High-Tech Santé Médecine Droit-Finances

Réalisation

vidéo numérique

Rechercher : dans
Par :

Sos sous Firefox (redirection d'url)

Dernière réponse le 7 jan 2009 à 15:06:34 bg62, le 14 déc 2008 à 22:22:20 
 Signaler ce message aux modérateurs

Bonjour,
sous FF lorsque j'effectue une recherche dans google
- les google preview sont toutes sous la forme d'un rectangle blanc avec un gros rond rouge barré de rouge ...(mais en cliquant dessus l'url est bonne)
- si je clique sur une url de l'un des résultats je suis aussitôt redirigé ....
exemple pour le forum de ccm : http://go.google.com/...

j'ai essayé pas mal de choses mais rien à faire ...
spybot refuse d'ailleurs de s'installer pour faire une recherche ...
c'est la cata !!!
si vous pouvez me dépanner , grand merci !
b g


le 'www' est fait aussi pour communiquer, partager et échanger, non ?

Configuration: Windows XP
Firefox 2.0.0.4

Posez votre question Répondre

1

pimprenelle27, le 14 déc 2008 à 23:07:00

Bonsoir,
Fait un rapport avec hijackthis, fais un double-clic sur HJTInstall.exe afin de lancer l'installation ,clique sur Install ensuite sur I Accept, ensuite Clique sur Do a scan system and save log file.Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu et poste le ici pour que l'on puisse l'analyser,voici le tuto hijackthis, Pensez à mettre vos messages en résolu quand ils le sont. 
Pour ceux qui sont anonyme, pensez à avertir les modos avec ­le triangle jaune que votre sujet est résolu.
Merci

   
Répondre à pimprenelle27

2

Feelgood1, le 14 déc 2008 à 23:14:37

Pardon, mais un gros rond rouge barre de rouge ??? L'ombre du zebre, n'a pas de rayures !

   
Répondre à Feelgood1

3

bg62, le 15 déc 2008 à 19:39:07

BEN ... j'ai quasiment tout essayé .... spybot ou hijack sont refusés à l'installation
bitdefender et avira ne trouvent rien
SpywareTerminator et tune up trouvent 2 dll dans windows/system32 mais n'arrivent pas à les supprimer, j'ai essayé plusieurs solutions, rien à faire, j'ai supprimé les fichiers de restauration , les *.reg de ccleaner et regcleaner ...
rien de rien !!!
la panique quoi ...
et les vignette de google preview sont bien remplacées par un rond rouge barré de rouge, mais en cliquant dessus j'arrive quand même sur la bonne url alors que si je suis le lien ... hop je pars je ne sais où ....
même certains liens de téléchargement d'utilitaires de nettoyage sont refusés ...
alors si vous avez une solution ! ce serait la bienvenue !!!
@+
b g
le 'www' est fait aussi pour communiquer, partager et échang­er, non ?

   
Répondre à bg62

4

pimprenelle27, le 15 déc 2008 à 19:43:28

Essaye ceci


Télécharge Superantispyware (SAS) en cliquant sur ce lien :



Choisis "enregistrer" et enregistre-le sur ton bureau.

Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

Créé une icône sur le bureau.

Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

- Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
- Sous Configuration and Preferences, clique sur le bouton "Preferences"
- Clique sur l'onglet "Scanning Control "
- Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining
- Laisse les autres lignes décochées.

- Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

- Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

Dans la colonne de gauche, coche C:\Fixed Drive.

Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"

Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

Voici le tuto SUPERAntiSpyware

Pour recopier les informations sur le forum, fais ceci :

- après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
- Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
- Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.

- Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

- Copie son contenu dans ta réponse.


Pensez à mettre vos messages en résolu quand ils le sont. 
Pour ceux qui sont anonyme, pensez à avertir les modos avec le triangle jaune que votre sujet est résolu.
Merci

   
Répondre à pimprenelle27

5

bg62, le 15 déc 2008 à 20:11:30

Merci mais si je clique sur ton lien je n'arrive nulle part ....
je vais essayer de le trouver autrement

voici ce que SPYWARE TERMINATOR
a trouvé:
Backdoor.TDSS.atb dans windows/system32/TDSSriqp.dll
Backdoor.TDSS.aru dans windows/system32/TDSSoiqh.dll
leur supression ou destruction est toujours un échec ...
je viens d'essayer d'installer de nouveau spybot ... scratch complet !
il y a déjà certains post sur les 'presque' mêmes ... mais qui n'ont pas fonctionné pour moi ! comme par hasard
ps ... de plus je suis ici en bas débit !!!
b g
le 'www' est fait aussi pour communiquer, partager et échang­er, non ?

   
Répondre à bg62

6

bg62, le 15 déc 2008 à 20:20:47

Je viens d'essayer ...
quand je vais sur http://www.superantispyware.com/
FF et IE ne peuvent pas charger la page ....
pas mal non !
alors comment faire ?
b g
le 'www' est fait aussi pour communiquer, partager et échang­er, non ?

   
Répondre à bg62

7

bg62, le 15 déc 2008 à 21:04:27

Je viens de mettre "HJTInstall.exe" >> double clic et ... rien !
je ne sais plus comment faire ...
le 'www' est fait aussi pour communiquer, partager et échanger, non ?

   
Répondre à bg62

8

bg62, le 15 déc 2008 à 21:14:58

Et le top ...
dès que je mets un post si je recherge la page ... reconnexion à faire ! c'est à ne plus rien y comprendre ...
le 'www' est fait aussi pour communiquer, partager et échang­er, non ?

   
Répondre à bg62

9

bg62, le 15 déc 2008 à 21:37:45

Re ... je viens de mettre superantispyware ... mais comme tous les autres, impossible de lancer l'install ! 

