Cheval de troie Win32:Vuku [Trj]

catwoman62 -  
BeFaX Messages postés 16334 Statut Contributeur -
Bonjour,
J'ai aujourd'hui un cheval de troie Win32:Vuku [Trj] détecté par avast et je n'y connais pas grand chose, je suis vriament très embêtée, aidez-moi svp
que dois-je faire ?
merci à vous
cordialement
cathy
Configuration: Windows XP
Firefox 3.0.10

32 réponses

  • 1
  • 2
  1. BeFaX Messages postés 16334 Statut Contributeur 3 863
     
    Le supprimer dans un premier temps ?
    2
    1. DKR55
       
      Avast me propose de le mettre en quarantaine mais ça revient régulièrement.....
      0
  2. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt

    une seul demande d'aide dans un post
    merci

    Télécharge ici :

    http://images.malwareremoval.com/random/RSIT.exe

    random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

    Double-clique sur RSIT.exe afin de lancer RSIT.

    Clique Continue à l'écran Disclaimer.

    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

    Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    1
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    remets un rapport usbfix option 1 aussi svp
    1
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. titimorti Messages postés 57 Statut Membre 2
     
    Où se trouve Win32:Vuku [Trj] ?
    0
    1. DKR55
       
      Dans content.IE5 et c:\sfide.exe\is.exe
      0
    2. DKR55
       
      Pour l'instant l'antivirus s'est calmé, mais j'ai un message d'erreur pour is.exe qui revient régulierement.
      En fait j'ai reçu un message via msn pour ouvrir un fichier facebook.... Et je pense que je suis en train de contaminer mes petits camarades dans mes contacts !
      0
    3. DKR55
       
      J'ai peu de probleme depuis l'attaque, parfois la souris est bloquée et je ne eux plus écrire les accents circonflexes : m^^eme ......

      C'est grave docteur ?
      0
      1. DKR55 > DKR55
         
        G perdu le controle de mon PC, plus d'IE, à peine mozilla, msn foutu, skype reste ok (mais j'ai peu d'amis !!!)
        Quand je vois dessous le nombre de manip, je crois que je vais redeployer en linux.........
        Je vous écris (desespéré) de mon vieux portable (celui que j'ai donné à mon fils de 6 ans pour s'amuser), en fait il est en linux, il rame mais je peux consulter mes mails, utiliser msoffice (pas imprimer mais c bon pour la planete) et aller sur le net ! Remarquez ce doit être ce que je fais à 99%...........

        Adieu à tous !!!!!!!!
        0
    4. DKR55
       
      G perdu le controle de mon PC, plus d'IE, à peine mozilla, msn foutu, skype reste ok (mais j'ai peu d'amis !!!)
      Quand je vois dessous le nombre de manip, je crois que je vais redeployer en linux.........
      Je vous écris (desespéré) de mon vieux portable (celui que j'ai donné à mon fils de 6 ans pour s'amuser), en fait il est en linux, il rame mais je peux consulter mes mails, utiliser msoffice (pas imprimer mais c bon pour la planete) et aller sur le net ! Re
      0
  6. Osef
     
    Salut moi aussi je viens de choper ce satané virus je suis sous vista en je suis en examen jai absolument besoin de mon pc!

    J'aimerais l'aide de gens qui s'y connaisse bien s'il vous plait.
    visiblement il n'y a rien encore sur ce virus, il a l'air récent.

    si je dois attendre avant que des gens trouve la solution j'aimerais savoir sil est conseillé d'éteindre son pc ou pas?

    la je viens de lancé malwarebytes

    je patiente

    jai le scan de hijackthis si vous avez besoin...

    Merci pour votre aide
    0
  7. Osef
     
    j'arrete malwarebytes ou je laisse continuer et j'installe en mem temps?

    merci de me consacré un peu de ton temps jlp² ^^
    0
  8. Osef
     
    ça c'est le contenu de log

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Romain at 2009-05-13 22:37:36
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 36 GB (8%) free of 465 GB
    Total RAM: 4094 MB (38% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:37:44, on 13/05/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18226)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\hp\kbd\kbd.exe
    C:\Users\Romain\AppData\Local\Temp\IXP000.TMP\d.exe
    C:\Program Files (x86)\Internet Explorer\ieuser.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser.exe
    C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Users\Romain\Desktop\RSIT.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\Romain.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O13 - Gopher Prefix:
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    0
  9. Osef
     
