException, FileTimeToSystemTime, WriteFile, FlushFileBuffers, LockFile, UnlockFile, SetEndOfFile, GetFileSize, DuplicateHandle, FindClose, FindFirstFileA, GetVolumeInformationA, GetFullPathNameA, SetErrorMode, FileTimeToLocalFileTime, GetFileAttributesA, GetFileTime, GetTickCount, RtlUnwind, ExitProcess, TerminateProcess, HeapAlloc, HeapFree, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, HeapReAlloc, GetStartupInfoA, GetCommandLineA, HeapSize, LCMapStringA, LCMapStringW, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, GetStringTypeA, GetStringTypeW, SetUnhandledExceptionFilter, HeapDestroy, HeapCreate, VirtualFree, IsBadWritePtr, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, GetTimeZoneInformation, IsBadReadPtr, IsBadCodePtr, SetStdHandle, SetEnvironmentVariableA, GetCurrentThread, lstrcmpA, ConvertDefaultLocale, EnumResourceLanguagesA, lstrcpyA, InterlockedDecrement, LocalFree, MulDiv, SetLastError, GetCurrentThreadId, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GlobalDeleteAtom, LoadLibraryA, FreeLibrary, lstrcatA, lstrcmpW, lstrcpynA, FormatMessageA, CompareStringW, CompareStringA, lstrlenA, lstrcmpiA, GetVersion, CreateThread, TerminateThread, GetModuleHandleA, GetProcAddress, GetModuleFileNameA, Sleep, DeviceIoControl, GetCurrentProcess, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, OpenMutexA, CreateMutexA, GetLastError, ExpandEnvironmentStringsA, CreateDirectoryA, MultiByteToWideChar, WritePrivateProfileSectionA, GetPrivateProfileSectionNamesA, WideCharToMultiByte, SizeofResource, GetPrivateProfileStringA, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, WritePrivateProfileStringA, FindResourceA, LoadResource, LockResource, FreeResource, CreateFileA, ReadFile, SetFilePointer, CloseHandle
> USER32.dll: DestroyMenu, SetCapture, ReleaseCapture, CharNextA, IsRectEmpty, CopyAcceleratorTableA, InvalidateRgn, GetNextDlgGroupItem, MessageBeep, RegisterClipboardFormatA, PostThreadMessageA, SetWindowContextHelpId, MapDialogRect, GetMessageA, TranslateMessage, GetCursorPos, ValidateRect, GetDesktopWindow, GetActiveWindow, CreateDialogIndirectParamA, GetNextDlgTabItem, EndDialog, SetMenuItemBitmaps, ModifyMenuA, GetMenuState, EnableMenuItem, CheckMenuItem, GetMenuCheckMarkDimensions, IsWindowEnabled, ShowWindow, MoveWindow, IsDialogMessageA, EndPaint, BeginPaint, ClientToScreen, GrayStringA, DrawTextExA, TabbedTextOutA, WinHelpA, GetCapture, CreateWindowExA, SetWindowsHookExA, CallNextHookEx, GetClassLongA, GetClassInfoExA, SetPropA, GetPropA, RemovePropA, SendDlgItemMessageA, GetFocus, IsWindow, IsChild, GetWindowTextLengthA, GetWindowTextA, GetForegroundWindow, GetLastActivePopup, SetActiveWindow, DispatchMessageA, GetDlgItem, GetTopWindow, DestroyWindow, UnhookWindowsHookEx, GetMessageTime, GetMessagePos, PeekMessageA, MapWindowPoints, MessageBoxA, GetKeyState, SetForegroundWindow, IsWindowVisible, UpdateWindow, GetMenu, GetSubMenu, GetMenuItemID, GetMenuItemCount, GetSysColor, AdjustWindowRectEx, GetParent, EqualRect, RegisterClassA, UnregisterClassA, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowPos, ReleaseDC, EnableWindow, PostMessageA, LoadBitmapA, DrawIcon, SendMessageA, IsIconic, SetWindowRgn, GetClientRect, FindWindowA, LoadIconA, DrawTextA, GetSystemMetrics, IntersectRect, GetWindowPlacement, GetWindow, GetSysColorBrush, SystemParametersInfoA, SetCursor, LoadCursorA, RedrawWindow, GetWindowDC, CharUpperA, SetRect, CopyRect, OffsetRect, wsprintfA, RegisterWindowMessageA, PtInRect, GetDC, UpdateLayeredWindow, PostQuitMessage, SetWindowTextA, GetWindowLongA, SetWindowLongA, GetClassNameA, RegisterDeviceNotificationA, KillTimer, SetTimer, InvalidateRect, GetWindowRect, GetSystemMenu, AppendMenuA, GetClassInfoA, SetFocus
> GDI32.dll: GetViewportExtEx, GetWindowExtEx, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SetViewportOrgEx, SetMapMode, CreateRectRgnIndirect, GetMapMode, DPtoLP, GetBkColor, GetTextColor, GetRgnBox, GetDeviceCaps, RestoreDC, SaveDC, SetBkColor, GetClipBox, CreateRectRgn, CombineRgn, CreateFontIndirectA, GetTextMetricsA, CreateICA, GetDIBits, ExtCreateRegion, GetObjectA, GetStockObject, CreateBitmap, SetBkMode, SetTextColor, BitBlt, CreateCompatibleDC, SelectObject, DeleteDC, CreateDIBSection, DeleteObject, ExtSelectClipRgn, ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx
> MSIMG32.dll: AlphaBlend
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter
> ADVAPI32.dll: RegSetValueExW, RegOpenKeyExA, RegOpenKeyA, RegQueryValueExA, RegDeleteKeyA, RegEnumKeyA, RegQueryValueA, RegCreateKeyExA, RegSetValueExA, RegCloseKey
> COMCTL32.dll: -, _TrackMouseEvent
> SHLWAPI.dll: PathFindFileNameA, PathStripToRootA, PathIsUNCA, PathFindExtensionA
> oledlg.dll: -
> ole32.dll: CoTaskMemFree, CreateStreamOnHGlobal, CoTaskMemAlloc, CoRegisterMessageFilter, OleFlushClipboard, OleIsCurrentClipboard, CoRevokeClassObject, OleInitialize, CoFreeUnusedLibraries, OleUninitialize, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -

( 0 exports )
0
Réponse 18 / 26
Utilisateur anonyme
 
Re,

Le rapport n'est pas complet.

EDIT : Une fois l'analyse terminée, tu peux me notifier du lien afin que je voie directement.
+
0
Réponse 19 / 26
TITAI77
 
re désolé voilaAntivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.26.0 2008.07.28 -
AntiVir 7.8.1.12 2008.07.28 -
Authentium 5.1.0.4 2008.07.28 -
Avast 4.8.1195.0 2008.07.28 -
AVG 8.0.0.130 2008.07.28 -
BitDefender 7.2 2008.07.28 -
CAT-QuickHeal 9.50 2008.07.28 -
ClamAV 0.93.1 2008.07.28 -
DrWeb 4.44.0.09170 2008.07.28 -
eSafe 7.0.17.0 2008.07.28 -
eTrust-Vet 31.6.5989 2008.07.28 -
Ewido 4.0 2008.07.28 -
F-Prot 4.4.4.56 2008.07.28 -
F-Secure 7.60.13501.0 2008.07.28 -
Fortinet 3.14.0.0 2008.07.28 -
GData 2.0.7306.1023 2008.07.28 -
Ikarus T3.1.1.34.0 2008.07.28 -
Kaspersky 7.0.0.125 2008.07.28 -
McAfee 5348 2008.07.28 -
Microsoft 1.3704 2008.07.28 -
NOD32v2 3304 2008.07.28 -
Norman 5.80.02 2008.07.28 -
Panda 9.0.0.4 2008.07.28 -
PCTools 4.4.2.0 2008.07.28 -
Prevx1 V2 2008.07.28 -
Rising 20.55.02.00 2008.07.28 -
Sophos 4.31.0 2008.07.28 -
Sunbelt 3.1.1536.1 2008.07.28 -
Symantec 10 2008.07.28 -
TheHacker 6.2.96.389 2008.07.25 -
TrendMicro 8.700.0.1004 2008.07.28 -
VBA32 3.12.8.1 2008.07.28 -
ViRobot 2008.7.26.1311 2008.07.28 -
VirusBuster 4.5.11.0 2008.07.28 -
Webwasher-Gateway 6.6.2 2008.07.28 -
Information additionnelle
File size: 778240 bytes
MD5...: d85098bfadbac38bd2b3cbdd08285fdf
SHA1..: 4a0603b0cc7e0779abf6fb53159d6703ee64b945
SHA256: 5f82cad29b8b7bc7a3049d7f9dce0cb830236dd0adca564ed378382423c69950
SHA512: 4131cffc74aab16dbe0253575e864390c03848d42c988c143bb85f69bf9adc9f
b55cb0c1e676d593da4676dd14d25d2e9b114a58d9bb71c61bb2fe19b082ec74
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x421a3b
timedatestamp.....: 0x46b1d397 (Thu Aug 02 12:52:39 2007)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3b59e 0x3c000 6.53 96de366d007802401f2e6b39d36f4d2e
.rdata 0x3d000 0xeac0 0xf000 5.08 82ff2368841d4bb64755321ad6360e41
.data 0x4c000 0x63d4 0x3000 3.46 acf46131e1807cd435b37d7d5082fa5d
.rsrc 0x53000 0x6ea50 0x6f000 5.84 852d6bb93b1cf66796bb926479c2851d