<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="SUPERAntiSpyware.exe" FILTER="GRABMI_FILTER_PRIVACY">
    <MATCHING_FILE NAME="antivir_workstation_winu_fr_h.exe" SIZE="25220680" CHECKSUM="0x3544A89D" MODULE_TYPE="WIN32" PE_CHECKSUM="0x180DDE9" LINKER_VERSION="0x0" LINK_DATE="05/22/2007 04:59:14" UPTO_LINK_DATE="05/22/2007 04:59:14" />
    <MATCHING_FILE NAME="EasyPHP.exe" SIZE="172032" CHECKSUM="0x58C3E8D6" BIN_FILE_VERSION="1.8.0.0" BIN_PRODUCT_VERSION="1.8.0.0" PRODUCT_VERSION="1.8.0.0" FILE_DESCRIPTION="EasyPHP Manager" COMPANY_NAME="EasyPHP" PRODUCT_NAME="Application EasyPHP" FILE_VERSION="1.8.0.0" ORIGINAL_FILENAME="EasyPHP.EXE" INTERNAL_NAME="EasyPHP" LEGAL_COPYRIGHT="Copyright (C) 2004" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.8.0.0" UPTO_BIN_PRODUCT_VERSION="1.8.0.0" LINK_DATE="02/28/2005 11:50:44" UPTO_LINK_DATE="02/28/2005 11:50:44" VER_LANGUAGE="Français (France) [0x40c]" />
    <MATCHING_FILE NAME="FindyKill.exe" SIZE="517296" CHECKSUM="0xD465022B" BIN_FILE_VERSION="2.0.0.24" BIN_PRODUCT_VERSION="2.0.0.24" PRODUCT_VERSION="2, 0, 0, 24" FILE_DESCRIPTION="" COMPANY_NAME="" PRODUCT_NAME="FindyKill Install Program" FILE_VERSION="2, 0, 0, 24" ORIGINAL_FILENAME="" INTERNAL_NAME="" LEGAL_COPYRIGHT="" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.0.24" UPTO_BIN_PRODUCT_VERSION="2.0.0.24" LINK_DATE="12/17/2004 08:58:40" UPTO_LINK_DATE="12/17/2004 08:58:40" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
    <MATCHING_FILE NAME="Firefox Setup 3.0.4.exe" SIZE="7608200" CHECKSUM="0xA344001F" BIN_FILE_VERSION="4.42.0.0" BIN_PRODUCT_VERSION="4.42.0.0" PRODUCT_VERSION="4.42" FILE_DESCRIPTION="Firefox" COMPANY_NAME="Mozilla" PRODUCT_NAME="Firefox" FILE_VERSION="4.42" ORIGINAL_FILENAME="7zS.sfx.exe" INTERNAL_NAME="7zS.sfx" LEGAL_COPYRIGHT="Mozilla" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x743B65" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="4.42.0.0" UPTO_BIN_PRODUCT_VERSION="4.42.0.0" LINK_DATE="08/15/2006 22:27:50" UPTO_LINK_DATE="08/15/2006 22:27:50" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
    <MATCHING_FILE NAME="HJTInstall.exe" SIZE="812344" CHECKSUM="0x500A3516" BIN_FILE_VERSION="1.0.0.1" BIN_PRODUCT_VERSION="1.0.0.1" PRODUCT_VERSION="2.00.2" FILE_DESCRIPTION="HijackThis" COMPANY_NAME="Trend Micro Inc." PRODUCT_NAME="HijackThis" FILE_VERSION="2.00.2" ORIGINAL_FILENAME="HJTInstall.exe" INTERNAL_NAME="HJTInstall.exe" LEGAL_COPYRIGHT="(c) TrendMirco Inc.  All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xD44EE" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.1" UPTO_BIN_PRODUCT_VERSION="1.0.0.1" LINK_DATE="06/07/2007 17:00:02" UPTO_LINK_DATE="06/07/2007 17:00:02" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
    <MATCHING_FILE NAME="mbam-setup.exe" SIZE="2539400" CHECKSUM="0x4C073403" BIN_FILE_VERSION="1.31.0.0" BIN_PRODUCT_VERSION="0.0.0.0" PRODUCT_VERSION="1.31                " FILE_DESCRIPTION="Malwarebytes' Anti-Malware                                  " COMPANY_NAME="Malwarebytes Corporation                                    " PRODUCT_NAME="Malwarebytes' Anti-Malware                                  " FILE_VERSION="1.31                " LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved.                                                    " VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x271763" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="1.31.0.0" UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Langue neutre [0x0]" />
    <MATCHING_FILE NAME="spybotsd160.exe" SIZE="15083520" CHECKSUM="0xB2D9476F" BIN_FILE_VERSION="1.6.0.0" BIN_PRODUCT_VERSION="0.0.0.0" PRODUCT_VERSION="1.6.0               " FILE_DESCRIPTION="Spybot - Search &amp; Destroy                                   " COMPANY_NAME="Safer Networking Limited                                    " PRODUCT_NAME="Spybot - Search &amp; Destroy                                   " FILE_VERSION="1.6.0               " LEGAL_COPYRIGHT="© 2000-2008 Safer Networking Limited. All rights reserved.                                          " VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE6494F" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="1.6.0.0" UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Langue neutre [0x0]" />
    <MATCHING_FILE NAME="SpywareTerminatorSetup.exe" SIZE="646376" CHECKSUM="0x6E623061" BIN_FILE_VERSION="2.5.0.567" BIN_PRODUCT_VERSION="0.0.0.0" FILE_DESCRIPTION="Spyware Terminator Setup                                    " COMPANY_NAME="Crawler Inc.                                                " FILE_VERSION="2.5.0.567           " LEGAL_COPYRIGHT="copyright Crawler                                                                                   " VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA50DE" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.5.0.567" UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
    <MATCHING_FILE NAME="SUPERAntiSpyware.exe" SIZE="6637592" CHECKSUM="0xA0040FAE" BIN_FILE_VERSION="4.21.0.1004" BIN_PRODUCT_VERSION="4.21.0.1004" FILE_DESCRIPTION="SUPERAntiSpyware Free Edition" COMPANY_NAME="SUPERAntiSpyware.com" FILE_VERSION="4.21.0.1004" LEGAL_COPYRIGHT="SUPERAntiSpyware.com" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x10001" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x656EDD" LINKER_VERSION="0x40000" UPTO_BIN_FILE_VERSION="4.21.0.1004" UPTO_BIN_PRODUCT_VERSION="4.21.0.1004" LINK_DATE="01/29/2004 06:13:04" UPTO_LINK_DATE="01/29/2004 06:13:04" />
    <MATCHING_FILE NAME="ToolsCleaner2.exe" SIZE="455168" CHECKSUM="0x563BF6B" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" />
    <MATCHING_FILE NAME="pass_12042008\usb\Thunderbird Setup 2.0.0.17.exe" SIZE="6834208" CHECKSUM="0xE281DA77" BIN_FILE_VERSION="4.42.0.0" BIN_PRODUCT_VERSION="4.42.0.0" PRODUCT_VERSION="4.42" FILE_DESCRIPTION="Thunderbird" COMPANY_NAME="Mozilla" PRODUCT_NAME="Thunderbird" FILE_VERSION="4.42" ORIGINAL_FILENAME="7zS.sfx.exe" INTERNAL_NAME="7zS.sfx" LEGAL_COPYRIGHT="Mozilla" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x68E290" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="4.42.0.0" UPTO_BIN_PRODUCT_VERSION="4.42.0.0" LINK_DATE="08/15/2006 22:27:50" UPTO_LINK_DATE="08/15/2006 22:27:50" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
    <MATCHING_FILE NAME="raccourcis\POUR LES DOUBLONS  dupfinder.exe" SIZE="225792" CHECKSUM="0x89FBD61B" BIN_FILE_VERSION="2.0.0.0" BIN_PRODUCT_VERSION="2.0.0.0" PRODUCT_VERSION="2.0" FILE_DESCRIPTION="Duplicate File Finder" COMPANY_NAME="Microsoft" PRODUCT_NAME="DUPFINDER Application" FILE_VERSION="2.0" ORIGINAL_FILENAME="DUPFINDER.EXE" INTERNAL_NAME="DUPFINDER" LEGAL_COPYRIGHT="Copyright (C) Microsoft Corp. 1998" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x41185" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.0.0" UPTO_BIN_PRODUCT_VERSION="2.0.0.0" LINK_DATE="04/25/1998 01:39:54" UPTO_LINK_DATE="04/25/1998 01:39:54" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
    <MATCHING_FILE NAME="kernel32.dll" SIZE="1054720" CHECKSUM="0x98676D5" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" FILE_DESCRIPTION="DLL du client API BASE Windows NT" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="5.1.2600.5512 (xpsp.080413-2111)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1049F8" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/14/2008 02:33:02" UPTO_LINK_DATE="04/14/2008 02:33:02" VER_LANGUAGE="Français (France) [0x40c]" />
</EXE>
</DATABASE>

alors là si vous avez la solution .... je suis preneur !
le 'www' est fait aussi pour communiquer, partager et échanger, non ?

   
Répondre à bg62

10

bg62, le 16 déc 2008 à 09:46:23

J'ai réussi àfaire tourner une ancienne version de hijack, voici les deux rapports, l'un avant bidouillage, l'autre après, mais il n'y a toujours rien de changé ...
1 

Logfile of HijackThis v1.99.0
Scan saved at 22:49:57, on 15/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\PSIService.exe
d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\cidaemon.exe
D:\divers\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: HunterSite Class - {A83E9D7E-119A-4A2C-94FE-2D4315ED3D40} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: GooglePreviewIE Toolbar Helper - {D476B977-AF6C-481A-8472-2ABAB5E89F20} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: GooglePreviewIE Toolbar - {AEC32322-9D72-4C55-A108-33875F07BC03} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Ouvrir avec GetRight - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Save Flash to GetFlash - res://D:\Program Files\Superhunter\GetFlash\GetFlash.dll/GetFlash.htm
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - d:\Program Files\Systran\Premium\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - d:\Program Files\Systran\Premium\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - d:\Program Files\Systran\Premium\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En&registrement - d:\Program Files\Systran\Premium\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - d:\Program Files\Systran\Premium\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - d:\Program Files\Systran\Premium\menuTranslateAll.html
O8 - Extra context menu item: Télecharger avec GetRight - C:\Program Files\GetRight\GRdownload.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [!AGetFlash] GetFlash
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BitDefender Scan Server - Unknown - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\system32\imapi.exe
O23 - Service: BitDefender Desktop Update Service - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: RaySat_3dsmax8 Server - Unknown - D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Motkkdio - Unknown - C:\WINDOWS\system32\autofmt.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccess - Unknown - D:\Program Files\studioline web\NMSAccess.exe (file missing)
O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: ProtexisLicensing - Unknown - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ScsiAccess - Unknown - d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Service SNMP - Unknown - C:\WINDOWS\System32\snmp.exe
O23 - Service: Spyware Terminator Realtime Shield Service - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TuneUp Drive Defrag Service - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: BitDefender Virus Shield - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: wampapache - Apache Software Foundation - d:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown - d:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media - Unknown - C:\Program Files\Windows Media Player\WMPNetwk.exe
O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: BitDefender Communicator - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe


2 

Logfile of HijackThis v1.99.0
Scan saved at 22:53:52, on 15/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\PSIService.exe
d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\cidaemon.exe
D:\divers\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: HunterSite Class - {A83E9D7E-119A-4A2C-94FE-2D4315ED3D40} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: GooglePreviewIE Toolbar Helper - {D476B977-AF6C-481A-8472-2ABAB5E89F20} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: GooglePreviewIE Toolbar - {AEC32322-9D72-4C55-A108-33875F07BC03} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Ouvrir avec GetRight - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Save Flash to GetFlash - res://D:\Program Files\Superhunter\GetFlash\GetFlash.dll/GetFlash.htm
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - d:\Program Files\Systran\Premium\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - d:\Program Files\Systran\Premium\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - d:\Program Files\Systran\Premium\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En&registrement - d:\Program Files\Systran\Premium\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - d:\Program Files\Systran\Premium\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - d:\Program Files\Systran\Premium\menuTranslateAll.html
O8 - Extra context menu item: Télecharger avec GetRight - C:\Program Files\GetRight\GRdownload.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [!AGetFlash] GetFlash
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BitDefender Scan Server - Unknown - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\system32\imapi.exe
O23 - Service: BitDefender Desktop Update Service - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: RaySat_3dsmax8 Server - Unknown - D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Motkkdio - Unknown - C:\WINDOWS\system32\autofmt.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccess - Unknown - D:\Program Files\studioline web\NMSAccess.exe (file missing)
O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: ProtexisLicensing - Unknown - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ScsiAccess - Unknown - d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Service SNMP - Unknown - C:\WINDOWS\System32\snmp.exe
O23 - Service: Spyware Terminator Realtime Shield Service - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TuneUp Drive Defrag Service - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: BitDefender Virus Shield - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: wampapache - Apache Software Foundation - d:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown - d:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media - Unknown - C:\Program Files\Windows Media Player\WMPNetwk.exe
O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: BitDefender Communicator - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe


sos !!!!!
b g
le 'www' est fait aussi pour communiquer, partager et échanger, non ?