    ça c'est le contenu de info:

    info.txt logfile of random's system information tool 1.06 2009-05-13 22:37:51

    ======Uninstall list======

    -->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Bricks of Egypt\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Crystal Maze\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Digby's Donuts\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Diner Dash\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Fish Tycoon\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Gem Shop\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Magic Academy\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Mah Jong Quest\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\My HP Game Console\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Ocean Express\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Puzzle Express\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Ricochet Lost Worlds\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Sudoku Quest\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Super Granny\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Tradewinds\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Treasure Island\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
    -->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"
    -->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
    -->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x40c
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {00C5525B-3CB3-467D-8100-2E6FB306CD86}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    ABBYY FineReader 5.0 Sprint Plus-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
    Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
    Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe Acrobat 9 Pro - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000004}
    Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
    Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
    Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
    Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB}
    Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
    Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
    Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
    Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
    Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
    Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
    Adobe Contribute CS4-->MsiExec.exe /I{A6EC82A0-1414-475D-8AFD-469089F3080D}
    Adobe Creative Suite 4 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1
    Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}
    Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
    Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
    Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
    Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
    Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
    Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF}
    Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
    Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
    Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}
    Adobe Flash CS4 Extension - Flash Lite STI fr-->MsiExec.exe /I{BD423B54-8668-44B6-8610-D24514445E88}
    Adobe Flash CS4 STI-fr-->MsiExec.exe /I{48F9998C-3BA0-42D3-82E6-5882441EB8CE}
    Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
    Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->MsiExec.exe /X{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}
    Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
    Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
    Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
    Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
    Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
    Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
    Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
    Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
    Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}
    Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
    Adobe Media Player-->MsiExec.exe /X{9455959E-D588-EFAE-329C-F66CC797F32A}
    Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
    Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047}
    Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
    Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
    Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
    Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
    Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
    Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B}
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
    Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
    Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}
    Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
    Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
    Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
    Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD}
    Adobe SVG Viewer 3.0-->C:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
    Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
    Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
    Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
    Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
    AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
    AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
    Advanced Font Viewer 5.1-->"C:\Program Files (x86)\Advanced Font Viewer\unins000.exe"
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
    ArcSoft Software Suite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{66C8BE35-8BBB-472B-96C7-C7C9A499F988}\SETUP.EXE" -l0x40c
    Assassin's Creed-->C:\Program Files (x86)\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Azureus Vuze-->C:\Program Files (x86)\Azureus\uninstall.exe
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
    CyberLink DVD Suite Premium-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" -uninstall
    CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
    DVD Play BD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
    eMule-->"C:\Program Files (x86)\eMule\Uninstall.exe"
    EPSON Copy Utility-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x40c ADDREMOVEDLG
    EPSON Photo Print-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{057B1FBC-DA65-4FE3-ADC7-C1476E19F392}\setup.exe" -l0x40c MyUninstall
    EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
    EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
    EPSON Smart Panel-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall
    ESPRX600 Guide de référence-->C:\Program Files (x86)\EPSON\TPMANUAL\ESPRX600\REF_G\DOCUNINS.EXE
    ESPRX600 Guide des logiciels-->C:\Program Files (x86)\EPSON\TPMANUAL\ESPRX600\PQU_G\DOCUNINS.EXE
    ESPRX600 Guide fonctionnement-->C:\Program Files (x86)\EPSON\TPMANUAL\ESPRX600\COPY_G\DOCUNINS.EXE
    FontExplorer-->C:\Program Files (x86)\Linotype\uninstall.exe
    Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
    Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    GUILD WARS-->"C:\Program Files (x86)\GUILD WARS\Gw.exe" -uninstall
    Hauppauge MCE XP/Vista Software Encoder (2.0.25180)-->C:\PROGRA~2\WinTV\UNSftMCE.EXE C:\PROGRA~2\WinTV\softMCE.LOG
    Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{E0810CC2-4B5B-4439-B1D0-452306AF2D64}\setup.exe -runfromtemp -l0x0409
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}\setup.exe" -l0x9 -removeonly
    HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E1476612-02D6-42A3-BDC1-E292B4115738}\setup.exe" -l0x9 -removeonly
    HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
    HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
    Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
    K-Lite Mega Codec Pack 4.1.7-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
    kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
    La boite a couleurs version 1.6.15-->"C:\Program Files (x86)\LaBoiteACouleurs\unins000.exe"
    LabelPrint-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
    LightScribe System Software 1.12.37.1-->MsiExec.exe /X{004C5DA2-2051-4D25-94BA-51CF810C91EB}
    Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Mumble and Murmur-->C:\Program Files (x86)\Mumble\Uninstall.exe
    muvee autoProducer 6.1-->C:\Program Files (x86)\InstallShield Installation Information\{13086F8B-2AA9-4488-BC9C-BB6B912A5524}\muveesetup.exe -removeonly -runfromtemp
    My HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
    NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Outils de diagnostic du matériel-->C:\Program Files (x86)\PC-Doctor 5 for Windows\uninst.exe
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
    PIF DESIGNER2.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{23B59B9F-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
    Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
    Power2Go-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
    PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
    Python 2.5-->MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA}
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
    ScanToWeb-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
    Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
    Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
    Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u
    Sothink SWF Decompiler-->"C:\Program Files (x86)\SourceTec\Sothink SWF Decompiler\unins000.exe"
    Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
    System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
    TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe"
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    VLC media player 0.9.9-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