( 16 imports )
> TAPI32.dll: lineInitializeExA, lineNegotiateAPIVersion, lineGetDevCapsA, lineOpenA, lineSetStatusMessages, lineGetMessage, lineGetCallInfoA, lineDrop, lineClose, lineShutdown, lineAnswer, lineMakeCallA, phoneClose, phoneInitializeExA, phoneNegotiateAPIVersion, phoneGetDevCapsA, phoneOpen, phoneShutdown, phoneSetStatusMessages, phoneSetHookSwitch
> WINMM.dll: mciSendCommandA
> gdiplus.dll: GdipDeleteGraphics, GdipGetImageHeight, GdipCreateFromHDC, GdipDrawImageI, GdipFree, GdipAlloc, GdipDeleteBrush, GdipCreateFontFamilyFromName, GdipGetGenericFontFamilySansSerif, GdipDeleteFontFamily, GdipCreateFont, GdipDeleteFont, GdipDisposeImage, GdipCreateBitmapFromStream, GdipCreateBitmapFromStreamICM, GdipCreateSolidFill, GdipDrawString, GdipCloneBrush, GdipCloneImage, GdiplusStartup, GdiplusShutdown, GdipSetSolidFillColor, GdipMeasureString, GdipGetImageWidth
> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA
> KERNEL32.dll: LocalAlloc, LeaveCriticalSection, GlobalReAlloc, GlobalHandle, EnterCriticalSection, TlsGetValue, InitializeCriticalSection, TlsAlloc, TlsSetValue, LocalReAlloc, DeleteCriticalSection, TlsFree, GlobalFlags, InterlockedIncrement, GetCPInfo, GetOEMCP, RaiseException, FileTimeToSystemTime, WriteFile, FlushFileBuffers, LockFile, UnlockFile, SetEndOfFile, GetFileSize, DuplicateHandle, FindClose, FindFirstFileA, GetVolumeInformationA, GetFullPathNameA, SetErrorMode, FileTimeToLocalFileTime, GetFileAttributesA, GetFileTime, GetTickCount, RtlUnwind, ExitProcess, TerminateProcess, HeapAlloc, HeapFree, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, HeapReAlloc, GetStartupInfoA, GetCommandLineA, HeapSize, LCMapStringA, LCMapStringW, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, GetStringTypeA, GetStringTypeW, SetUnhandledExceptionFilter, HeapDestroy, HeapCreate, VirtualFree, IsBadWritePtr, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, GetTimeZoneInformation, IsBadReadPtr, IsBadCodePtr, SetStdHandle, SetEnvironmentVariableA, GetCurrentThread, lstrcmpA, ConvertDefaultLocale, EnumResourceLanguagesA, lstrcpyA, InterlockedDecrement, LocalFree, MulDiv, SetLastError, GetCurrentThreadId, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GlobalDeleteAtom, LoadLibraryA, FreeLibrary, lstrcatA, lstrcmpW, lstrcpynA, FormatMessageA, CompareStringW, CompareStringA, lstrlenA, lstrcmpiA, GetVersion, CreateThread, TerminateThread, GetModuleHandleA, GetProcAddress, GetModuleFileNameA, Sleep, DeviceIoControl, GetCurrentProcess, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, OpenMutexA, CreateMutexA, GetLastError, ExpandEnvironmentStringsA, CreateDirectoryA, MultiByteToWideChar, WritePrivateProfileSectionA, GetPrivateProfileSectionNamesA, WideCharToMultiByte, SizeofResource, GetPrivateProfileStringA, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, WritePrivateProfileStringA, FindResourceA, LoadResource, LockResource, FreeResource, CreateFileA, ReadFile, SetFilePointer, CloseHandle
> USER32.dll: DestroyMenu, SetCapture, ReleaseCapture, CharNextA, IsRectEmpty, CopyAcceleratorTableA, InvalidateRgn, GetNextDlgGroupItem, MessageBeep, RegisterClipboardFormatA, PostThreadMessageA, SetWindowContextHelpId, MapDialogRect, GetMessageA, TranslateMessage, GetCursorPos, ValidateRect, GetDesktopWindow, GetActiveWindow, CreateDialogIndirectParamA, GetNextDlgTabItem, EndDialog, SetMenuItemBitmaps, ModifyMenuA, GetMenuState, EnableMenuItem, CheckMenuItem, GetMenuCheckMarkDimensions, IsWindowEnabled, ShowWindow, MoveWindow, IsDialogMessageA, EndPaint, BeginPaint, ClientToScreen, GrayStringA, DrawTextExA, TabbedTextOutA, WinHelpA, GetCapture, CreateWindowExA, SetWindowsHookExA, CallNextHookEx, GetClassLongA, GetClassInfoExA, SetPropA, GetPropA, RemovePropA, SendDlgItemMessageA, GetFocus, IsWindow, IsChild, GetWindowTextLengthA, GetWindowTextA, GetForegroundWindow, GetLastActivePopup, SetActiveWindow, DispatchMessageA, GetDlgItem, GetTopWindow, DestroyWindow, UnhookWindowsHookEx, GetMessageTime, GetMessagePos, PeekMessageA, MapWindowPoints, MessageBoxA, GetKeyState, SetForegroundWindow, IsWindowVisible, UpdateWindow, GetMenu, GetSubMenu, GetMenuItemID, GetMenuItemCount, GetSysColor, AdjustWindowRectEx, GetParent, EqualRect, RegisterClassA, UnregisterClassA, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowPos, ReleaseDC, EnableWindow, PostMessageA, LoadBitmapA, DrawIcon, SendMessageA, IsIconic, SetWindowRgn, GetClientRect, FindWindowA, LoadIconA, DrawTextA, GetSystemMetrics, IntersectRect, GetWindowPlacement, GetWindow, GetSysColorBrush, SystemParametersInfoA, SetCursor, LoadCursorA, RedrawWindow, GetWindowDC, CharUpperA, SetRect, CopyRect, OffsetRect, wsprintfA, RegisterWindowMessageA, PtInRect, GetDC, UpdateLayeredWindow, PostQuitMessage, SetWindowTextA, GetWindowLongA, SetWindowLongA, GetClassNameA, RegisterDeviceNotificationA, KillTimer, SetTimer, InvalidateRect, GetWindowRect, GetSystemMenu, AppendMenuA, GetClassInfoA, SetFocus
> GDI32.dll: GetViewportExtEx, GetWindowExtEx, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SetViewportOrgEx, SetMapMode, CreateRectRgnIndirect, GetMapMode, DPtoLP, GetBkColor, GetTextColor, GetRgnBox, GetDeviceCaps, RestoreDC, SaveDC, SetBkColor, GetClipBox, CreateRectRgn, CombineRgn, CreateFontIndirectA, GetTextMetricsA, CreateICA, GetDIBits, ExtCreateRegion, GetObjectA, GetStockObject, CreateBitmap, SetBkMode, SetTextColor, BitBlt, CreateCompatibleDC, SelectObject, DeleteDC, CreateDIBSection, DeleteObject, ExtSelectClipRgn, ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx
> MSIMG32.dll: AlphaBlend
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter
> ADVAPI32.dll: RegSetValueExW, RegOpenKeyExA, RegOpenKeyA, RegQueryValueExA, RegDeleteKeyA, RegEnumKeyA, RegQueryValueA, RegCreateKeyExA, RegSetValueExA, RegCloseKey
> COMCTL32.dll: -, _TrackMouseEvent
> SHLWAPI.dll: PathFindFileNameA, PathStripToRootA, PathIsUNCA, PathFindExtensionA
> oledlg.dll: -
> ole32.dll: CoTaskMemFree, CreateStreamOnHGlobal, CoTaskMemAlloc, CoRegisterMessageFilter, OleFlushClipboard, OleIsCurrentClipboard, CoRevokeClassObject, OleInitialize, CoFreeUnusedLibraries, OleUninitialize, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -

( 0 exports )

ATENTION ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PA
0
TITAI77
 
je crois que c'est fini il n'y a plus de fenêtre CID qui s'ouvrent merci beaucoup a tout ceux qui m'ont permi de résoudre ce problème!!
0
Réponse 20 / 26
Utilisateur anonyme
 
Re,

C'est le bon ;)

Et c'est ok pour moi.

On termine.

(!) Ta version d'Adobe Reader n'est pas à jour = Failles de sécurité

● Pour télécharger la dernière version d'Adobe Acrobat Reader , va sur ce site : https://get2.adobe.com/reader/otherversions/
● Clique sur " Télécharger dès maintenant " pour télécharger le fichier AdbeRd90_fr_FR.exe sur ton bureau.
● Ferme tout les programmes qui tournent encore.
● Maintenant , va dans " Ajout et suppression de programmes ou " Programmes et fonctionnalités " ( pour Vista ) et désinstalle les anciennes versions d'Adobe Reader.
● Exemple d'anciennes versions :

_ Adobe Reader 8.1.2
_ Adobe Reader 7.0

● Redémarre ton pc après la/les désinstallation(s)
● Maintenant double clique sur AdbeRd90_fr_FR.exe présent sur ton bureau pour lancer l'installation de la dernière version.

Bulletin de sécurité sur les versions Adobe 7.0.8 et antérieures :

https://www.adobe.com/support/security/bulletins/apsb07-01.html

*********************************************************

_Maintenant , nous allons supprimer les logiciels de désinfection que je t'ai fait téléchargé.
En effet , s'en servir est dangereux pour le pc si l'on ne s'y connais pas.
De plus ils sont mis régulièrement à jours.

→ Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.

→ Double clique sur ToolsCleaner2.exe >
→ Clique sur .Recherche
→ puis sur Suppression quand la liste est trouvée.
→ Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :

CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau

++
0

Discussions similaires

Caler une adresse au niveau de la fenêtre d'une enveloppe
®omain -
kent -

15 réponses
Conhost.exe
ThaBestGamer -
bazfile -

3 réponses
iCloud affichage fenêtres intempestives. Réglages impossible.
jemlabd -
jemlabd -

9 réponses
Problème de zoom sur Google Docs
o_soonia -
Alt -

6 réponses