   
Répondre à bg62

11

bg62, le 19 déc 2008 à 11:58:50

Ouf ... 3 jours !
je vous prépare la solution "ultime" ...
b g
le 'www' est fait aussi pour communiquer, partager et échanger, non ?

   
Répondre à bg62

12

bg62, le 19 déc 2008 à 15:59:17

Re ... et ouf !!!
la solution ultime et la plus simple finalement :
http://www.unesourisetmoi.info/blog/index.php?226-virus-ou-t­rojan-backdoor-tdss
la preuve, je reviens ...
merci à tous
b g
le 'www' est fait aussi pour communiquer, partager et échang­er, non ?

   
Répondre à bg62

13

bg62, le 19 déc 2008 à 16:33:08

Dernier rapport (j'espère ..): 

Logfile of HijackThis v1.99.0
Scan saved at 16:30:43, on 19/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\PSIService.exe
d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
D:\divers\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: HunterSite Class - {A83E9D7E-119A-4A2C-94FE-2D4315ED3D40} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: GooglePreviewIE Toolbar Helper - {D476B977-AF6C-481A-8472-2ABAB5E89F20} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: GooglePreviewIE Toolbar - {AEC32322-9D72-4C55-A108-33875F07BC03} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Ouvrir avec GetRight - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Save Flash to GetFlash - res://D:\Program Files\Superhunter\GetFlash\GetFlash.dll/GetFlash.htm
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: Télecharger avec GetRight - C:\Program Files\GetRight\GRdownload.htm
O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [!AGetFlash] GetFlash
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B048FAF6-E932-4DE4-AEF9-7E9091D207C4}: NameServer = 213.36.80.1
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BitDefender Scan Server - Unknown - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: RaySat_3dsmax8 Server - Unknown - D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Motkkdio - Unknown - C:\WINDOWS\system32\autofmt.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccess - Unknown - D:\Program Files\studioline web\NMSAccess.exe (file missing)
O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: ProtexisLicensing - Unknown - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ScsiAccess - Unknown - d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Service SNMP - Unknown - C:\WINDOWS\System32\snmp.exe
O23 - Service: Spyware Terminator Realtime Shield Service - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TuneUp Drive Defrag Service - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: BitDefender Virus Shield - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: wampapache - Apache Software Foundation - d:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown - d:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media - Unknown - C:\Program Files\Windows Media Player\WMPNetwk.exe
O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: BitDefender Communicator - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

@+
le 'www' est fait aussi pour communiquer, partager et échanger, non ?

   
Répondre à bg62

14

Destrio5, le 19 déc 2008 à 16:36:23

Salut,

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.

   
Répondre à Destrio5

15

bg62, le 19 déc 2008 à 16:46:28

Log.txt: 

Logfile of random's system information tool 1.05 (written by random/random)
Run by bg at 2008-12-19 16:42:48
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 20 GB (58%) free of 35 GB
Total RAM: 511 MB (19% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{3AC4AFA8-0829-43­09-809A-731BBABF44CD}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{31FF080D-12A3-439A-A2EF-4BA95A3148E8}]
bho2gr Class - C:\Program Files\GetRight\xx2gr.dll [2005-02-14 233472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-18 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}]
SnapFlash Class - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll [2006-03-16 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{A83E9D7E-119A-4A2C-94FE-2D4315ED3D40}]
HunterSite Class - D:\Program Files\Superhunter\GetFlash\GetFlash.dll [2004-09-03 335872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{D476B977-AF6C-481A-8472-2ABAB5E89F20}]
GooglePreviewIE Toolbar Helper - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll [2008-12-14 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-18 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]
{AEC32322-9D72-4C55-A108-33875F07BC03} - GooglePreviewIE Toolbar - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll [2008-12-14 806912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-02-26 65024]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2004-08-06 32768]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2004-07-26 49152]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSD.exe [2004-07-26 204800]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2004-08-06 73728]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-07-25 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-07-25 618496]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-07-17 339968]
"PCMService"=C:\Program Files\Home Cinema\PowerCinema\PCMService.exe [2004-09-08 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-18 136600]
"CloneCDTray"=D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2004-12-09 57344]
"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2007-09-21 290816]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-09-21 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"1&1 EasyLogin"=C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe [2008-01-24 1545216]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="sockspy.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
:\WINDOWS\syste

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=91000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files\BearShare\BearShare.exe"="D:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare"
"D:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="D:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3"
"C:\Program Files\Media Player Classic\mplayerc.exe"="C:\Program Files\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Autodesk\3dsMax8\3dsmax.exe"="D:\Program Files\Autodesk\3dsMax8\3dsmax.exe:*:Disabled:Autodesk 3ds Max 8"
"D:\Program Files\Macromedia\Flash MX\Flash.exe"="D:\Program Files\Macromedia\Flash MX\Flash.exe:*:Disabled:Flash 6.0 r25"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\wamp\bin\apache\apache2.2.8\bin\httpd.exe"="D:\wamp\bin\apache\apache2.2.8\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Radio Fr Solo\Radio_Fr_Solo.exe"="C:\Program Files\Radio Fr Solo\Radio_Fr_Solo.exe:*:Enabled:Radio Fr Solo"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{448febe0-bdae-11da-b7d1-000e354d8506}]
shell\AutoRun\command - E:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99e362f0-18b6-11dc-b88b-000e354d8506}]
shell\AutoRun\command - F:\WinStressCopie.exe


======File associations======

.js - edit - 
.js - open - 

======List of files/folders created in the last 1 months======

2008-12-19 16:42:54 ----D---- C:\Program Files\trend micro
2008-12-19 16:42:48 ----D---- C:\rsit
2008-12-18 18:20:47 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-18 18:20:42 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-18 18:20:37 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-18 18:20:30 ----A---- C:\WINDOWS\system32\java.exe
2008-12-16 17:34:32 ----SHD---- C:\$RECYCLE.BIN
2008-12-15 20:28:57 ----A---- C:\FindyKill.txt
2008-12-15 12:44:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-15 12:00:31 ----D---- C:\WINDOWS\Temp
2008-12-15 08:07:49 ----D---- C:\Program Files\WinClamAVShield
2008-12-14 22:33:39 ----D---- C:\Documents and Settings\bg\Application Data\Spyware Terminator
2008-12-14 22:33:31 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-12-14 22:33:24 ----D---- C:\Program Files\Spyware Terminator
2008-12-14 18:14:28 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-14 15:17:13 ----A---- C:\WINDOWS\GooglePreviewIE_Toolbar_Uninstaller_5040.exe
2008-12-13 11:58:32 ----A---- C:\WINDOWS\system32\WowCtl.dll
2008-12-13 11:58:31 ----A---- C:\WINDOWS\system32\dXTList.dll
2008-12-13 11:58:31 ----A---- C:\WINDOWS\system32\dXPSystm.dll
2008-12-11 19:49:06 ----D---- C:\Program Files\uTorrent
2008-12-11 19:48:56 ----D---- C:\Documents and Settings\bg\Application Data\uTorrent
2008-12-03 17:54:50 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-02 11:23:11 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2008-12-02 11:23:09 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2008-12-02 11:23:08 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2008-12-02 11:23:01 ----D---- C:\Documents and Settings\bg\Application Data\TuneUp Software
2008-12-02 11:20:59 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-12-02 11:20:22 ----D---- C:\Program Files\TuneUp Utilities 2009
2008-12-02 11:19:13 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-11-25 17:01:36 ----D---- C:\Documents and Settings\All Users\Application Data\WhereIsIt
2008-11-25 11:47:37 ----D---- C:\Documents and Settings\bg\Application Data\CD Bank
2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\zlib.dll
2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\vbpng.dll
2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\unzip.dll
2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\unrar.dll
2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\PaintX.dll