    ======Security center information======

    AV: avast! antivirus 4.8.1229 [VPS 081211-0]
    AS: Windows Defender
    AS: avast! antivirus 4.8.1229 [VPS 081211-0]

    ======System event log======

    Computer Name: PC-de-Romain
    Event Code: 4226
    Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
    Record Number: 71791
    Source Name: Tcpip
    Time Written: 20090512140159.142720-000
    Event Type: Avertissement
    User:

    Computer Name: PC-de-Romain
    Event Code: 4001
    Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

    Record Number: 71874
    Source Name: Microsoft-Windows-WLAN-AutoConfig
    Time Written: 20090513031940.366200-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-Romain
    Event Code: 15016
    Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
    Record Number: 71891
    Source Name: Microsoft-Windows-HttpEvent
    Time Written: 20090513134105.355404-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-Romain
    Event Code: 7026
    Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
    i8042prt
    Record Number: 71962
    Source Name: Service Control Manager
    Time Written: 20090513134132.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-Romain
    Event Code: 4374
    Message: Windows Servicing a déterminé que ce package KB905866(Update) n’est pas applicable à ce système.
    Record Number: 71993
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090513134801.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: PC-de-Romain
    Event Code: 10
    Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
    Record Number: 1330725
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090513134131.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-Romain
    Event Code: 3013
    Message: Impossible de mettre à jour l'entrée <C:\USERS\ROMAIN\DOWNLOADS\EMULE\TEMP\040.PART.MET.BACKUP> dans la configuration de hachage.

    Contexte : Application , Catalogue SystemIndex

    Détails :
    Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)

    Record Number: 1330735
    Source Name: Microsoft-Windows-Search
    Time Written: 20090513174940.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-Romain
    Event Code: 3013
    Message: Impossible de mettre à jour l'entrée <C:\USERS\ROMAIN\DOWNLOADS\EMULE\TEMP\007.PART.MET.BACKUP> dans la configuration de hachage.

    Contexte : Application , Catalogue SystemIndex

    Détails :
    Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)

    Record Number: 1330736
    Source Name: Microsoft-Windows-Search
    Time Written: 20090513175034.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-Romain
    Event Code: 1000
    Message: Application défaillante iexplore.exe, version 7.0.6001.18226, horodatage 0x49ac95d6, module défaillant ole32.dll, version 6.0.6001.18000, horodatage 0x4791a74c, code d’exception 0xc0000005, décalage d’erreur 0x00038a2a, ID du processus 0x17c8, heure de début de l’application 0x01c9d3f84d3970d0.
    Record Number: 1330740
    Source Name: Application Error
    Time Written: 20090513182618.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-Romain
    Event Code: 1000
    Message: Application défaillante msnmsgr.exe, version 14.0.8064.206, horodatage 0x498cf586, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a783, code d’exception 0xc0000005, décalage d’erreur 0x0003dbba, ID du processus 0xf48, heure de début de l’application 0x01c9d3fd7d6b2410.
    Record Number: 1330743
    Source Name: Application Error
    Time Written: 20090513200643.000000-000
    Event Type: Erreur
    User:

    =====Security event log=====

    Computer Name: PC-de-Romain
    Event Code: 4672
    Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7

    Privilèges : SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 18050
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090507173102.692609-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-Romain
    Event Code: 4904
    Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PC-DE-ROMAIN$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Processus :
    ID du processus : 0xd94
    Nom du processus : C:\Windows\System32\VSSVC.exe

    Source de l’événement :
    Nom de la source : VSSAudit
    ID de la source de l’événement : 0x7b7a39
    Record Number: 18051
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090507173243.091609-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-Romain
    Event Code: 4905
    Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PC-DE-ROMAIN$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Processus :
    ID du processus : 0xd94
    Nom du processus : C:\Windows\System32\VSSVC.exe

    Source de l’événement :
    Nom de la source : VSSAudit
    ID de la source de l’événement : 0x7b7a39
    Record Number: 18052
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090507173243.091609-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-Romain
    Event Code: 5032
    Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

    Code d’erreur : 2
    Record Number: 18053
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090507175931.001000-000
    Event Type: Échec de l'audit
    User:

    Computer Name: PC-de-Romain
    Event Code: 5032
    Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

    Code d’erreur : 2
    Record Number: 18054
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090507175931.001000-000
    Event Type: Échec de l'audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\QuickTime\QTSystem\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 7, GenuineIntel
    "PROCESSOR_REVISION"=1707
    "NUMBER_OF_PROCESSORS"=4
    "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
    "DFSTRACINGON"=FALSE
    "OnlineServices"=Online Services
    "Platform"=HPD
    "PCBRAND"=Pavilion
    "MSWorksProductCode"={3B160861-7250-451E-B5EE-8B92BF30A710}
    "CLASSPATH"=.;C:\Program Files (x86)\Java\jre1.6.0_01\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files (x86)\Java\jre1.6.0_01\lib\ext\QTJava.zip

    -----------------EOF-----------------
    0
  10. Osef
     
    re Salut jlpjlp

    tu ten sort ou pas du tout, comme tu donne pas signe de vie peut etre que ta abandonné, ce que je comprendrai
    mais je préferai le savoir

    Merci a toi

    si qq1 a une autre idée je prends c'ets vraiment la galère j'ai bientot mes examens c'est la panique la !