======List of files/folders modified in the last 1 months======

2008-12-19 16:42:54 ----D---- C:\Program Files
2008-12-19 12:19:42 ----D---- C:\WINDOWS\Prefetch
2008-12-19 10:27:29 ----D---- C:\WINDOWS\system32
2008-12-19 10:07:51 ----A---- C:\WINDOWS\win.ini
2008-12-19 10:06:53 ----A---- C:\WINDOWS\ModemLog_Intel(R) 537EA Modem.txt
2008-12-19 08:40:48 ----D---- C:\Program Files\Mozilla Firefox
2008-12-19 02:19:21 ----D---- C:\WINDOWS
2008-12-19 02:02:13 ----SHD---- C:\WINDOWS\Installer
2008-12-19 02:02:13 ----D---- C:\Config.Msi
2008-12-19 01:58:49 ----D---- C:\Program Files\Fichiers communs
2008-12-19 01:56:32 ----D---- C:\Program Files\Softwin
2008-12-19 01:55:26 ----D---- C:\Program Files\Nero
2008-12-19 01:45:11 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-12-18 20:29:16 ----SHD---- C:\System Volume Information
2008-12-18 20:29:16 ----D---- C:\WINDOWS\system32\Restore
2008-12-18 19:03:40 ----D---- C:\Program Files\a-squared Free
2008-12-18 18:09:34 ----D---- C:\Program Files\Java
2008-12-18 17:56:58 ----A---- C:\WINDOWS\ModemLog_Modem 56000 bps Standard.txt
2008-12-18 17:45:06 ----D---- C:\WINDOWS\system32\drivers
2008-12-16 12:06:21 ----HD---- C:\WINDOWS\inf
2008-12-16 12:05:38 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-15 12:39:20 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-14 19:24:00 ----D---- C:\WINDOWS\system32\config
2008-12-14 18:41:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-14 18:41:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-14 18:41:07 ----HDC---- C:\WINDOWS\$NtUninstallWMCSetup$
2008-12-14 18:41:07 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-12-14 18:41:06 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-12-14 18:27:01 ----D---- C:\WINDOWS\Debug
2008-12-14 18:11:31 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-14 17:35:10 ----D---- C:\Program Files\RamBoost XP
2008-12-14 16:57:25 ----SD---- C:\Documents and Settings\bg\Application Data\Microsoft
2008-12-14 16:57:21 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-14 16:56:14 ----D---- C:\WINDOWS\system32\FxsTmp
2008-12-14 11:48:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-14 11:48:48 ----D---- C:\Program Files\Internet Explorer
2008-12-14 11:48:10 ----D---- C:\WINDOWS\ie7updates
2008-12-14 11:47:12 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-14 11:32:39 ----RSD---- C:\WINDOWS\assembly
2008-12-14 11:30:41 ----D---- C:\WINDOWS\WinSxS
2008-12-14 11:26:14 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-14 10:00:50 ----D---- C:\Documents and Settings\bg\Application Data\Google
2008-12-09 15:24:38 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-06 16:56:00 ----D---- C:\EasyPHP1-8
2008-12-03 20:52:17 ----D---- C:\Documents and Settings\bg\Application Data\Adobe
2008-12-03 20:52:17 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-03 18:42:50 ----D---- C:\WINDOWS\Registration
2008-12-03 17:54:55 ----D---- C:\WINDOWS\Help
2008-12-02 11:23:04 ----SD---- C:\WINDOWS\Tasks
2008-11-22 17:41:14 ----D---- C:\Documents and Settings\bg\Application Data\U3

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2005-11-21 16512]
R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-05 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-05 55936]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-26 611820]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-07-17 768512]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2004-05-26 44928]
R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
R3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 IntelC51;IntelC51; C:\WINDOWS\system32\DRIVERS\IntelC51.sys [2004-01-20 1086853]
R3 IntelC52;IntelC52; C:\WINDOWS\system32\DRIVERS\IntelC52.sys [2004-01-20 619369]
R3 IntelC53;IntelC53; C:\WINDOWS\system32\DRIVERS\IntelC53.sys [2004-01-20 77925]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mohfilt;mohfilt; C:\WINDOWS\system32\DRIVERS\mohfilt.sys [2004-01-20 31440]
R3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-07-25 270544]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-01-02 1646720]
R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S2 FILESpy;FILESpy; \??\C:\Program Files\Softwin\BitDefender9\filespy.sys []
S2 REGSpy;REGSpy; \??\C:\Program Files\Softwin\BitDefender9\regspy.sys []
S3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-09-03 698368]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-08-31 26240]
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
S3 MPCSYS;MPCSYS; \??\C:\WINDOWS\system32\DRIVERS\mpcsys.sys []
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 uxddrv;Dynamically loaded UxdDrv; \??\C:\Documents and Settings\All Users\Bureau\WinStress\uxddrv.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2008-12-18 419448]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-07-17 389120]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2007-07-13 72704]
R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-09-21 81920]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-18 152984]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-08-15 278528]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 ScsiAccess;ScsiAccess; d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2006-01-04 181312]
R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]
R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-12-14 539136]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-11-03 462848]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-01-13 86016]
R3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 mi-raysat_3dsmax8;RaySat_3dsmax8 Server; D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe [2005-09-21 65536]
S2 NMSAccess;NMSAccess; D:\Program Files\studioline web\NMSAccess.exe []
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2008-12-02 603904]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-01-04 68096]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-08-07 654848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]
S3 Motkkdio;Motkkdio; C:\WINDOWS\system32\autofmt.exe [2008-04-14 616960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pgasvc;Authentification de groupe réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 PNRPSvc;Protocole de résolution de noms d'homologues; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-12-02 362240]
S3 wampapache;wampapache; d:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635]
S3 wampmysqld;wampmysqld; d:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe [2008-04-17 5750784]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------


info.txt: 

info.txt logfile of random's system information tool 1.05 2008-12-19 16:44:12

======Uninstall list======

-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe"
-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0DAEA5-826C-4A76-B176-56959B99D3F0}\setup.exe" -l0x40c 
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c 
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1&1 Connexion directe-->C:\Program Files\1&1\1&1 Connexion directe\Uninstall.exe
3D Exploration-->"d:\Program Files\3D Exploration\Uninstal.exe"
3D Photo Browser 7.6-->d:\Program Files\3D Photo Browser\uninst.exe
3D Screen Creator 0.3.5-->"d:\Program Files\3D Screen Creator\unins000.exe"
7-Zip 4.42-->"d:\Program Files\7-Zip\Uninstall.exe"
AAA Logo 1.2-->"d:\Program Files\AAALOGO\unins000.exe"
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Creative Suite-->C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\ad19d2ae8332572b119cf35fd0a30d8\Setup.exe
Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{77D2A9D3-5800-43E3-B274-87841BC87DB2}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3-->MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
Adobe Premiere Elements 1.0-->msiexec /I {6CCDF4E6-D2AE-4DD8-80FD-F9AFF951AEAE}
Adobe Reader 8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A80000000002}
Adobe Setup-->MsiExec.exe /I{82503EA7-7E08-4AA8-90E9-BE4D0A6D453F}
Adobe Setup-->MsiExec.exe /I{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}
Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
Adobe Setup-->MsiExec.exe /I{D2E18162-47FB-4216-8AB3-F420C1AF75A4}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE C:\WINDOWS\system32\Macromed\Shockwave 10\Install.log
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
AirXonix version 1.35-->"d:\Program Files\AirXonix\unins000.exe"
Alien Skin Xenofex 2.0-->D:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ADOBEP~1\plugins\ALIENS~1\XENOFE~1\UNWISE.EXE D:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ADOBEP~1\plugins\ALIENS~1\XENOFE~1\INSTALL.LOG
Amapi 3D v4.1-->C:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Amapi 3D\Uninst.isu"
AmazingMIDI-->D:\PROGRA~1\AMAZIN~1\UNWISE.EXE D:\PROGRA~1\AMAZIN~1\INSTALL.LOG
AM-DeadLink 2.8-->"C:\Program Files\AM-DeadLink\unins000.exe"
Annuaire Web Maker 1.0-->"d:\Program Files\AnnuWeb\unins000.exe"
Anvil Studio-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\Anvil Studio\ST5UNST.LOG"  
Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
a-squared Free 3.0-->"C:\Program Files\a-squared Free\unins000.exe"
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" 
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.3-->"d:\Program Files\Audacity\unins000.exe"
Autodesk 3ds Max 8-->MsiExec.exe /I{DBB313D6-4B13-4961-BD5F-673CDA1793CC}
AVIcodec (remove only)-->"d:\Program Files\AVIcodec\uninst.exe"
AviSynth 2.5-->"d:\Program Files\AviSynth 2.5\Uninstall.exe"
Axialis IconWorkshop 6.0-->d:\Program Files\Axialis\IconWorkshop\UnInstall.exe "IconWorkshop" "IconWorkshop.exe"
BitDefender Antivirus Plus v10-->MsiExec.exe /I{10FFFFFD-E5EA-4AA7-902F-2B057ACF7C8A}
Blagues-->C:\Program Files\Blagues\uninstall.exe
Briberry 1.2-->"d:\Program Files\Astase\Briberry\unins000.exe"
Broadcom 440x 10/100 Integrated Controller-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1036 
Bryce(R) 5-->C:\WINDOWS\IsUninst.exe -f"d:\Program Files\Corel\Bryce 5\Uninst.isu"
CANAL Numedia Avatar Studio-->C:\WINDOWS\IsUn040c.exe -f"d:\Program Files\CANAL Numedia\Avatar Studio\DelCPLUS.isu"
Capturino V1.3-->d:\Program Files\Capturino V1.3\Uninstal.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDCheck (remove only)-->"d:\Program Files\CDCheck\uninst.exe"
CDex FR - extraction audio-->"d:\Program Files\CDex\uninstall.exe"
CD'n'Go! Suite 2.00-->"d:\Program Files\CD'n'Go! Suite\unins000.exe"
ChaosPro 3.2-->D:\PROGRA~1\CHAOSP~1.2\UNWISE.EXE D:\PROGRA~1\CHAOSP~1.2\INSTALL.LOG
Citations-->c:\Citations\Uninstal.exe
Cleanerzoomer 1.01 Free Edition-->"d:\Program Files\Cleanerzoomer\Uninstall.exe" "d:\Program Files\Cleanerzoomer\install.log"
CloneCD-->"D:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="D:\Program Files\SlySoft\CloneCD"
Codecs X264 (c) Ripp-it Te@m-->C:\Program Files\Codecs X264\Uninstal.exe
Compacteur HTML-->d:\Program Files\Compacteur HTML\Uninstall.exe
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Compel Adaptec WinASPI-->"d:\Program Files\WinASPI\unins000.exe"
CoreAAC Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreAAC-uninstall.exe"
CoreVorbis Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
DAZ|Studio 1.3.0.1-->C:\WINDOWS\unvise32.exe d:\Program Files\DAZ\Studio\DAZ Studio Uninstall.log
Debris Visual Art-->"d:\Program Files\Debris Visual Art\debris-uninst.exe"
Dico-->C:\WINDOWS\st6unst.exe -n "D:\Program Files\DICO\ST6UNST.LOG"  
Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
DivX 5.0.2 Bundle-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\uninstal.log
DivX Codec 3.1alpha release-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivX.inf
DivX Player-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Player\uninstal.log
DVD Decrypter 3.5.4.0 Fr-->d:\Program Files\DVD Decrypter\UnInstall_DVDdecrypt.exe
DVD Ripper Platinum 4-->d:\Program Files\Xilisoft\DVD Ripper Platinum 4\Uninstall.exe
DVD Shrink 3.2-->"D:\Program Files\DVD Shrink\unins000.exe"
DVDFab Decrypter 3.0.3.5-->"d:\Program Files\DVDFab Decrypter 3\unins000.exe"
DxPlante 3.0-->C:\WINDOWS\unin040c.exe -f"d:\Program Files\DxSoft\DxPlante 3.0\DeIsL1.isu"  -c"d:\Program Files\DxSoft\DxPlante 3.0\_ISREG32.DLL"
e-anim603-->d:\Program Files\e-anim603\uninstall.exe
EasyDivX v0.820 Standard-->C:\EasyDivX\uninstall.exe
EasyPHP 1.8-->C:\EasyPHP1-8\unins000.exe
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Extensis Mask Pro 2.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Extensis\Mask Pro 2.0\Uninst.isu"
Eye Candy 4000-->D:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ADOBEP~1\plugins\EYECAN~1\EYECAN~1\UNWISE.EXE D:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ADOBEP~1\plugins\EYECAN~1\EYECAN~1\INSTALL.LOG
FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"
Flash Catcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C6B728E-31B1-48B3-99B5-6B6BB85BC896}\setup.exe" 
FlashMP3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BCD5D82-FD06-4AB1-98D8-BB557895FC1A}\setup.exe" 
Font Creator Program 3.0-->"d:\Program Files\High-Logic\Font Creator Program\unins000.exe"
FrameFun 1.0.4.9-->"d:\Program Files\FrameFun\unins000.exe"
Free Mp3 Wma Converter V 1.3.0-->"d:\Program Files\Free Audio Pack\unins000.exe"
Free WMA to MP3 Converter 1.16-->"d:\Program Files\Free WMA to MP3 Converter\unins000.exe"
FTP Expert 3-->"g:\Program Files\Visicom Media\FTP Expert 3\uninst-ftp.exe"
Galerie photo xhtml-->MsiExec.exe /I{09C393BF-FD7A-4B0B-8A43-CAC585ABB22D}
Générateur de Mot de Passe version 2.0-->"d:\Program Files\GenerateurMotPasse20\unins000.exe"
GetFlash-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AECFC8C-1721-4F74-9C60-6A726067D028}\Setup.exe" 
GetRight-->C:\Program Files\GetRight\GETRIGHT.EXE /UNINSTALL
Google Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c  -removeonly
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
GooglePreviewIE Toolbar-->"C:\WINDOWS\GooglePreviewIE_Toolbar_Uninstaller_5040.exe"  _?=C:\Program Files\GooglePreviewIE Toolbar
GX::Transcoder.net AWE-->"d:\Program Files\GXTranscoder.net AWE\unins000.exe"
Harry's Filters-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\HRRYFIL2.INF, DefaultUninstall.ntx86
Hello Engines! Standard 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51974F4F-7A40-48AE-99B8-243F34F17884}\setup.exe" -l0x40c  -removeonly
HijackThis 1.99.1-->D:\sauvegarde\logs\HijackThis.exe /uninstall
HyperSnap-DX-->C:\WINDOWS\UnHSDX.bat
Images Webscan 2.2b-->D:\Program Files\Images Webscan\uninst.exe
Incomedia WebSite X5 Evolution-->C:\WINDOWS\system32\iwpsetup.exe Uninst /Evolution /FR /d:\Program Files\WebSite X5 Evolution
Indispensables RV9/RV10 pour Ri4m-->C:\Program Files\Ripp-it_AM\Uninstal.exe
Intel(R) 537EA Modem-->rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EA Modem"
IrfanView (remove only)-->D:\Program Files\IrfanView\iv_uninstall.exe
IsoBuster 1.4-->"d:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
Izimailing v 3.00.18-->d:\Program Files\Izimailing v3\Uninstal.exe
J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Kai's Power Goo OEM-->C:\WINDOWS\uninst.exe -f"d:\Kai's Power Goo OEM\DeIsL1.isu"
KC Softwares AudioGrail-->"d:\Program Files\KC Softwares\AudioGrail\unins000.exe"
KC Softwares VideoInspector-->"d:\Program Files\KC Softwares\VideoInspector\unins000.exe"
Kit Runtime VB6.0-->C:\WINDOWS\st6unst.exe -n "C:\WINDOWS\system32\ST6UNST.LOG"  
KPT 6-->C:\WINDOWS\IsUninst.exe -f"d:\program files\adobe\adobe photoshop cs\modules externes\adobe photoshop only\plugins\kpt6\KPT6\KPT6Unin.isu"
KPT(R) effects(TM)-->C:\WINDOWS\IsUninst.exe -f"d:\program files\adobe\adobe photoshop cs\modules externes\adobe photoshop only\plugins\kpt7\KPT effects\KPTUnins.isu"
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Launch Manager V1.1.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\Setup.exe" -l0x40c  -uninst 
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Link200 v3.2-->"d:\Program Files\Veign\Link200\unins000.exe"
Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x40c mmUninstall
Macromedia Flash MX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x40c UNINSTALL
Matroska Pack (remove only)-->C:\Program Files\Matroska Pack\Uninstall.exe
Medi@Show-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Home Cinema\MediaShow\Uninst.isu"
Media Lab SiteGrinder 2 (Basic & Pro)-->c:\Program Files\Adobe\Adobe Photoshop CS\Modules externes\Media Lab SiteGrinder 2\Uninstall SiteGrinder 2.exe
MediaCoder 0.6.0-->D:\Program Files\MediaCoder\uninst.exe
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Calculatrice Plus-->MsiExec.exe /I{13922F10-BD74-4912-AB11-E34B35062700}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft PowerPoint Viewer 97-->C:\Program Files\PowerPoint Viewer\setup\install.exe
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
ModelMagic3D-->C:\WINDOWS\uninst.exe -f"d:\Program Files\ImageWare Development\ModelMagic3D\DeIsL1.isu"  -c"d:\Program Files\ImageWare Development\ModelMagic3D\_ISREG32.DLL"
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
MojoWorld2SE-->"d:\Program Files\Pandromeda\MojoWorld2SE\unins000.exe"
morillon01-->"C:\WINDOWS\uninstall morillon01.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 CD Maker-->"d:\Program Files\MP3CD\unins000.exe"
MP3Producer-->C:\WINDOWS\MP3Producer Uninstaller.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
N1busMetaEditor-->D:\Program Files\N1busMetaEditor\uninstall.exe
Nero 9-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe  REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OSS Audio Extractor 5.6.0.4-->"d:\Program Files\OSS\AudioExtractor\unins000.exe"
P3dO Explorer (remove only)-->"d:\Program Files\P3dO Explorer\UninstallP3dO.exe"
Pack PSP - Ri4m - v1.0-->C:\Program Files\Pack PSP - Ri4m\Uninstal.exe
Painter Classic-->C:\WINDOWS\IsUn040c.exe -f"d:\Program Files\Painter Classic\DeIsL1.isu"
PC Inspector smart recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9A87D86-FDFD-418B-BF96-EF09320973B3}\Setup.exe" -l0x40c 
PC Wizard 2006.1.71-->"d:\Program Files\PC Wizard 2006\unins000.exe"
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Photo Story 3 for Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Photodex Presenter-->C:\Program Files\Photodex Presenter\uninst.exe
Poser 6-->C:\WINDOWS\unvise32.exe d:\Program Files\Curious Labs\Poser 6\uninstal.log
PowerCinema 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe"  -uninstall
PowerDirector-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe"  -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe"  -uninstall
PrintFolder-->"d:\Program Files\PrintFolder\unins000.exe"
ProShow Gold-->d:\Program Files\Photodex\ProShowGold\proshow.exe . -u
PSPad editor-->"d:\Program Files\PSPad editor\Uninst\unins000.exe"
Questions-Réponses 1.55-->d:\Program Files\Atlence\Questions-Réponses 1.55\unins000.exe
QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083} /l1036 
Radio Fr Solo 2.1-->C:\Program Files\Radio Fr Solo\Uninstall.exe
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
Ranking Toolbox 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2388C625-9532-467F-ADEA-B92E027B85E3}\setup.exe" -l0x40c  -removeonly
Real Alternative 1.36-->"C:\Program Files\Real Alternative\unins000.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Revo Uninstaller 1.30-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Ri4m v4.1.1b-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
RIAM Video Enhancer-->C:\Program Files\RIAM Video Enhancer\Uninstal.exe
Ripp-It Codec Pack v 4.0.1-->C:\Program Files\Ripp-It Codec Pack\uninst.exe
Riva FLV Encoder 2.0-->"d:\Program Files\Riva\Riva FLV Encoder 2.0\unins000.exe"
ROR Feed Generator-->MsiExec.exe /I{3ADE7385-A897-4F5F-A8CD-C750E244FEBD}
ROR Sitemap Generator 1.0-->MsiExec.exe /I{3E039E39-438E-42B4-9C05-9B3120CD8672}
RssReader-->MsiExec.exe /I{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}
Runtime VB 5.0 fr-->C:\WINDOWS\ST5UNST.EXE -n "C:\WINDOWS\system32\ST5UNST.LOG"  
SaverWiz-->D:\PROGRA~1\SaverWiz\UNWISE.EXE D:\PROGRA~1\SaverWiz\INSTALL.LOG
Screensaver Factory 4 Enterprise-->"d:\Program Files\Screensaver Factory 4 Enterprise\unins000.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Simple Sudoku 4.1-->"D:\Program Files\Simple Sudoku\unins000.exe"
Site Map Builder.NET-->MsiExec.exe /I{61C2CE21-9172-4678-BE6F-5DDD0FBF8D4E}
SkyFox Promotion-->C:\WINDOWS\uninst.exe -f"d:\Program Files\DZH\SkyFox Promotion\DeIsL1.isu"  -c"d:\Program Files\DZH\SkyFox Promotion\_ISREG32.DLL"
Sqirlz Water Reflections-->C:\WINDOWS\Sqirlz Water Reflections Uninstaller.exe
SuDokuFree-->"D:\Program Files\Sudoku\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
tangram-->C:\WINDOWS\uninst.exe -f"d:\Program Files\MOSoft\tangram\DeIsL1.isu"  -c"d:\Program Files\MOSoft\tangram\_ISREG32.DLL"
Terragen 2 Technology Preview-->MsiExec.exe /I{B9C7402D-C744-4630-845D-D42DFEE59EBF}
Tests de QI et Mémoire-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A164036A-722E-41CB-A1C1-3C3825A575D6}\Setup.exe" -l0x40c 
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C9D90376-50C8-4907-AFA2-CA77364A8D51} 
Texture Processor v1.3-->"d:\Program Files\Texture Processor\unins000.exe"
ThumbsPlus version 7.0sp1-->D:\PROGRA~1\Thumbs7\UNWISE.EXE D:\PROGRA~1\Thumbs7\INSTALL.LOG
Topaz DeJPEG (freeware)-->MsiExec.exe /I{80A35F57-8C90-42A2-AD77-7D39F1FEC1C9}
Total Validator Tool-->d:\Program Files\TotalValidatorTool\uninstall.exe
TreeSize 1.74-->"d:\Program Files\JAM Software\TreeSize\unins000.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Turbo Lister-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{99CC78D1-2356-497C-84C1-F239884001EC} 
Ulead COOL 3D 3.0-->C:\WINDOWS\Ulead.dat\c3d3unin\setup.exe
Ulead GIF Animator 5 Evaluation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AF3E926-ED59-11D4-A44B-0000E86D2305}\Setup.exe" 
Ultra Fractal 3.05-->D:\Program Files\Ultra Fractal 3\Uninst.exe
Ultra Screen Saver Maker-->"d:\Program Files\Ultra Screen Saver Maker\Uninstall.exe" "d:\Program Files\Ultra Screen Saver Maker\install.log"
UltraISO V6.52-->"d:\Program Files\UltraISO\unins000.exe"
Ultralingua 4.4-->"d:\Program Files\Ultralingua\Ultralingua 4\unins000.exe"
Unlocker 1.7.3-->d:\Program Files\Unlocker\uninst.exe
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
videon-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{261D0486-9127-4071-BA1D-FE784310752E}\Setup.exe" -l0x40c 
Votre Economiseur Personnel 1.0-->"d:\Program Files\VSoft\Votre Economiseur Personnel\unins000.exe"
VP6 VFW Codec-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A23866A0-738B-4091-9924-0B0DE3988A15}\Setup.exe" -l0x9 
VroomHTML-->"d:\Program Files\VroomHTML\unins000.exe"
Vue 5 Esprit-->D:\Program Files\e-on software\Vue 5 Esprit\Uninstall.exe
WampServer 2.0-->"d:\wamp\unins001.exe"
Web CEO 7.5-->"d:\Program Files\Web CEO\Uninstall\unins000.exe"
WebBulle 1.04-->"d:\Program Files\WebBulle\unins000.exe"
webGobbler 1.2.6 for Windows-->"d:\Program Files\webGobbler\unins000.exe"
WhereIsIt? 3.94-->"D:\Program Files\WhereIsIt\unins000.exe"
WinAce Archiver 2.0-->d:\Program Files\WinAce\SXUNINST.EXE d:\Program Files\WinAce\SXUNINST.INI
WinAVI Video Converter-->"c:\Program Files\WinAVI Video Converter\unins000.exe"
WinChess-->C:\WINDOWS\IsUninst.exe -f"d:\Program Files\Home\WinChess 1.0\Uninst.isu"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Support Tools-->MsiExec.exe /I{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}
WinHTTrack Website Copier 3.33-->"d:\Program Files\WinHTTrack\unins000.exe"
WinMorph v2.01-->"d:\Program Files\WinMorph\unins000.exe"
WinZip-->"d:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WJChess 1.0-->D:\PROGRA~1\JeffProd\WJChess\UNWISE.EXE D:\PROGRA~1\JeffProd\WJChess\INSTALL.LOG
Wood Workshop-->MsiExec.exe /X{7AACE39E-A19F-468A-B130-6DBA27203075}
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
x264 H.264/AVC CODEC-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_x264 132 C:\WINDOWS\INF\x264vfw.inf
X'nStop 2.2-->"C:\Program Files\X'nStop 2.2\unins000.exe"
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
Yooda Map-->MsiExec.exe /I{633A27AE-C1C4-48E7-85D4-3C34994B5331}
Yooda Match Density-->MsiExec.exe /I{4BF5A325-DEB6-4F24-BF52-E4BF76329E56}
Zipcat Pro-->MsiExec.exe /I{8E8322AD-BA19-42F8-95D8-640D1CA1F57B}