    MAYDAY !

    ps: je suis sous vistakaka
    et bizarement le paternel a cliquer sur un lien reçu par msn facebook/images avec ladresse de msn donc si qq1 lis ce message NE CLIQUER PAS !

    malwarebytes na pas détecté de virus
    et je n'ai pas d'alerte d'avast depuis un moment, mais qd je relance msn l'alerte win32:Vuku [Trj] revient direct

    si ça peu vous aidez
    0
  11. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok

    tu as une infection qui provient d'un disque externe : clé usb ...

    Télécharge et install UsbFix de C_XX & Chiquitine29

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

    # Double clic sur le raccourci UsbFix présent sur ton bureau .

    # Choisis l'option 1 ( Recherche )

    # Laisse travailler l'outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra.

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    __________________

    mettre a jour internet explorer
    pour VISTA:
    http://download.microsoft.com/download/5/9/8/598CDBFA-4C11-45BA-8283-91439C7B8E5B/IE8-WindowsVista-x86-FRA.exe

    _____________

    mettre à jour adobe reader puis supprimer les anciennes version via le panneau de configuration
    https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html

    ou passer a un navigateur alternatif ce qui évitera les virus circulant via les PDF comme foxit reader (ne pas metre les barres foxit, ask, ebay..)

    http://www.commentcamarche.net/telecharger/telechargement 205 foxit reader

    _____________

    Mettre a jour java:
    https://javara.fr.malavida.com/

    Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
    Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
    Double-clique sur le répertoire JavaRa obtenu.
    Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
    Clique sur Search For Updates.
    Sélectionne Update Using jucheck.exe puis clique sur Search.
    Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
    Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
    Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
    Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
    Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
    (c:\JavaRa.log)
    Ferme l'application.

    si cela ne fonctionne pas

    https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80

    tu peux désinstaller les vieilles versions.
    0
    1. Osef
       
      voila le raport de usbfix:



      ############################## [ UsbFix V3.019 # Scan ]

      # User : Romain (Administrateurs) # PC-DE-ROMAIN
      # Update on 13/05/09 by Chiquitine29, C_XX & Chimay8
      # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
      # Start at: 16:05:06 | 14/05/2009

      # Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz
      # Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
      # Internet Explorer 7.0.6001.18000
      # Windows Firewall Status : Disabled
      # AV : avast! antivirus 4.8.1229 [VPS 081211-0] 4.8.1229 [ Enabled | Updated ]

      # C:\ # Disque fixe local # 453,86 Go (76,64 Go free) [HP] # NTFS
      # D:\ # Disque fixe local # 11,9 Go (1,6 Go free) [FACTORY_IMAGE] # NTFS
      # E:\ # Disque fixe local # 465,76 Go (376,42 Go free) [HP2] # NTFS
      # F:\ # Disque CD-ROM
      # G:\ # Disque amovible # 7,54 Go (4,96 Go free) [MICHEL] # FAT32
      # H:\ # Disque amovible
      # I:\ # Disque amovible
      # J:\ # Disque amovible
      # K:\ # Disque amovible
      # L:\ # Disque fixe local # 152,66 Go (7,41 Go free) [GRILL'PAIN] # NTFS
      # M:\ # Disque amovible

      ############################## [ Processus actifs ]

      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Windows\SysWOW64\svchost.exe
      c:\hp\HPEZBTN\HPBtnSrv.exe
      C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
      c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
      C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\hp\support\hpsysdrv.exe
      C:\hp\KBD\KbdStub.exe
      C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
      C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

      ################## [ Registre # Startup ]

      HKCU_Main: "Local Page"="C:\\Windows\\system32\\blank.htm"
      HKCU_Main: "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
      HKCU_Main: "Start Page"="https://www.msn.com/fr-fr"
      HKLM_logon: "Userinit"="userinit.exe"
      HKLM_logon: "Windows Shell (ezShellStart)"="userinit.exe"
      HKLM_logon: "LegalNoticeCaption"=""
      HKLM_logon: "LegalNoticeText"=""
      HKLM_Run: hpsysdrv=c:\hp\support\hpsysdrv.exe
      HKLM_Run: KBD=C:\HP\KBD\KbdStub.EXE
      HKLM_Run: OsdMaestro=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
      HKLM_Run: SunJavaUpdateSched="C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
      HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      HKLM_Run: HP Software Update=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
      HKLM_Run: AdobeCS4ServiceManager="C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
      HKLM_Run: Adobe Acrobat Speed Launcher="C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
      HKLM_Run: Acrobat Assistant 8.0="C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
      HKLM_Run: Adobe_ID0ENQBO=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
      HKLM_Run: QuickTime Task="C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
      HKCU_Run: Sidebar=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      HKCU_Run: ehTray.exe=C:\Windows\ehome\ehTray.exe
      HKCU_Run: MsnMsgr="C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
      HKCU_Run: AdobeBridge=
      HKCU_Run: WMPNSCFG=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
      HKCU_Run: swg=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      HKCU_Run: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
      HKCU_Run: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\OsdMaestro=

      ################## [ Informations ]


      ################## [ Fichiers # Dossiers infectieux ]

      Found ! G:\RECYCLED\INFO.exe
      L:\autorun.inf # -> fichier appelé : "L:\RECYCLED\INFO.exe" ( absent ! )
      Found ! L:\autorun.inf
      Found ! L:\msvcr71.dll

      ################## [ Registre # Clés Run infectieuses ]


      ################## [ Registre # Mountpoints2 ]

      HKCU\Software\Microsoft\....\MountPoints2\G\Shell\AutoRun\command
      HKCU\Software\Microsoft\....\MountPoints2\G\Shell\explore\Command
      HKCU\Software\Microsoft\....\MountPoints2\G\Shell\open\Command
      HKCU\Software\Microsoft\....\MountPoints2\L\Shell\AutoRun\command
      HKCU\Software\Microsoft\....\MountPoints2\L\Shell\explore\Command
      HKCU\Software\Microsoft\....\MountPoints2\L\Shell\open\Command
      HKCU\Software\Microsoft\....\MountPoints2\{a8d3622f-9659-11dd-b472-001fc6db6bb1}\Shell\AutoRun\command
      HKCU\Software\Microsoft\....\MountPoints2\{a8d3622f-9659-11dd-b472-001fc6db6bb1}\Shell\explore\Command
      HKCU\Software\Microsoft\....\MountPoints2\{a8d3622f-9659-11dd-b472-001fc6db6bb1}\Shell\open\Command
      HKCU\Software\Microsoft\....\MountPoints2\{b9096aab-ada2-11dd-95c2-001fc6db6bb1}\Shell\AutoRun\command
      HKCU\Software\Microsoft\....\MountPoints2\{b9096aab-ada2-11dd-95c2-001fc6db6bb1}\Shell\explore\Command
      HKCU\Software\Microsoft\....\MountPoints2\{b9096aab-ada2-11dd-95c2-001fc6db6bb1}\Shell\open\Command

      ################## [ ! Fin du rapport # UsbFix V3.019 ! ]
      0
  12. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

    # Double clic sur le raccourci UsbFix présent sur ton bureau

    # choisis l'option 2 ( Suppression )

    # Ton bureau disparaitra et le pc redémarrera .

    # Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
    0
  13. Osef
     
    ça c'est le rapport de java( visblement j'ai eu un message me disant que je n'ai pas a installé la dernière version étant donné que je l'ais déjà):

    JavaRa 1.13 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Thu May 14 16:17:10 2009

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

    Found and removed: Software\JavaSoft\Java2D\1.6.0_01

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

    ------------------------------------

    Finished reporting.
    0
  14. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

    # Double clic sur le raccourci UsbFix présent sur ton bureau

    # choisis l'option 2 ( Suppression )

    # Ton bureau disparaitra et le pc redémarrera .

    # Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
    0
  15. Osef
     
    voici le rapport de usbfix

    jai fais exactement comme tu ma dit seulement maintenant le probleme c'ets que vista n'as pas aprécié et jai une fenetre qui souvre et qui me dit "explorateur de windows a cessé de fonctionné" puis "explorateur windows redémarre" et ça tous les 5/10secondes, que dois-je faire

    ############################## [ UsbFix V3.019 # Cleaning ]

    # User : Romain (Administrateurs) # PC-DE-ROMAIN
    # Update on 13/05/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 16:25:04 | 14/05/2009

    # Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz
    # Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
    # Internet Explorer 7.0.6001.18000
    # Windows Firewall Status : Disabled
    # AV : avast! antivirus 4.8.1229 [VPS 081211-0] 4.8.1229 [ Enabled | Updated ]