======Hosts File======

127.0.0.1	unesourisetmoi.local.dev

======Security center information======

AV: Bitdefender Antivirus
FW: Bitdefender Firewall

System event log

Computer Name: LIFETEC
Event Code: 20159
Message: La connexion à alice2 effectuée par l'utilisateur bgri0085@tiscali.fr utilisant le périphérique COM3 a été déconnectée.

Record Number: 15680992
Source Name: RemoteAccess
Time Written: 20081129091519.000000+060
Event Type: Informations
User: 

Computer Name: LIFETEC
Event Code: 20158
Message: L'utilisateur bgri0085@tiscali.fr a établi une connexion à alice2 en utilisant le périphérique COM3.

Record Number: 15680991
Source Name: RemoteAccess
Time Written: 20081129085022.000000+060
Event Type: Informations
User: 

Computer Name: LIFETEC
Event Code: 20159
Message: La connexion à alice2 effectuée par l'utilisateur bgri0085@tiscali.fr utilisant le périphérique COM3 a été déconnectée.

Record Number: 15680990
Source Name: RemoteAccess
Time Written: 20081128174735.000000+060
Event Type: Informations
User: 

Computer Name: LIFETEC
Event Code: 20158
Message: L'utilisateur bgri0085@tiscali.fr a établi une connexion à alice2 en utilisant le périphérique COM3.

Record Number: 15680989
Source Name: RemoteAccess
Time Written: 20081128174353.000000+060
Event Type: Informations
User: 

Computer Name: LIFETEC
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

Record Number: 15680988
Source Name: Service Control Manager
Time Written: 20081128172648.000000+060
Event Type: Informations
User: 

Application event log

Computer Name: LIFETEC
Event Code: 1004
Message: Échec de détection du produit '{9028040C-6000-11D3-8CFE-0050048383C9}', fonctionnalité 'ProductFiles', composant '{9DD907C3-2BB1-11D2-A185-00A0C90AB50F}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTP.EXE' n'existe pas

Record Number: 3853
Source Name: MsiInstaller
Time Written: 20081008154706.000000+120
Event Type: Avertissement
User: LIFETEC\bg

Computer Name: LIFETEC
Event Code: 1004
Message: Échec de détection du produit '{9028040C-6000-11D3-8CFE-0050048383C9}', fonctionnalité 'ProductFiles', composant '{9DD907C3-2BB1-11D2-A185-00A0C90AB50F}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTP.EXE' n'existe pas

Record Number: 3852
Source Name: MsiInstaller
Time Written: 20081008154706.000000+120
Event Type: Avertissement
User: LIFETEC\bg

Computer Name: LIFETEC
Event Code: 1004
Message: Échec de détection du produit '{9028040C-6000-11D3-8CFE-0050048383C9}', fonctionnalité 'ProductFiles', composant '{9DD907C3-2BB1-11D2-A185-00A0C90AB50F}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTP.EXE' n'existe pas

Record Number: 3851
Source Name: MsiInstaller
Time Written: 20081008154706.000000+120
Event Type: Avertissement
User: LIFETEC\bg

Computer Name: LIFETEC
Event Code: 11729
Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration a échoué.

Record Number: 3850
Source Name: MsiInstaller
Time Written: 20081008152242.000000+120
Event Type: Informations
User: LIFETEC\bg

Computer Name: LIFETEC
Event Code: 1001
Message: Échec de détection du produit '{9028040C-6000-11D3-8CFE-0050048383C9}', fonctionnalité 'SpellingAndGrammarFiles_1033' lors de la demande du composant '{CC29EB3F-7BC2-11D1-A921-00A0C91E2AA2}'

Record Number: 3849
Source Name: MsiInstaller
Time Written: 20081008152241.000000+120
Event Type: Avertissement
User: LIFETEC\bg

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Support Tools\;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Autodesk Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0d06
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip

-----------------EOF-----------------



le 'www' est fait aussi pour communiquer, partager et échanger, non ?

   
Répondre à bg62

16

Destrio5, le 19 déc 2008 à 16:48:41

Ok.

---> Télécharge Lop S&D sur ton Bureau.
---> Double-clique dessus pour lancer l'installation.
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
---> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
---> Patiente jusqu'à la fin du scan.
---> Poste le rapport généré (C:\lopR.txt).

   
Répondre à Destrio5

17

bg62, le 19 déc 2008 à 16:52:06

C'est en route ... mais tu me fais faire quoi là ... c'est trop balaise pour moi !
b g
le 'www' est fait aussi pour communiquer, partager et échang­er, non ?

   
Répondre à bg62

18

Destrio5, le 19 déc 2008 à 16:53:06

Le RSIT, c'était pour avoir une vue d'ensemble on va dire.

   
Répondre à Destrio5

19

bg62, le 19 déc 2008 à 22:29:45

Ben voilà ... et là je crise !!!
trois rapports le premier te le dernier m'affichent une section " --------------------\\ ROOTKIT !!" qui m'inquiète ...
le voilà : 

   --------------------\\  Lop S&D 4.2.4-9c   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free :         Intel(R) Pentium(R) M processor 1.70GHz )
   BIOS : PhoenixBIOS 4.0 Release 6.0     
   USER : bg ( Administrator )
   BOOT : Normal boot
   Antivirus : Bitdefender Antivirus 8.0 (Activated)
   Firewall  : Bitdefender Firewall 8.0 (Activated)
   C:\ (Local Disk) - NTFS - Total:34 Go (Free:19 Go)
   D:\ (Local Disk) - NTFS - Total:40 Go (Free:24 Go)
   E:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
   Option : [1] ( 19/12/2008|21:46 )
 
   --------------------\\  Listing des dossiers dans APPLIC~1

   [30/01/2008|18:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [18/09/2007|10:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [17/09/2007|19:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Visicom Media

   [02/12/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
   [03/12/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [18/02/2006|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [13/07/2007|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
   [21/09/2007|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
   [08/09/2008|09:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
   [05/01/2006|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [06/05/2006|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\db net solutions
   [04/01/2006|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [07/08/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
   [04/11/2006|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [18/09/2007|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
   [14/12/2008|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [04/01/2006|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
   [12/10/2008|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [14/12/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
   [05/01/2006|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
   [12/10/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
   [14/12/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [19/12/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
   [02/12/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
   [25/11/2008|17:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhereIsIt
   [05/01/2006|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

   [18/03/2008|11:21] C:\DOCUME~1\bg\APPLIC~1\1&1
   [03/12/2008|20:52] C:\DOCUME~1\bg\APPLIC~1\Adobe
   [24/01/2007|15:44] C:\DOCUME~1\bg\APPLIC~1\AdobeAUM
   [16/10/2006|09:50] C:\DOCUME~1\bg\APPLIC~1\AdobeUM
   [05/11/2006|15:29] C:\DOCUME~1\bg\APPLIC~1\Ahead
   [01/07/2006|20:10] C:\DOCUME~1\bg\APPLIC~1\aignes
   [02/02/2006|20:34] C:\DOCUME~1\bg\APPLIC~1\Alien Skin
   [30/04/2006|11:31] C:\DOCUME~1\bg\APPLIC~1\Anvil Studio
   [18/02/2006|12:11] C:\DOCUME~1\bg\APPLIC~1\Apple Computer
   [23/12/2006|19:50] C:\DOCUME~1\bg\APPLIC~1\Artweaver
   [04/09/2007|18:03] C:\DOCUME~1\bg\APPLIC~1\Axialis
   [21/09/2007|05:51] C:\DOCUME~1\bg\APPLIC~1\Bitdefender
   [07/02/2008|22:42] C:\DOCUME~1\bg\APPLIC~1\Blumentals
   [08/09/2008|09:56] C:\DOCUME~1\bg\APPLIC~1\Canon
   [25/11/2008|11:47] C:\DOCUME~1\bg\APPLIC~1\CD Bank
   [14/01/2006|11:50] C:\DOCUME~1\bg\APPLIC~1\CyberLink
   [05/06/2008|13:28] C:\DOCUME~1\bg\APPLIC~1\Debris Visual Art
   [01/02/2006|20:40] C:\DOCUME~1\bg\APPLIC~1\DMCache
   [22/05/2008|17:53] C:\DOCUME~1\bg\APPLIC~1\EBookSys
   [29/08/2007|10:02] C:\DOCUME~1\bg\APPLIC~1\Eclipsit
   [17/09/2008|17:28] C:\DOCUME~1\bg\APPLIC~1\flashpaste
   [14/12/2008|10:00] C:\DOCUME~1\bg\APPLIC~1\Google
   [04/01/2006|18:42] C:\DOCUME~1\bg\APPLIC~1\Help
   [22/02/2006|16:55] C:\DOCUME~1\bg\APPLIC~1\Hyperionics
   [03/01/2006|20:26] C:\DOCUME~1\bg\APPLIC~1\Identities
   [13/10/2008|23:19] C:\DOCUME~1\bg\APPLIC~1\InstallShield
   [15/06/2006|21:52] C:\DOCUME~1\bg\APPLIC~1\Likno
   [05/12/2007|10:35] C:\DOCUME~1\bg\APPLIC~1\Macromedia
   [24/01/2006|20:45] C:\DOCUME~1\bg\APPLIC~1\Media Player Classic
   [12/07/2007|14:43] C:\DOCUME~1\bg\APPLIC~1\MegauploadToolbar
   [23/02/2006|18:02] C:\DOCUME~1\bg\APPLIC~1\Micrografx
   [14/12/2008|16:57] C:\DOCUME~1\bg\APPLIC~1\Microsoft
   [23/01/2006|18:05] C:\DOCUME~1\bg\APPLIC~1\Mootools
   [06/09/2008|11:15] C:\DOCUME~1\bg\APPLIC~1\Mozilla
   [06/10/2008|09:17] C:\DOCUME~1\bg\APPLIC~1\NCH Swift Sound
   [12/10/2008|20:36] C:\DOCUME~1\bg\APPLIC~1\Nero
   [04/01/2006|17:50] C:\DOCUME~1\bg\APPLIC~1\Netscape
   [18/07/2006|19:47] C:\DOCUME~1\bg\APPLIC~1\PSpad
   [14/01/2006|11:10] C:\DOCUME~1\bg\APPLIC~1\Real
   [07/04/2006|20:17] C:\DOCUME~1\bg\APPLIC~1\SignupShield
   [05/12/2007|17:53] C:\DOCUME~1\bg\APPLIC~1\Simple Sudoku
   [19/12/2008|18:02] C:\DOCUME~1\bg\APPLIC~1\Spyware Terminator
   [08/01/2006|00:58] C:\DOCUME~1\bg\APPLIC~1\Sun
   [17/04/2006|09:40] C:\DOCUME~1\bg\APPLIC~1\Talkback
   [04/01/2006|20:08] C:\DOCUME~1\bg\APPLIC~1\ThumbsPlus
   [27/03/2006|17:29] C:\DOCUME~1\bg\APPLIC~1\Thunderbird
   [02/12/2008|11:23] C:\DOCUME~1\bg\APPLIC~1\TuneUp Software
   [22/11/2008|17:41] C:\DOCUME~1\bg\APPLIC~1\U3
   [19/12/2006|17:38] C:\DOCUME~1\bg\APPLIC~1\uk.co.planetside
   [04/01/2006|17:56] C:\DOCUME~1\bg\APPLIC~1\Ultra Fractal 3
   [13/12/2008|20:48] C:\DOCUME~1\bg\APPLIC~1\uTorrent
   [04/01/2006|17:40] C:\DOCUME~1\bg\APPLIC~1\Visicom Media
   [06/08/2007|17:04] C:\DOCUME~1\bg\APPLIC~1\VSRevoGroup

   [03/01/2006|20:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [04/01/2006|21:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
   [18/09/2007|10:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [05/01/2006|19:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

   [18/09/2007|10:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [25/07/2007|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\X10 Commander
 
   --------------------\\  Tâches planifiées dans C:\WINDOWS\tasks

   [19/12/2008 21:00][--a------] C:\WINDOWS\tasks\1-Click Maintenance.job
   [19/12/2008 21:45][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{3AC4AFA8-0829-4309-809A-731BBABF44CD}.job
   [19/12/2008 17:54][--ah-----] C:\WINDOWS\tasks\SA.DAT
   [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