    # C:\ # Disque fixe local # 453,86 Go (76,46 Go free) [HP] # NTFS
    # D:\ # Disque fixe local # 11,9 Go (1,6 Go free) [FACTORY_IMAGE] # NTFS
    # E:\ # Disque fixe local # 465,76 Go (376,42 Go free) [HP2] # NTFS
    # F:\ # Disque CD-ROM
    # G:\ # Disque amovible # 7,54 Go (4,96 Go free) [MICHEL] # FAT32
    # H:\ # Disque amovible
    # I:\ # Disque amovible
    # J:\ # Disque amovible
    # K:\ # Disque amovible
    # L:\ # Disque fixe local # 152,66 Go (7,41 Go free) [GRILL'PAIN] # NTFS
    # M:\ # Disque amovible

    ############################## [ Processus actifs ]

    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Windows\SysWOW64\svchost.exe
    c:\hp\HPEZBTN\HPBtnSrv.exe
    C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Windows\SysWOW64\runonce.exe
    C:\Windows\SysWOW64\conime.exe

    ################## [ Fichiers # Dossiers infectieux ]

    (!) Not Deleted ! C:\Windows\system32\explorer.exe
    Deleted ! G:\RECYCLED\INFO.exe
    L:\autorun.inf # -> fichier appelé : "L:\RECYCLED\INFO.exe" ( absent ! )
    Deleted ! L:\autorun.inf
    Deleted ! L:\msvcr71.dll

    ################## [ Registre # Clés Run infectieuses ]

    ################## [ Registre # Mountpoints2 ]

    Deleted ! HKCU\Software\Microsoft\....\MountPoints2\G\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\....\MountPoints2\L\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{a8d3622f-9659-11dd-b472-001fc6db6bb1}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{b9096aab-ada2-11dd-95c2-001fc6db6bb1}\Shell\AutoRun\command

    ################## [ Listing des fichiers présent ]

    [05/01/2009 01:30|--a------|11] - C:\AuResult.ini
    [21/01/2008 04:50|-rahs----|333203] - C:\bootmgr
    [05/07/2008 00:03|-ra-s----|8192] - C:\BOOTSECT.BAK
    [10/10/2008 14:13|--a------|166620] - C:\ExtractLog.txt
    [14/05/2009 16:21|--a------|7684] - C:\JavaRa rapport.txt
    [14/05/2009 16:17|--a------|7684] - C:\JavaRa.log
    [01/12/2006 23:37|--a------|904704] - C:\msdia80.dll
    [?|?|?] - C:\pagefile.sys
    [10/10/2008 21:49|--a------|621] - C:\RHDSetup.log
    [17/10/2008 23:57|--a------|606] - C:\updatedatfix.log
    [14/05/2009 16:26|--a------|3026] - C:\UsbFix.txt
    [19/06/2007 16:26|---hs----|438328] - D:\boo.mgr
    [19/01/2008 00:45|---hs----|333203] - D:\bootmgr
    [29/10/2007 19:25|---hs----|1237] - D:\Desktop.ini
    [09/10/2008 20:43|--ahs----|129] - D:\MASTER.LOG
    [09/10/2008 20:43|---hs----|428] - D:\pcdr.ini
    [19/06/2007 16:22|---hs----|182323] - D:\protect.arabic
    [05/07/2007 11:44|---hs----|182298] - D:\protect.bulgarian
    [19/06/2007 16:22|---hs----|181572] - D:\protect.catalan
    [19/06/2007 16:22|---hs----|181898] - D:\protect.chinese hong kong
    [19/06/2007 16:22|---hs----|181916] - D:\protect.chinese simplified
    [19/06/2007 16:22|---hs----|181898] - D:\protect.chinese traditional
    [05/07/2007 11:33|---hs----|181936] - D:\protect.croatian
    [04/07/2007 12:31|---hs----|181735] - D:\protect.czech
    [19/06/2007 16:22|---hs----|181680] - D:\protect.danish
    [19/06/2007 16:22|---hs----|181605] - D:\protect.dutch
    [19/06/2007 16:22|---hs----|181648] - D:\protect.ed
    [19/06/2007 16:22|---hs----|181648] - D:\protect.english
    [05/07/2007 10:37|---hs----|183351] - D:\protect.estonian
    [19/06/2007 16:22|---hs----|181648] - D:\protect.finnish
    [19/06/2007 16:22|---hs----|181616] - D:\protect.french
    [19/06/2007 16:22|---hs----|181650] - D:\protect.german
    [04/07/2007 12:33|---hs----|182717] - D:\protect.greek
    [04/07/2007 12:36|---hs----|182626] - D:\protect.hebrew
    [04/07/2007 12:37|---hs----|181696] - D:\protect.hungarian
    [19/06/2007 16:22|---hs----|181535] - D:\protect.italian
    [19/06/2007 16:22|---hs----|182351] - D:\protect.japanese
    [19/06/2007 16:22|---hs----|182043] - D:\protect.korean
    [05/07/2007 18:37|---hs----|182105] - D:\protect.latvian
    [05/07/2007 12:04|---hs----|181932] - D:\protect.lithuanian
    [04/07/2007 12:39|---hs----|181562] - D:\protect.norwegian
    [04/07/2007 12:39|---hs----|181741] - D:\protect.polish
    [04/07/2007 12:40|---hs----|181617] - D:\protect.portuguese
    [04/07/2007 12:40|---hs----|181866] - D:\protect.portuguese brazilian
    [04/07/2007 16:14|---hs----|182016] - D:\protect.romanian
    [19/06/2007 16:22|---hs----|211936] - D:\protect.russian
    [05/07/2007 11:32|---hs----|181959] - D:\protect.serbian latin
    [04/07/2007 12:46|---hs----|181954] - D:\protect.slovak
    [04/07/2007 12:47|---hs----|181936] - D:\protect.slovenian
    [19/06/2007 16:22|---hs----|181572] - D:\protect.spanish
    [04/07/2007 12:43|---hs----|181605] - D:\protect.swedish
    [04/07/2007 12:44|---hs----|182576] - D:\protect.thai
    [04/07/2007 12:44|---hs----|181829] - D:\protect.turkish
    [19/06/2007 16:22|---hs----|181648] - D:\protect.ukranian
    [05/07/2008 01:39|---hs----|44] - D:\RESTORE.INI
    [06/03/2009 23:21|--a------|5236575] - E:\1.jpg
    [26/03/2009 17:43|--a------|286399] - E:\6d_main.swf
    [10/05/2009 05:38|--a------|1967017] - E:\cube3d transparent essai1.ai
    [08/03/2009 06:16|--a------|129738] - E:\egofoto.swf
    [08/03/2009 06:49|--a------|108344] - E:\TiltViewer.swf
    [28/04/2009 17:40|--a------|24140974] - E:\Vector_Pack__SE7EN_by_Jonny_Doomsday.pdf
    [11/05/2009 02:55|--a------|883255] - E:\yuk_plaquette.pdf
    [16/04/2000 14:46|---------|300734] - G:\AKFVIEW.HLP
    [02/03/2009 11:03|--a------|2331] - G:\BBH.htm
    [17/01/2009 04:16|--a------|10121897] - G:\novo dernier1.swf
    [09/06/2008 03:49|--a------|20861952] - G:\novo dernier1.fla
    [16/06/2008 11:04|--a------|2369424] - G:\circulation.swf
    [16/06/2008 11:50|--a------|3956736] - G:\vertical.fla
    [16/06/2008 11:49|--a------|922944] - G:\vertical.swf
    [16/06/2008 11:12|--a------|5080576] - G:\circulation.fla
    [13/03/2009 09:21|--ah-----|4096] - G:\._.Trashes
    [16/06/2008 08:35|--a------|22919322] - G:\planche composite 118,8x42.pdf
    [13/06/2008 14:29|--a------|91628855] - G:\planche composite passage 118.8x42.pdf
    [16/06/2008 01:23|--a------|25537349] - G:\planche liens 118.pdf
    [06/06/2008 07:53|--a------|87596037] - G:\soliq planche 118.8x42.pdf
    [05/06/2008 07:33|--a------|22366541] - G:\Planche3 NOVO 118.8 x 42.pdf
    [06/06/2008 14:21|--a------|53587001] - G:\Planche Mont blanc 89.1x42.pdf
    [08/06/2008 18:00|--a------|472064] - G:\montblanc best1.fla
    [08/06/2008 17:59|--a------|41743] - G:\montblanc best1.swf
    [02/03/2009 10:31|--a------|284604] - G:\romainminisite.swf
    [16/02/2009 11:05|--a------|327680] - G:\romaindiaporama.fla
    [23/02/2009 12:41|--a------|363008] - G:\romainminisite.fla
    [17/02/2009 17:00|--a------|10452] - G:\Motivation multim‚dia ‚cole.docx
    [27/04/2009 11:14|--a------|18365] - G:\skindeep.jpg
    [20/02/2009 01:50|--a------|296] - G:\WMPInfo.xml
    [02/03/2009 10:31|--a------|1299] - G:\romainminisite.html
    [02/03/2009 12:27|--a------|40960] - G:\souperman.fla
    [02/03/2009 10:31|--a------|1271748] - G:\romainminisite.exe
    [13/03/2009 09:21|--ah-----|15364] - G:\.DS_Store
    [02/03/2009 12:18|--a------|99779] - G:\souperman.gif
    [02/03/2009 12:23|--a------|1851] - G:\souperman.swf
    [04/02/2009 13:45|--a------|1299640] - G:\MONKEY-VECT1.ai
    [04/02/2009 13:45|--a------|1417736] - G:\MONKEY-VECT2005.ai
    [30/03/2009 09:38|--a------|840] - G:\ReadMe.txt
    [30/03/2009 09:38|--a------|1252] - G:\License.txt
    [30/03/2009 09:38|--a------|257] - G:\UnInst.log
    [25/02/2009 15:50|--a------|148865] - G:\Roue_chromatique_grande.jpg
    [30/03/2009 11:37|--a------|2046] - G:\Sans titre-1.ai
    [06/05/2009 01:50|--a------|87610] - G:\photoshop-magazine-nouvelles-tendances-du-graphisme-web-43.html
    [30/03/2009 09:32|--a------|142] - G:\Card Observer - Business Card Design Inspiration.URL
    [30/03/2009 09:36|--a------|708418] - G:\akfv_st.exe
    [08/07/2000 13:28|--a------|493568] - G:\akFView.exe
    [21/03/1999 22:43|---------|223] - G:\akFView.cnt
    [17/11/2006 18:58|--a------|7601351] - L:\4x4 - copie1.ai
    [10/09/2008 04:35|--a------|95143] - L:\4x4 - copie1.jpg
    [29/08/2008 04:33|--a------|2875392] - L:\cv.indd
    [04/11/2003 03:43|--a------|49152] - L:\Demi-teintes couleur.8BF
    [24/10/2006 12:34|--a------|766550] - L:\julie.jpg
    [24/10/2006 14:16|--a------|12425482] - L:\julie.psd
    [06/12/2006 14:10|--a------|33102] - L:\logo canalplay.jpg
    [27/11/2007 08:16|--a------|6406791] - L:\makomaquette 3D.ai
    [27/11/2007 08:25|--a------|1736092] - L:\makomaquette 3D.jpg
    [27/11/2007 08:37|--a------|3922903] - L:\makomaquette site 3d.psd
    [05/01/2002 03:38|--a------|54784] - L:\msvci70.dll
    [29/09/2007 21:57|--a------|5] - L:\RavMonLog
    [01/12/2006 01:31|--a------|2372495] - L:\simply relocation.ai
    [01/12/2006 01:34|--a------|553643] - L:\site simply relocation cyanpur-cyanpur 25.psd
    [14/05/2009 00:59|--a------|12489] - L:\Sommaire du dossier de travaux Romain 2009.docx
    [14/05/2009 02:14|--a------|10752] - L:\Sommaire du Projet Professionnel grec.wps
    [06/12/2006 16:03|--ahs----|10240] - L:\Thumbs.db

    ################## [ Vaccination ]

    # C:\autorun.inf -> Folder created by UsbFix.
    # D:\autorun.inf -> Folder created by UsbFix.
    # E:\autorun.inf -> Folder created by UsbFix.
    # G:\autorun.inf -> Folder created by UsbFix.
    # L:\autorun.inf -> Folder created by UsbFix.

    ################## [ Cracks / Keygens / Serials ]

    # -> Nothing found !

    ################## [ ! Fin du rapport # UsbFix V3.019 ! ]
    0
  16. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Télécharge RavAntivirus d'Evosla :
    http://ww25.evosla.com/compteur.php?soft=rav_antivirus

    # Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
    # Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
    # Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
    # Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
    # Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
    # Retire tes disques amovibles et redémarrez votre ordinateur.
    # Poste le rapport, si infection!
    0
  17. Osef
     
    Bon bah ça fais 2h30 que rav travail, c'est normal que ça soit aussi long?

    il ya 4 ligne :

    virus trouvé: I:\RavMonlog
    virus trouvé en mémoire : RavMonLog
    virus Supprimé avec succès ==> I:\RavMonLog
    virus Supprimé avec Succès

    la barre en bas a gauche continue a s'animer de gauche a droite donc je soupçonne qu'il travail a coté c'ets écris :"Votre ordinateur est Sain"

    ya-t-il qqchose a faire ou simplement patienté?

    puis-je bossé a coté sur des logiciels photoshop etc?
    0
  18. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    non arrete!

    rav

    remets un rapport RSIT et dis comment va ton pc
    0
  19. Osef
     
    alors je lui est demander comment il allait, il réponds ceci:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Romain at 2009-05-14 20:51:49
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 77 GB (17%) free of 465 GB
    Total RAM: 4094 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:51:52, on 14/05/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18226)
    Boot mode: Normal

    Running processes:
    C:\Windows\SysWOW64\conime.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\Illustrator.exe
    C:\Users\Romain\Desktop\RSIT.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\Romain.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O13 - Gopher Prefix:
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    0
  20. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    scanne avec
    MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport

    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    ___________________

    Télécharge ToolsCleaner sur ton bureau.
    --> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    ps : pas besoin de m´envoyer le rapport si tout a été supprimé

    __________________

    encore des soucis?
    0
  • 1
  • 2