   --------------------\\  Listing des dossiers dans C:\Program Files

   [17/11/2006|16:52] C:\Program Files\1&1
   [12/01/2006|13:57] C:\Program Files\AC3Filter
   [18/02/2008|19:54] C:\Program Files\Adobe
   [01/07/2006|19:43] C:\Program Files\AM-DeadLink
   [30/04/2006|11:28] C:\Program Files\Anvil Studio
   [19/12/2008|19:48] C:\Program Files\a-squared Free
   [04/01/2006|10:47] C:\Program Files\ATI Technologies
   [10/01/2006|22:23] C:\Program Files\AviSynth 2.5
   [08/02/2006|17:54] C:\Program Files\Blagues
   [07/08/2007|18:31] C:\Program Files\Bonjour
   [04/01/2006|10:40] C:\Program Files\Broadcom
   [22/05/2008|17:52] C:\Program Files\CC Hyper File
   [21/01/2008|15:31] C:\Program Files\CCleaner
   [12/01/2006|13:58] C:\Program Files\Codecs X264
   [07/01/2006|18:11] C:\Program Files\Common Files
   [05/01/2006|18:52] C:\Program Files\CyberLink
   [11/01/2006|20:13] C:\Program Files\DivX
   [13/01/2006|20:26] C:\Program Files\Extensis
   [05/11/2006|19:42] C:\Program Files\ffdshow
   [19/12/2008|01:58] C:\Program Files\Fichiers communs
   [06/06/2007|09:50] C:\Program Files\FileZilla
   [20/05/2008|07:20] C:\Program Files\GetRight
   [29/01/2007|22:33] C:\Program Files\Google
   [26/06/2008|14:54] C:\Program Files\GooglePreviewIE Toolbar
   [06/01/2006|15:57] C:\Program Files\HighMAT CD Writing Wizard
   [05/01/2006|18:57] C:\Program Files\Home Cinema
   [14/12/2008|11:26] C:\Program Files\InstallShield Installation Information
   [04/01/2006|10:39] C:\Program Files\Intel
   [14/12/2008|11:48] C:\Program Files\Internet Explorer
   [18/12/2008|18:09] C:\Program Files\Java
   [04/01/2006|10:42] C:\Program Files\Launch Manager
   [18/09/2007|10:00] C:\Program Files\Ma‹do Production
   [12/01/2006|13:56] C:\Program Files\Matroska Pack
   [12/01/2006|18:29] C:\Program Files\Media Player Classic
   [04/10/2008|14:45] C:\Program Files\Messenger
   [04/01/2006|18:59] C:\Program Files\Microsoft Calculatrice Plus
   [03/01/2006|20:21] C:\Program Files\microsoft frontpage
   [12/10/2008|09:30] C:\Program Files\Microsoft Office
   [12/10/2008|09:30] C:\Program Files\Microsoft Visual Studio
   [12/10/2008|09:15] C:\Program Files\Microsoft Visual Studio 8
   [12/10/2008|09:31] C:\Program Files\Microsoft Works
   [12/10/2008|09:27] C:\Program Files\Microsoft.NET
   [04/10/2008|13:43] C:\Program Files\Movie Maker
   [19/12/2008|08:40] C:\Program Files\Mozilla Firefox
   [12/10/2008|09:31] C:\Program Files\MSBuild
   [02/01/2007|20:10] C:\Program Files\MSECache
   [03/01/2006|20:15] C:\Program Files\MSN
   [30/01/2008|18:30] C:\Program Files\msn gaming zone
   [16/11/2006|07:54] C:\Program Files\MSXML 4.0
   [06/10/2008|09:22] C:\Program Files\NCH Swift Sound
   [19/12/2008|01:55] C:\Program Files\Nero
   [04/10/2008|13:20] C:\Program Files\NetMeeting
   [07/01/2006|11:47] C:\Program Files\OfficeUpdate11
   [12/01/2006|13:59] C:\Program Files\On2 Technologies
   [03/01/2006|20:16] C:\Program Files\Online Services
   [04/10/2008|13:19] C:\Program Files\Outlook Express
   [10/01/2006|22:19] C:\Program Files\Pack PSP - Ri4m
   [25/09/2007|18:53] C:\Program Files\PDFCreator
   [04/01/2006|17:50] C:\Program Files\Photodex Presenter
   [04/01/2006|20:20] C:\Program Files\PowerPoint Viewer
   [18/07/2006|19:09] C:\Program Files\PSPad editor
   [18/02/2006|12:04] C:\Program Files\QuickTime
   [14/09/2008|14:46] C:\Program Files\Radio Fr Solo
   [14/12/2008|17:35] C:\Program Files\RamBoost XP
   [12/01/2006|18:29] C:\Program Files\Real Alternative
   [10/01/2006|22:18] C:\Program Files\RIAM Video Enhancer
   [10/01/2006|22:19] C:\Program Files\Ripp-It Codec Pack
   [12/01/2006|13:31] C:\Program Files\Ripp-it_AM
   [03/10/2008|07:46] C:\Program Files\SDHelper (Spybot - Search & Destroy)
   [03/01/2006|20:19] C:\Program Files\Services en ligne
   [19/04/2006|16:38] C:\Program Files\SiteMapBuilder.NET
   [19/12/2008|01:56] C:\Program Files\Softwin
   [19/12/2008|19:24] C:\Program Files\Spyware Terminator
   [08/01/2006|17:02] C:\Program Files\Ssce
   [03/01/2006|20:35] C:\Program Files\Support Tools
   [04/01/2006|10:45] C:\Program Files\Synaptics
   [03/10/2008|07:46] C:\Program Files\TeaTimer (Spybot - Search & Destroy)
   [12/10/2008|21:39] C:\Program Files\The GodFather
   [19/12/2008|16:42] C:\Program Files\trend micro
   [02/12/2008|11:22] C:\Program Files\TuneUp Utilities 2009
   [03/01/2006|20:26] C:\Program Files\Uninstall Information
   [11/12/2008|19:49] C:\Program Files\uTorrent
   [18/09/2007|10:01] C:\Program Files\VS Revo Group
   [19/08/2007|15:45] C:\Program Files\WinAVI Video Converter
   [19/12/2008|18:04] C:\Program Files\WinClamAVShield
   [25/07/2007|17:16] C:\Program Files\Windows Media Connect 2
   [04/10/2008|13:19] C:\Program Files\Windows Media Player
   [04/10/2008|13:19] C:\Program Files\Windows NT
   [12/10/2008|19:37] C:\Program Files\Windows Sidebar
   [03/01/2006|20:19] C:\Program Files\WindowsUpdate
   [04/01/2006|10:44] C:\Program Files\X10 Hardware
   [03/01/2006|20:21] C:\Program Files\xerox
   [12/01/2006|19:25] C:\Program Files\X'nStop 2.2
   [12/01/2006|13:55] C:\Program Files\XviD
   [14/03/2008|15:53] C:\Program Files\Yooda

   --------------------\\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [05/09/2007|07:58] C:\Program Files\Fichiers communs\Adobe
   [04/01/2006|21:47] C:\Program Files\Fichiers communs\Adobe Systems Shared
   [12/10/2008|13:56] C:\Program Files\Fichiers communs\Ahead
   [08/02/2006|14:50] C:\Program Files\Fichiers communs\Atlence
   [13/07/2007|10:08] C:\Program Files\Fichiers communs\Autodesk Shared
   [19/05/2007|16:15] C:\Program Files\Fichiers communs\DAZ
   [04/01/2006|20:22] C:\Program Files\Fichiers communs\Designer
   [04/01/2006|21:23] C:\Program Files\Fichiers communs\InstallShield
   [05/01/2006|19:03] C:\Program Files\Fichiers communs\Java
   [29/10/2007|07:15] C:\Program Files\Fichiers communs\Justdo
   [04/01/2006|22:19] C:\Program Files\Fichiers communs\Macromedia
   [07/08/2007|18:08] C:\Program Files\Fichiers communs\Macrovision Shared
   [19/12/2008|01:45] C:\Program Files\Fichiers communs\Microsoft Shared
   [03/01/2006|20:18] C:\Program Files\Fichiers communs\MSSoap
   [05/01/2006|18:40] C:\Program Files\Fichiers communs\muvee Technologies
   [12/10/2008|20:23] C:\Program Files\Fichiers communs\Nero
   [03/01/2006|21:09] C:\Program Files\Fichiers communs\ODBC
   [21/09/2007|05:47] C:\Program Files\Fichiers communs\Softwin
   [03/01/2006|21:09] C:\Program Files\Fichiers communs\SpeechEngines
   [28/02/2007|16:59] C:\Program Files\Fichiers communs\SWF Studio
   [04/10/2008|13:19] C:\Program Files\Fichiers communs\System

   --------------------\\  Process

   ( 55 Processes )

   ... OK !

   --------------------\\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\\  Verification du Registre
 
   ..... OK !

   --------------------\\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-12-19 21:55:39
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\\  Recherche d'autres infections

   --------------------\\  ROOTKIT !!

   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TDSSSERV.SYS]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys]

   --------------------\\  Cracks & Keygens ..

  
   
   [F:6][D:2]-> C:\DOCUME~1\bg\LOCALS~1\Temp
   [F:8][D:0]-> C:\DOCUME~1\bg\Cookies
   [F:238][D:5]-> C:\DOCUME~1\bg\LOCALS~1\TEMPOR~1\content.IE5
   [F:11][D:2]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 19/12/2008|20:41 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 19/12/2008|22:14 - Option : [1]

   --------------------\\  Fin du rapport a 22:14:25

reste plus à savoir ce qu'il faut faire maintenant
@+
b g
le 'www' est fait aussi pour communiquer, partager et échanger, non ?

   
Répondre à bg62

20

Destrio5, le 19 déc 2008 à 22:31:31

" --------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys]"

---> Justement, c'était le but.

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Je te conseille vivement d'installer la Console de récupération.

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\Combofix.txt

Tutoriel officiel :
http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

   
Répondre à Destrio5

21

bg62, le 20 déc 2008 à 10:57:07

Je télécharge ...lentement ... 

Je te conseille vivement d'installer la Console de récupération.

c'est combofix qui va me le demander ?
@+
b g
le 'www' est fait aussi pour communiquer, partager et échang­er, non ?

   
Répondre à bg62
70 réponses 1234 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide