Problème avec des publicités qui s'ouvrent

jb61 -  
moment de grace Messages postés 30049 Statut Contributeur sécurité -
Bonjour, j'ai un problème avec internet, depuis deux semaines des publicités s'ouvrent toutes seules sur mon pc.
J'ai fait un scan avec Hijackthis mais je ne sais pas comment faire après.
Merci pour votre aide !!

Rapport du scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:59, on 27/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5290\ACEIEAddOn.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.85.0\HostIE.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll
O2 - BHO: Gameztar Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.2080\wso.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.85.0\HostIE.dll (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Gameztar Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.85.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.85.0\ZangoSA.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.85.0\Weather.exe" -auto
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VideoBarApp] C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvbapp.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Service Google Update (gupdate1c9e92765deed0d) (gupdate1c9e92765deed0d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

14 réponses

Réponse 1 / 14
lemarseilaidu49
 
slt tu peut telecharger ccleaner sa enleve tous les cookie
0
Réponse 2 / 14
jb61 Messages postés 3 Statut Membre
 
J'ai essayé mais ça n'a pas marché !
0
Réponse 3 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
bonjour

vu ton rapport il n'est pas surprenant d'avoir des pubs


Note importante :
Pour les ordinateurs équipés de Windows Vista et Windows 7, la désactivation du Contrôle des comptes utilisateurs est obligatoire
sous peine de ne pas pouvoir faire fonctionner correctement l'outil.
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

Téléchargez et enregistrez le fichier d installation sur le bureau
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe


Double cliquez sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.
Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
Au menu principal choisir l'option "s" et tapez sur [entrée] .
Laissez travailler l'outil et ne touchez à rien ...
Postez le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


0
jb61
 
Voici le rapport du scan:


.
======= RAPPORT D'AD-REMOVER 1.1.4.6_F | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 26.12.2009 à 20:47
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:49:06, 27/12/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
Nom du PC: PC-DE-JEAN-BAPT | Utilisateur actuel: jean-baptiste

Bonnes fêtes de fin d'année à vous tous :)
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
Service: WinSvc

C:\Users\JEAN-B~1\AppData\Roaming\Mozilla\FireFox\Profiles\o7qi6gqf.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
C:\Users\JEAN-B~1\FAVORI~1\MyQuickFinder.url
C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Poker\Poker 770
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Poker 770
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Zango
C:\Program Files\AskBarDis
C:\Program Files\Automated Content Enhancer
C:\Program Files\Content Management Wizard
C:\Program Files\Customized Platform Advancer
C:\Program Files\Everest Poker
C:\Program Files\Gameztar Toolbar
C:\Program Files\Internet Today
C:\Program Files\QuestService
C:\Program Files\ShoppingReport
C:\Program Files\Textual Content Provider
C:\Program Files\Web Search Operator
C:\Program Files\Winsudate
C:\Program Files\Zango
C:\Users\JEAN-B~1\AppData\Roaming\WeatherDPA
C:\Users\JEAN-B~1\AppData\Roaming\Zango
C:\Users\jean-baptiste\AppData\Local\Internet Today
C:\Users\jean-baptiste\AppData\LocalLow\Automated Content Enhancer
C:\Users\jean-baptiste\AppData\LocalLow\Customized Platform Advancer
C:\Users\jean-baptiste\AppData\LocalLow\ShoppingReport
C:\Users\jean-baptiste\AppData\LocalLow\Textual Content Provider
C:\Users\jean-baptiste\AppData\LocalLow\Web Search Operator
C:\Users\jean-baptiste\AppData\LocalLow\Zango
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\ProgramData\QuestService
C:\ProgramData\ZangoSA
C:\ProgramData\{CA8CD71A-7992-4226-B949-0D7C9976D2F3}
C:\Windows\Installer\862237.msi
C:\Users\Public\Desktop\Poker 770.lnk
.
HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\software\appdatalow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\software\Automated Content Enhancer
HKCU\software\appdatalow\software\CMW
HKCU\software\appdatalow\software\Customized Platform Advancer
HKCU\software\appdatalow\software\Gameztar Toolbar
HKCU\software\appdatalow\software\Media Access Startup
HKCU\software\appdatalow\software\ShoppingReport
HKCU\software\appdatalow\software\Web Search Operator
HKCU\software\appdatalow\software\Zango
HKCU\software\AskBarDis
HKCU\software\Gameztar Toolbar
HKCU\software\Grand Virtual
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKCU\software\microsoft\internet explorer\searchscopes\{342168F8-AE4A-41E8-A6B5-8FB9FECBEF37}
HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\VideoBarApp
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherDPA
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WinUsr
HKCU\software\Poker 770
HKCU\software\ShoppingReport
HKCU\software\zangosa
HKLM\software\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\software\appdatalow\AskBarDis
HKLM\software\appdatalow\software\Automated Content Enhancer
HKLM\software\appdatalow\software\Customized Platform Advancer
HKLM\software\appdatalow\software\Internet Today
HKLM\software\appdatalow\software\Web Search Operator
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
HKLM\Software\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}
HKLM\Software\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
HKLM\Software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}
HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}
HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842}
HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116}
HKLM\Software\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
HKLM\Software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
HKLM\Software\Classes\CLSID\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\Software\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
HKLM\software\classes\CntntCntr.CntntDic
HKLM\software\classes\CntntCntr.CntntDic.1
HKLM\software\classes\CntntCntr.CntntDisp
HKLM\software\classes\CntntCntr.CntntDisp.1
HKLM\software\classes\CoreSrv.CoreServices
HKLM\software\classes\CoreSrv.CoreServices.1
HKLM\software\classes\CoreSrv.LfgAx
HKLM\software\classes\CoreSrv.LfgAx.1
HKLM\software\classes\ExplorerBar.CMW
HKLM\software\classes\ExplorerBar.CMW.1
HKLM\software\classes\ExplorerBar.FunExplorer
HKLM\software\classes\ExplorerBar.FunExplorer.1
HKLM\software\classes\ExplorerBar.FunRedirector
HKLM\software\classes\ExplorerBar.FunRedirector.1
HKLM\software\classes\ExplorerBar.TCP
HKLM\software\classes\ExplorerBar.TCP.1
HKLM\software\classes\HbCoreSrv.DynamicProp
HKLM\software\classes\HbCoreSrv.DynamicProp.1
HKLM\software\classes\HBMain.CommBand
HKLM\software\classes\HBMain.CommBand.1
HKLM\software\classes\hbr.HbMain
HKLM\software\classes\hbr.HbMain.1
HKLM\software\classes\HostIE.Bho
HKLM\software\classes\HostIE.Bho.1
HKLM\software\classes\HostOL.MailAnim
HKLM\software\classes\HostOL.MailAnim.1
HKLM\software\classes\HostOL.WebmailSend
HKLM\software\classes\HostOL.WebmailSend.1
HKLM\software\classes\installer\Products\05391F592A3AB1944A4045DB3DD44BD9
HKLM\Software\Classes\Interface\{01009AEC-AFAA-4982-9F2B-6411C5C27E77}
HKLM\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
HKLM\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
HKLM\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
HKLM\Software\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
HKLM\Software\Classes\Interface\{AF55160D-CDE1-4A8B-8001-66DA06BEE740}
HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
HKLM\software\classes\ShoppingReport.HbAx
HKLM\software\classes\ShoppingReport.HbAx.1
HKLM\software\classes\ShoppingReport.HbInfoBand
HKLM\software\classes\ShoppingReport.HbInfoBand.1
HKLM\software\classes\ShoppingReport.IEButton
HKLM\software\classes\ShoppingReport.IEButton.1
HKLM\software\classes\ShoppingReport.IEButtonA
HKLM\software\classes\ShoppingReport.IEButtonA.1
HKLM\software\classes\ShoppingReport.RprtCtrl
HKLM\software\classes\ShoppingReport.RprtCtrl.1
HKLM\software\classes\Srv.CoreServices
HKLM\software\classes\Srv.CoreServices.1
HKLM\software\classes\Toolbar.HtmlMenuUI
HKLM\software\classes\Toolbar.HtmlMenuUI.1
HKLM\software\classes\Toolbar.ToolbarCtl
HKLM\software\classes\Toolbar.ToolbarCtl.1
HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
HKLM\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{5297E905-1DFB-4A9C-9871-A4F95FD58945}
HKLM\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM\Software\Classes\TypeLib\{89085678-632D-4DEB-BDA0-CD912C63203E}
HKLM\Software\Classes\TypeLib\{A56FE01C-77C4-4F5E-8198-E4B72207890A}
HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
HKLM\Software\Classes\TypeLib\{ABEC1835-3181-4ABD-8DDE-875AEC4DF6D2}
HKLM\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM\software\classes\Wallpaper.WallpaperManager
HKLM\software\classes\Wallpaper.WallpaperManager.1
HKLM\software\Media Access Startup
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0566A191-D675-4911-9C7E-50EDBEF90F32}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40574696-DB17-4512-A79C-FB6086F15C65}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4414A37B-E7E9-4ddc-855F-A581276D565B}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{731969D9-D88F-4f37-A384-D23638973AD2}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A451DAF9-C5AB-4a0e-B585-69012225002E}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
HKLM\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\05391F592A3AB1944A4045DB3DD44BD9
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZangoOE
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZangoSA
HKLM\Software\Mozilla\Firefox\Extensions\\{40f1eb95-4de4-4f36-a826-054ee36bb905}
HKLM\Software\Mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}
HKLM\Software\Mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}
HKLM\Software\Mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}
HKLM\software\Poker 770
HKLM\software\QuestService
HKLM\software\ShoppingReport
HKLM\software\Zango
HKLM\SYSTEM\ControlSet001\Services\winsvc
HKLM\SYSTEM\ControlSet002\Services\winsvc
HKLM\SYSTEM\CurrentControlSet\Services\winsvc
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\AskBarDis
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Automated Content Enhancer
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\CMW
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Customized Platform Advancer
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Gameztar Toolbar
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Media Access Startup
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\ShoppingReport
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Web Search Operator
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Zango
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\AskBarDis
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\Gameztar Toolbar
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\Grand Virtual
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\Poker 770
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\ShoppingReport
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\zangosa
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.6 [fr] *
.
Nom du profil: o7qi6gqf.default (jean-baptiste)
.
(JEAN-B~1, prefs.js) Browser.download.dir, C:\Users\jean-baptiste\Downloads
(JEAN-B~1, prefs.js) Browser.download.lastDir, C:\Users\jean-baptiste\Documents
(JEAN-B~1, prefs.js) Browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1392740&SearchSource=3&q={searchTerms}
(JEAN-B~1, prefs.js) Browser.search.selectedEngine, Gameztar Toolbar
(JEAN-B~1, prefs.js) Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://google.com
(JEAN-B~1, prefs.js) Extensions.enabledItems, {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,{E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960,illimitux@illimitux.net:3.4,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}:2.2.0.9,{8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0,{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7,{E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546,Zango@Zango.com:10.3.85.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.6
(JEAN-B~1, prefs.js) Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
.
(JEAN-B~1, prefs.js) TROUVE - CommunityToolbar.SearchFromAddressBarSavedUrl, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
(JEAN-B~1, prefs.js) TROUVE - Browser.search.defaultthis.engineName, MyPlayCity Customized Web Search
(JEAN-B~1, prefs.js) TROUVE - Browser.search.selectedEngine, Gameztar Toolbar
(JEAN-B~1, prefs.js) TROUVE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1
(JEAN-B~1, prefs.js) TROUVE - General.useragent.extra.hotvideobar, hotvideobar_3_1_939641899131923_9_254 VB_gameztar
(JEAN-B~1, prefs.js) TROUVE - Hotvideobar.startonce, false
(JEAN-B~1, prefs.js) TROUVE - Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
(JEAN-B~1, prefs.js) TROUVE - Noscript.untrusted, cpxinteractive.com every.com freelotto.com ikariam.fr mixmaster.fr sweetim.com hxxp://cpxinteractive.com hxxp://every.com hxxp://freelotto.com hxxp://ikariam.fr hxxp://mixmaster.fr hxxp://sweetim.com hxxps://cpxinteractive.com hxxps://every.com hxxps://freelotto.com hxxps://ikariam.fr hxxps://mixmaster.fr hxxps://sweetim.com
.
.
.
* Internet Explorer Version 7.0.6002.18005 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://google.com/
Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Enable Browser Extensions: yes
Use Search Asst: no
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Enable Browser Extensions: yes
Use Search Asst: no
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
605 Octet(s) - C:\Ad-Report-SCAN[1].log
22274 Octet(s) - C:\Ad-Report-SCAN[2].log
.
2542 Fichier(s) - C:\Users\JEAN-B~1\AppData\Local\Temp
19 Fichier(s) - C:\Windows\Temp
129 Fichier(s) - C:\Windows\Prefetch
.
3 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 21:11:07 | 27/12/2009 - SCAN[2]
.
============== E.O.F ==============
.


Merci !
0
Réponse 4 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
Même outil (Ad Remover)

Option L Lancer le nettoyage

Poster le rapport


ensuite


• Télécharge Random's System Information Tool (RSIT) de Random/Random.

http://images.malwareremoval.com/random/RSIT.exe

• Enregistre le sur ton Bureau.

• Double clique sur RSIT.exe pour lancer l'outil.

• Clique sur "Continue" à l'écran Disclaimer.

• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)

et tu devras accepter la licence.

• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp

Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt

0
jb61
 
Second rapport :

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_F | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 26.12.2009 à 20:47
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 21:41:23, 27/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
Nom du PC: PC-DE-JEAN-BAPT | Utilisateur actuel: jean-baptiste

Bonnes fêtes de fin d'année à vous tous :)
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: WinSvc

C:\Users\JEAN-B~1\AppData\Roaming\Mozilla\FireFox\Profiles\o7qi6gqf.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
C:\Users\JEAN-B~1\FAVORI~1\MyQuickFinder.url
C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Poker\Poker 770
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Poker 770
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Zango
C:\Program Files\AskBarDis
C:\Program Files\Automated Content Enhancer
C:\Program Files\Content Management Wizard
C:\Program Files\Customized Platform Advancer
C:\Program Files\Everest Poker
C:\Program Files\Gameztar Toolbar
C:\Program Files\Internet Today
C:\Program Files\QuestService
C:\Program Files\ShoppingReport
C:\Program Files\Textual Content Provider
C:\Program Files\Web Search Operator
C:\Program Files\Winsudate
C:\Program Files\Zango
C:\Users\JEAN-B~1\AppData\Roaming\WeatherDPA
C:\Users\JEAN-B~1\AppData\Roaming\Zango
C:\Users\jean-baptiste\AppData\Local\Internet Today
C:\Users\jean-baptiste\AppData\LocalLow\Automated Content Enhancer
C:\Users\jean-baptiste\AppData\LocalLow\Customized Platform Advancer
C:\Users\jean-baptiste\AppData\LocalLow\ShoppingReport
C:\Users\jean-baptiste\AppData\LocalLow\Textual Content Provider
C:\Users\jean-baptiste\AppData\LocalLow\Web Search Operator
C:\Users\jean-baptiste\AppData\LocalLow\Zango
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\ProgramData\QuestService
C:\ProgramData\ZangoSA
C:\ProgramData\{CA8CD71A-7992-4226-B949-0D7C9976D2F3}
C:\Windows\Installer\862237.msi
C:\Users\Public\Desktop\Poker 770.lnk

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\appdatalow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\software\Automated Content Enhancer
HKCU\software\appdatalow\software\CMW
HKCU\software\appdatalow\software\Customized Platform Advancer
HKCU\software\appdatalow\software\Gameztar Toolbar
HKCU\software\appdatalow\software\Media Access Startup
HKCU\software\appdatalow\software\ShoppingReport
HKCU\software\appdatalow\software\Web Search Operator
HKCU\software\appdatalow\software\Zango
HKCU\software\AskBarDis
HKCU\software\Gameztar Toolbar
HKCU\software\Grand Virtual
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKCU\software\microsoft\internet explorer\searchscopes\{342168F8-AE4A-41E8-A6B5-8FB9FECBEF37}
HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\VideoBarApp
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherDPA
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WinUsr
HKCU\software\Poker 770
HKCU\software\ShoppingReport
HKCU\software\zangosa
HKLM\software\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\software\appdatalow\AskBarDis
HKLM\software\appdatalow\software\Automated Content Enhancer
HKLM\software\appdatalow\software\Customized Platform Advancer
HKLM\software\appdatalow\software\Internet Today
HKLM\software\appdatalow\software\Web Search Operator
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
HKLM\Software\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}
HKLM\Software\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
HKLM\Software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}
HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}
HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842}
HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116}
HKLM\Software\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
HKLM\Software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
HKLM\Software\Classes\CLSID\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\Software\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
HKLM\software\classes\CntntCntr.CntntDic
HKLM\software\classes\CntntCntr.CntntDic.1
HKLM\software\classes\CntntCntr.CntntDisp
HKLM\software\classes\CntntCntr.CntntDisp.1
HKLM\software\classes\CoreSrv.CoreServices
HKLM\software\classes\CoreSrv.CoreServices.1
HKLM\software\classes\CoreSrv.LfgAx
HKLM\software\classes\CoreSrv.LfgAx.1
HKLM\software\classes\ExplorerBar.CMW
HKLM\software\classes\ExplorerBar.CMW.1
HKLM\software\classes\ExplorerBar.FunExplorer
HKLM\software\classes\ExplorerBar.FunExplorer.1
HKLM\software\classes\ExplorerBar.FunRedirector
HKLM\software\classes\ExplorerBar.FunRedirector.1
HKLM\software\classes\ExplorerBar.TCP
HKLM\software\classes\ExplorerBar.TCP.1
HKLM\software\classes\HbCoreSrv.DynamicProp
HKLM\software\classes\HbCoreSrv.DynamicProp.1
HKLM\software\classes\HBMain.CommBand
HKLM\software\classes\HBMain.CommBand.1
HKLM\software\classes\hbr.HbMain
HKLM\software\classes\hbr.HbMain.1
HKLM\software\classes\HostIE.Bho
HKLM\software\classes\HostIE.Bho.1
HKLM\software\classes\HostOL.MailAnim
HKLM\software\classes\HostOL.MailAnim.1
HKLM\software\classes\HostOL.WebmailSend
HKLM\software\classes\HostOL.WebmailSend.1
HKLM\software\classes\installer\Products\05391F592A3AB1944A4045DB3DD44BD9
HKLM\Software\Classes\Interface\{01009AEC-AFAA-4982-9F2B-6411C5C27E77}
HKLM\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
HKLM\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
HKLM\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
HKLM\Software\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
HKLM\Software\Classes\Interface\{AF55160D-CDE1-4A8B-8001-66DA06BEE740}
HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
HKLM\software\classes\ShoppingReport.HbAx
HKLM\software\classes\ShoppingReport.HbAx.1
HKLM\software\classes\ShoppingReport.HbInfoBand
HKLM\software\classes\ShoppingReport.HbInfoBand.1
HKLM\software\classes\ShoppingReport.IEButton
HKLM\software\classes\ShoppingReport.IEButton.1
HKLM\software\classes\ShoppingReport.IEButtonA
HKLM\software\classes\ShoppingReport.IEButtonA.1
HKLM\software\classes\ShoppingReport.RprtCtrl
HKLM\software\classes\ShoppingReport.RprtCtrl.1
HKLM\software\classes\Srv.CoreServices
HKLM\software\classes\Srv.CoreServices.1
HKLM\software\classes\Toolbar.HtmlMenuUI
HKLM\software\classes\Toolbar.HtmlMenuUI.1
HKLM\software\classes\Toolbar.ToolbarCtl
HKLM\software\classes\Toolbar.ToolbarCtl.1
HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
HKLM\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{5297E905-1DFB-4A9C-9871-A4F95FD58945}
HKLM\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM\Software\Classes\TypeLib\{89085678-632D-4DEB-BDA0-CD912C63203E}
HKLM\Software\Classes\TypeLib\{A56FE01C-77C4-4F5E-8198-E4B72207890A}
HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
HKLM\Software\Classes\TypeLib\{ABEC1835-3181-4ABD-8DDE-875AEC4DF6D2}
HKLM\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM\software\classes\Wallpaper.WallpaperManager
HKLM\software\classes\Wallpaper.WallpaperManager.1
HKLM\software\Media Access Startup
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0566A191-D675-4911-9C7E-50EDBEF90F32}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40574696-DB17-4512-A79C-FB6086F15C65}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4414A37B-E7E9-4ddc-855F-A581276D565B}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{731969D9-D88F-4f37-A384-D23638973AD2}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A451DAF9-C5AB-4a0e-B585-69012225002E}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
HKLM\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\05391F592A3AB1944A4045DB3DD44BD9
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZangoOE
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZangoSA
HKLM\Software\Mozilla\Firefox\Extensions\\{40f1eb95-4de4-4f36-a826-054ee36bb905}
HKLM\Software\Mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}
HKLM\Software\Mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}
HKLM\Software\Mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}
HKLM\software\Poker 770
HKLM\software\QuestService
HKLM\software\ShoppingReport
HKLM\software\Zango
HKLM\SYSTEM\ControlSet002\Services\winsvc
HKU\s-1-5-21-1407876068-1395202609-184458217-1000\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.6 [fr] *
.
Nom du profil: o7qi6gqf.default (jean-baptiste)
.
(JEAN-B~1, prefs.js) Browser.download.dir, C:\Users\jean-baptiste\Downloads
(JEAN-B~1, prefs.js) Browser.download.lastDir, C:\Users\jean-baptiste\Documents
(JEAN-B~1, prefs.js) Browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1392740&SearchSource=3&q={searchTerms}
(JEAN-B~1, prefs.js) Browser.search.selectedEngine, Gameztar Toolbar
(JEAN-B~1, prefs.js) Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://google.com
(JEAN-B~1, prefs.js) Extensions.enabledItems, {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,{E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960,illimitux@illimitux.net:3.4,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}:2.2.0.9,{8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0,{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7,{E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546,Zango@Zango.com:10.3.85.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.6
(JEAN-B~1, prefs.js) Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
.
(JEAN-B~1, prefs.js) EFFACE - CommunityToolbar.SearchFromAddressBarSavedUrl, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
(JEAN-B~1, prefs.js) EFFACE - Browser.search.defaultthis.engineName, MyPlayCity Customized Web Search
(JEAN-B~1, prefs.js) EFFACE - Browser.search.selectedEngine, Gameztar Toolbar
(JEAN-B~1, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1
(JEAN-B~1, prefs.js) EFFACE - General.useragent.extra.hotvideobar, hotvideobar_3_1_939641899131923_9_254 VB_gameztar
(JEAN-B~1, prefs.js) EFFACE - Hotvideobar.startonce, false
(JEAN-B~1, prefs.js) EFFACE - Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
(JEAN-B~1, prefs.js) EFFACE - Noscript.untrusted, cpxinteractive.com every.com freelotto.com ikariam.fr mixmaster.fr sweetim.com hxxp://cpxinteractive.com hxxp://every.com hxxp://freelotto.com hxxp://ikariam.fr hxxp://mixmaster.fr hxxp://sweetim.com hxxps://cpxinteractive.com hxxps://every.com hxxps://freelotto.com hxxps://ikariam.fr hxxps://mixmaster.fr hxxps://sweetim.com
.
.
.
* Internet Explorer Version 7.0.6002.18005 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Use Search Asst: no
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Enable Browser Extensions: yes
Use Search Asst: no
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
20511 Octet(s) - C:\Ad-Report-CLEAN[1].log
605 Octet(s) - C:\Ad-Report-SCAN[1].log
22647 Octet(s) - C:\Ad-Report-SCAN[2].log
605 Octet(s) - C:\Ad-Report-SCAN[3].log
.
3 Fichier(s) - C:\Users\JEAN-B~1\AppData\Local\Temp
2 Fichier(s) - C:\Windows\Temp
0 Fichier(s) - C:\Windows\Prefetch
.
23 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
2119 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 22:19:50 | 27/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.
0
jb61 > jb61
 
rapport à partir de Random's System Information Tool:
(log.txt)


Logfile of random's system information tool 1.06 (written by random/random)
Run by jean-baptiste at 2009-12-27 22:50:36
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 104 GB (46%) free of 228 GB
Total RAM: 3068 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:51:15, on 27/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jean-baptiste\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\jean-baptiste.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Service Google Update (gupdate1c9e92765deed0d) (gupdate1c9e92765deed0d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
0
jb61 > jb61
 
Second rapport à partir de Random's System Information Tool:
(info.txt)


info.txt logfile of random's system information tool 1.06 2009-12-27 22:51:20

======Uninstall list======

-->"C:\Program Files\HP Games\5 Card Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files\HP Games\Age of Castles\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Capoeira Fighter 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
-->"C:\Program Files\HP Games\Granny in Paradise\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Mahjongg Artifacts\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Pool\Uninstall.exe"
-->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\The Treasures of Montezuma\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe"
AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x040c
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Catalyst Control Center - Branding-->MsiExec.exe /I{187817E2-6407-461C-B59B-56CE73363D34}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DJ Mix Lite-->C:\Program Files\DJ Mix Lite\uninstall.exe
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
FIFA 08 Demo-->MsiExec.exe /X{7D1928D2-26FA-45FA-A4DD-A876D7293818}
Frets On Fire-->"C:\Program Files\Frets on Fire\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Gameztar Toolbar-->"C:\ProgramData\{CA8CD71A-7992-4226-B949-0D7C9976D2F3}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
Gameztar Toolbar-->C:\ProgramData\{CA8CD71A-7992-4226-B949-0D7C9976D2F3}\Setup.exe
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
GRID-->"C:\Program Files\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library-->"C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Common Access Service Library-->MsiExec.exe /I{732A3F80-008B-4350-BD58-EC5AE98707B8}
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly
HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP MediaSmart DVD-->"C:\Program Files\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS
HP MediaSmart SmartMenu-->MsiExec.exe /I{A7AC8E69-01FF-494E-9A2C-423B82CEA604}
HP MediaSmart TV-->"C:\Program Files\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart TV-->"C:\Program Files\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall /z
HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}\setup\hpzscr01.exe -datfile hposcr30.dat -onestop
HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.40 L1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 11.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
HP Total Care Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{95A747E0-DF19-46CB-A622-20A0107201BD}\setup.exe" -l0x9 -removeonly
HP Update-->MsiExec.exe /X{47F36D92-E58E-456D-B73C-3382737E4C42}
HP User Guides 0134-->MsiExec.exe /X{6ABE0E28-3A8E-4ADC-A050-784064B76236}
HP Wireless Assistant-->MsiExec.exe /X{E5E29403-3D25-40C6-892B-F9FEE2A95585}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x40c -remove -removeonly
IL-2 Sturmovik-->C:\Windows\UbiSoft\SetupUbi.exe -uninstall IL-2 Sturmovik
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
JMicron Flash Media Controller Driver-->"C:\Program Files\JMicron\JMCR_DIR\setup.exe" delpkg
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
LimeWire 5.1.3-->"C:\Program Files\LimeWire\uninstall.exe"
Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MotoGP 08 Demo-->"C:\Program Files\InstallShield Installation Information\{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}\setup.exe" -runfromtemp -l0x040c -removeonly
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
MyPlayCity Toolbar-->C:\PROGRA~1\MYPLAY~1\UNWISE.EXE /U C:\PROGRA~1\MYPLAY~1\INSTALL.LOG
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.2.11\InstStub.exe /X
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
OCR Software by I.R.I.S. 11.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenAL-->"C:\Program Files\OpenAL\OalinstGridRelease.exe" /U
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
OtsTurntables Free 1.00.027-->"C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OtsTTfre.osi"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\enecir.inf_1a3c82dd\enecir.inf
Poker 770-->"C:\Poker\Poker 770\_SetupCasino_5725.exe" /uninstall
Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
ProtectSmart Hard Drive Protection-->MsiExec.exe /X{9D615069-AA8F-4E89-AE9D-77AAE90F529F}
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
Sagem Wi-Fi 11g USB adapter (driver)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2ED60C17-4568-4CD5-830A-03C4688B09A1}\setup.exe" -l0x40c
SAGEM Wi-Fi 11g USB adapter (pilote)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7421E270-0140-4F62-AE39-ECB9F1C81B35}\setup.exe" -l0x40c
Sandlot Games Client Services 1.2.2-->"C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
ShopperReports-->C:\Program Files\ShoppingReport\Uninst.exe
SPORE Creature Creator Trial Edition-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
Steam-->C:\PROGRA~1\Steam\UNWISE.EXE C:\PROGRA~1\Steam\INSTALL.LOG
SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U
Tom Clancy's Rainbow Six: Lockdown Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70D52D20-82A5-43CC-85C1-C994FA2EC591}\Setup.exe" -l0x40c
Trial Bike Ultra-->"C:\Program Files\MyPlayCity.com\Trial Bike Ultra\unins000.exe"
Trials 2 Second Edition-->C:\Program Files\Trials 2 Second Edition\Uninstall.exe
UltraMixer 2.3.8-->"C:\Program Files\UltraMixer\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Zango-->"C:\Program Files\Zango\bin\10.3.85.0\ZangoUninstaller.exe" Web

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC-de-jean-bapt
Event Code: 7022
Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
Record Number: 38133
Source Name: Service Control Manager
Time Written: 20090817092741.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jean-bapt
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 38092
Source Name: Service Control Manager
Time Written: 20090817092717.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jean-bapt
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 38050
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090817092558.441600-000
Event Type: Erreur
User:

Computer Name: PC-de-jean-bapt
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 38034
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090817004212.416000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-jean-bapt
Event Code: 4227
Message: TCP/IP n’a pas pu établir une connexion sortante car le point de terminaison local sélectionné a été récemment utilisé pour se connecter au même point de terminaison distant. Cette erreur se produit généralement lorsque les connexions sortantes sont ouvertes et fermées à un débit élevé, provoquant l’utilisation de tous les ports locaux disponibles et obligeant TCP/IP à réutiliser un port local pour une connexion sortante. Pour réduire le risque d’altération des données, la norme TCP/IP exige qu’un laps de temps minimal s’écoule entre des connexions successives d’un point de terminaison local à un point de terminaison distant.
Record Number: 38018
Source Name: Tcpip
Time Written: 20090816202106.443000-000
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: PC-de-jean-bapt
Event Code: 8194
Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

Opération :
Données du rédacteur en cours de collecte

Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d’instance du rédacteur: {5c49533b-1cc7-44f7-ac15-50f47c2c2a7c}
Record Number: 473
Source Name: VSS
Time Written: 20090504181441.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jean-bapt
Event Code: 8194
Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

Opération :
Données du rédacteur en cours de collecte

Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d’instance du rédacteur: {5c49533b-1cc7-44f7-ac15-50f47c2c2a7c}
Record Number: 470
Source Name: VSS
Time Written: 20090504181405.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jean-bapt
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 464
Source Name: Microsoft-Windows-WMI
Time Written: 20090504181006.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jean-bapt
Event Code: 8194
Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

Opération :
Données du rédacteur en cours de collecte

Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d’instance du rédacteur: {a9711e31-b594-4287-8c74-a76fb10e96bf}
Record Number: 429
Source Name: VSS
Time Written: 20090504142721.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jean-bapt
Event Code: 8194
Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

Opération :
Données du rédacteur en cours de collecte

Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d’instance du rédacteur: {a9711e31-b594-4287-8c74-a76fb10e96bf}
Record Number: 425
Source Name: VSS
Time Written: 20090504140808.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-jean-bapt
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JEAN-BAPT$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 2

Nouvelle ouverture de session :
ID de sécurité : S-1-5-21-1407876068-1395202609-184458217-1000
Nom du compte : jean-baptiste
Domaine du compte : PC-de-jean-bapt
ID d’ouverture de session : 0x39a55
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x2fc
Nom du processus : C:\Windows\System32\winlogon.exe

Informations sur le réseau :
Nom de la station de travail : PC-DE-JEAN-BAPT
Adresse du réseau source : 127.0.0.1
Port source : 0

Informations détaillées sur l’authentification :
Processus d’ouverture de session : User32
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 1582
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090507170123.274227-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jean-bapt
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JEAN-BAPT$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : jean-baptiste
Domaine du compte : PC-de-jean-bapt
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x2fc
Nom du processus : C:\Windows\System32\winlogon.exe

Informations sur le réseau :
Adresse du réseau : 127.0.0.1
Port : 0

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 1581
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090507170123.274227-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jean-bapt
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1580
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090507170117.761006-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jean-bapt
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JEAN-BAPT$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x2a0
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 1579
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090507170117.761006-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jean-bapt
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JEAN-BAPT$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x2a0
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 1578
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090507170117.761006-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
jb61 Messages postés 3 Statut Membre
 
Merci pour votre aide !
0
Réponse 6 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
ok

1) trop d'antivirus, il y a conflits entre eux et les virus en profitent

le mieux c'est antivir

désinstaller norton
https://www.commentcamarche.net/faq/2453-supprimer-desinstaller-norton-antivirus-norton-internet-security

desinstaller avast
https://www.commentcamarche.net/telecharger/securite/22859-utilitaire-de-desinstallation-de-avast/

...........................

2)

Téléchargez USBFIX de Chiquitine29, C_xx

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097

/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur le bureau .

• Choisir l'option2
(d’autres options disponibles, voir le tutoriel).
• Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.

Si un message te demande de redémarrer l'ordinateur fais le ...

● Au redémarrage, le fix se relance... laisses l'opération s'effectuer.

● Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse


• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

..........................

3)
Téléchargez MalwareByte's Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam




0
jb61
 
Rapport avec UsbFix :


############################## | UsbFix V6.067 |

User : jean-baptiste (Administrateurs) # PC-DE-JEAN-BAPT
Update on 24/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 14:05:30 | 28/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) X2 Dual-Core QL-64
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 222,29 Go (101,38 Go free) # NTFS
D:\ -> Disque fixe local # 10,6 Go (1,79 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM # 126,08 Mo (0 Mo free) [livebox] # CDFS
F:\ -> Disque amovible # 244,48 Mo (177,42 Mo free) # FAT

############################## | Processus actifs |

C:\Windows\System32\smss.exe 464
C:\Windows\system32\csrss.exe 536
C:\Windows\system32\wininit.exe 600
C:\Windows\system32\csrss.exe 612
C:\Windows\system32\services.exe 648
C:\Windows\system32\lsass.exe 660
C:\Windows\system32\lsm.exe 668
C:\Windows\system32\winlogon.exe 740
C:\Windows\system32\svchost.exe 852
C:\Windows\system32\svchost.exe 936
C:\Windows\system32\Ati2evxx.exe 1036
C:\Windows\System32\svchost.exe 1052
C:\Windows\System32\svchost.exe 1096
C:\Windows\system32\svchost.exe 1168
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe 1192
C:\Windows\system32\SLsvc.exe 1472
C:\Windows\system32\svchost.exe 1492
C:\Windows\system32\Ati2evxx.exe 1552
C:\Windows\system32\Hpservice.exe 1568
C:\Windows\system32\svchost.exe 1656
C:\Windows\System32\spoolsv.exe 1944
C:\Windows\system32\taskeng.exe 2000
C:\Windows\system32\Dwm.exe 192
C:\Program Files\Avira\AntiVir Desktop\sched.exe 340
C:\Windows\system32\svchost.exe 384
C:\Windows\Explorer.EXE 404
C:\Windows\system32\taskeng.exe 528
C:\Windows\system32\runonce.exe 592
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe 788
C:\Windows\system32\conime.exe 512
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe 2272
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 2292
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2324
C:\Windows\system32\svchost.exe 2416
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2496
C:\Windows\System32\svchost.exe 2556
C:\Windows\System32\svchost.exe 2600
C:\Windows\system32\svchost.exe 2632
C:\Program Files\SMINST\BLService.exe 2652
C:\Program Files\CyberLink\Shared files\RichVideo.exe 2704
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2728
C:\Windows\system32\svchost.exe 2780
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe 2804
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe 2824
C:\Windows\System32\svchost.exe 2852
C:\Windows\system32\SearchIndexer.exe 2872
C:\Windows\system32\wbem\wmiprvse.exe 3208
C:\Windows\system32\PresentationSettings.exe 3476
C:\Windows\system32\svchost.exe 3924

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-18
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1407876068-1395202609-184458217-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1407876068-1395202609-184458217-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3661256019-2943968800-811760289-500
Supprimé ! D:\$Recycle.Bin\S-1-5-18
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1407876068-1395202609-184458217-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1407876068-1395202609-184458217-500
Non supprimé ! E:\autorun.inf

################## | Registre |

Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{ce14a3eb-38b0-11de-824a-806e6f6e6963}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[27/12/2009 22:19|--a------|21012] C:\Ad-Report-CLEAN[1].log
[27/12/2009 20:45|--a------|605] C:\Ad-Report-SCAN[1].log
[27/12/2009 21:11|--a------|22647] C:\Ad-Report-SCAN[2].log
[27/12/2009 21:40|--a------|605] C:\Ad-Report-SCAN[3].log
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[18/09/2006 22:43|--a------|10] C:\config.sys
[26/12/2009 22:57|--a------|286024] C:\ExtractLog.txt
[?|?|?] C:\hiberfil.sys
[31/07/2009 02:08|-rahs----|0] C:\IO.SYS
[31/07/2009 02:08|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[27/12/2009 13:39|--a------|159] C:\Setup.log
[28/12/2009 14:09|--a------|4597] C:\UsbFix.txt
[04/05/2009 14:45|---hs----|13] D:\BLOCK.RIN
[03/10/2006 22:02|---hs----|438328] D:\bootmgr
[04/11/2008 16:37|---hs----|1199] D:\Desktop.ini
[10/09/2002 15:14|---hs----|8134] D:\Folder.htt
[28/12/2009 14:03|--ahs----|196] D:\MASTER.LOG
[12/09/2008 16:17|---hs----|381873] D:\protect.arabic
[15/09/2008 14:57|---hs----|182624] D:\protect.bulgarian
[16/09/2002 13:37|---hs----|181898] D:\protect.chinese hong kong
[16/09/2002 13:37|---hs----|181916] D:\protect.chinese simplified
[16/09/2002 13:37|---hs----|181898] D:\protect.chinese traditional
[27/04/2006 15:19|---hs----|181865] D:\protect.czech
[03/11/2005 14:21|---hs----|181726] D:\protect.danish
[10/09/2002 12:56|---hs----|181605] D:\protect.dutch
[10/09/2002 12:50|---hs----|181651] D:\protect.ed
[22/11/2004 14:28|---hs----|181648] D:\protect.english
[03/11/2005 14:20|---hs----|181673] D:\protect.finnish
[03/11/2005 14:19|---hs----|181736] D:\protect.french
[03/11/2005 14:18|---hs----|181669] D:\protect.german
[23/11/2005 14:56|---hs----|182689] D:\protect.greek
[23/01/2006 08:18|---hs----|182605] D:\protect.hebrew
[28/08/2007 13:58|---hs----|181696] D:\protect.hungarian
[03/11/2005 14:17|---hs----|181554] D:\protect.italian
[19/06/2007 14:22|---hs----|182351] D:\protect.japanese
[24/11/2005 10:24|---hs----|218295] D:\protect.korean
[03/11/2005 14:15|---hs----|181578] D:\protect.norwegian
[25/04/2006 13:44|---hs----|181789] D:\protect.polish
[03/11/2005 14:13|---hs----|181624] D:\protect.portuguese
[27/10/2005 18:24|---hs----|181882] D:\protect.portuguese brazilian
[15/09/2008 14:57|---hs----|181735] D:\protect.romanian
[28/06/2004 07:52|---hs----|211936] D:\protect.russian
[04/07/2007 10:46|---hs----|181954] D:\protect.slovak
[03/11/2005 14:11|---hs----|181586] D:\protect.spanish
[10/09/2002 13:15|---hs----|181602] D:\protect.swedish
[12/08/2003 09:37|---hs----|181783] D:\protect.turkish
[11/01/2007 10:45|-r-------|60] E:\AUTORUN.inf
[28/12/2006 11:41|-r-------|47870] E:\Livebox.ico
[05/09/2005 12:12|-r-------|249856] E:\atw.exe
[11/01/2007 10:16|-r-------|112] E:\atw.ini
[09/01/2007 15:12|-r-------|119470] E:\controle_parental.swf
[09/01/2007 18:13|-r-------|6246] E:\cp.dcr
[29/01/2006 02:33|-r-------|1206112] E:\installation_livebox.exe
[01/10/2008 20:08|--a------|1238625] F:\IMGP1698.JPG
[05/09/2008 01:31|--a------|1260943] F:\IMGP1529.JPG
[05/09/2008 01:32|--a------|1270354] F:\IMGP1530.JPG
[05/09/2008 01:36|--a------|1242027] F:\IMGP1538.JPG
[04/08/2009 15:08|--a------|3214514] F:\IMG_0678.JPG
[01/10/2008 19:43|--a------|1231656] F:\IMGP1683.JPG
[26/02/2006 07:00|--a------|1068327] F:\DSCF0950.JPG
[25/12/2009 17:42|--a------|1170358] F:\DSCF0957.JPG
[27/02/2006 02:29|--a------|1125374] F:\DSCF0991.JPG
[27/02/2006 07:43|--a------|1101658] F:\DSCF1011.JPG
[25/12/2009 17:45|--a------|1189301] F:\DSCF1012.JPG
[27/02/2006 23:47|--a------|1074021] F:\DSCF1022.JPG
[25/12/2009 17:46|--a------|1180814] F:\DSCF1037.JPG
[02/09/2008 13:28|--a------|45681] F:\1992988681_small_1.jpg
[02/09/2008 13:28|--a------|60039] F:\1993046587_2.jpg
[31/08/2008 11:12|--a------|947856] F:\ag31-001.jpg
[30/08/2008 11:59|--a------|2310890] F:\DSC_0019.jpg
[30/08/2008 19:47|--a------|2713321] F:\DSC_0030a.jpg
[30/08/2008 19:53|--a------|2574095] F:\DSC_0038a.jpg
[30/08/2008 19:57|--a------|2647376] F:\DSC_0042a.jpg
[30/08/2008 12:17|--a------|2370903] F:\DSC_0051.jpg
[30/08/2008 12:19|--a------|2625229] F:\DSC_0056.jpg
[30/08/2008 12:20|--a------|2363659] F:\DSC_0061.jpg
[30/08/2008 12:26|--a------|2419177] F:\DSC_0068.jpg
[30/08/2008 12:26|--a------|2442810] F:\DSC_0069.jpg
[30/08/2008 12:27|--a------|2443714] F:\DSC_0070.jpg
[30/08/2008 13:34|--a------|2437436] F:\DSC_0153.jpg
[30/08/2008 13:57|--a------|2446602] F:\DSC_0174.jpg
[30/08/2008 14:05|--a------|2527923] F:\DSC_0180.jpg
[24/04/2006 01:07|--a------|1148593] F:\DSCF1104.JPG
[24/04/2006 01:15|--a------|1093448] F:\DSCF1118.JPG
[06/02/2006 05:51|--a------|1213727] F:\DSCF0848.JPG
[06/02/2006 05:51|--a------|1128822] F:\DSCF0849.JPG
[14/06/2008 18:04|--a------|1089212] F:\IMGA0018.JPG
[14/06/2008 18:45|--a------|1019436] F:\IMGA0039.JPG
[14/06/2008 19:49|--a------|1074509] F:\IMGA0066.JPG
[07/06/2008 15:38|--a------|1121449] F:\P6070025.JPG
[08/06/2008 18:31|--a------|1333219] F:\Photo 025.jpg
[08/06/2008 18:32|--a------|1089765] F:\Photo 035.jpg
[08/06/2008 18:32|--a------|1080777] F:\Photo 036.jpg
[08/06/2008 18:32|--a------|1037548] F:\Photo 037.jpg
[08/06/2008 18:32|--a------|961114] F:\Photo 038.jpg
[08/06/2008 18:32|--a------|988035] F:\Photo 039.jpg
[08/06/2008 18:32|--a------|950048] F:\Photo 040.jpg
[08/06/2008 18:32|--a------|965412] F:\Photo 041.jpg
[08/06/2008 18:32|--a------|989128] F:\Photo 042.jpg
[08/06/2008 18:32|--a------|1161005] F:\Photo 046.jpg
[25/08/2007 17:16|-r-h-----|23934] F:\winamp_cache_0001.xml
[07/11/2007 19:22|--ah-----|296] F:\WMPInfo.xml

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |
0
Réponse 7 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
vu


maintenant MalwareByte's Anti-Malware
0
jb61
 
Je suis en train de faire l'examen complet avec MalwareByte's Anti-Malware.

Je vous tient au courant des qu'il sera terminé.
0
jb61 > jb61
 
rapport avec MalwareByte's Anti-Malware:

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3444
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

28/12/2009 23:17:38
mbam-log-2009-12-28 (23-17-38).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 373999
Temps écoulé: 2 hour(s), 59 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 14

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\zango@zango.com (Adware.Zango) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\GAMEZT~1\213~1.667\ProductInfo.dll.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibcom.dll.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibidl.dll.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibsvc.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibupt.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibusr.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\48C8FBD2\B94081D6\ProductInfo.dll.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\aiaSetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\CMWSetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\ITSetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\ProductInfo.dll.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\psksetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\sessetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\TPSetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
0
jb61 > jb61
 
Merci beaucoup pour ton aide !!
0
Réponse 8 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
vu

tu peux vider la quarantaine

comment va le pc maintenant ?

fais un nouveau RSIT et postes moi le rapport log qu'on nettoie tout ca

0
jb61
 
Pour l'instant j'ai plus de problème avec les publicités, en espérant que ça dur !

Rapport avec RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by jean-baptiste at 2009-12-29 16:45:29
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 103 GB (45%) free of 228 GB
Total RAM: 3068 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:45:33, on 29/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\jean-baptiste\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\jean-baptiste.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Service Google Update (gupdate1c9e92765deed0d) (gupdate1c9e92765deed0d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
0
Réponse 9 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
ca va durer..

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)

▶ Télécharge et installe List&Kill'em et enregistre le sur ton bureau
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe

double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

coche la case "creer une icone sur le bureau"

une fois terminée , clic sur "terminer" et le programme se lancer seul

choisis la langue puis choisis l'option 1 = Mode Recherche

▶ laisse travailler l'outil

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

tu peux supprimer le rapport catchme.log de ton bureau maintenant.
0
Réponse 10 / 14
jb61 Messages postés 3 Statut Membre
 
Rapport du scan avec List&Kill'em:

List'em by g3n-h@ckm@n 1.1.6.2

Thx to Chiquitine29.....& CCM team

User : jean-baptiste (Administrateurs) # PC-DE-JEAN-BAPT
Update on 28/12/2009 by g3n-h@ckm@n ::::: 01:30
Start at: 17:04:44 | 29/12/2009
Contact : g3n-h@ckm@n sur CCM

AMD Athlon(tm) X2 Dual-Core QL-64
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Disabled

C:\ -> Disque fixe local | 222,29 Go (100,5 Go free) | NTFS
D:\ -> Disque fixe local | 10,6 Go (1,79 Go free) [RECOVERY] | NTFS
E:\ -> Disque CD-ROM | 126,08 Mo (0 Mo free) [livebox] | CDFS

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\Windows\System32\smss.exe 408
C:\Windows\system32\csrss.exe 536
C:\Windows\system32\wininit.exe 600
C:\Windows\system32\csrss.exe 612
C:\Windows\system32\services.exe 648
C:\Windows\system32\lsass.exe 664
C:\Windows\system32\lsm.exe 672
C:\Windows\system32\winlogon.exe 752
C:\Windows\system32\svchost.exe 860
C:\Windows\system32\svchost.exe 940
C:\Windows\system32\Ati2evxx.exe 1048
C:\Windows\System32\svchost.exe 1068
C:\Windows\System32\svchost.exe 1100
C:\Windows\system32\svchost.exe 1112
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe 1160
C:\Windows\system32\SLsvc.exe 1436
C:\Windows\system32\svchost.exe 1472
C:\Windows\system32\Ati2evxx.exe 1516
C:\Windows\system32\Hpservice.exe 1572
C:\Windows\system32\svchost.exe 1676
C:\Windows\system32\Dwm.exe 1828
C:\Windows\Explorer.EXE 1864
C:\Windows\System32\spoolsv.exe 2032
C:\Windows\system32\taskeng.exe 2040
C:\Program Files\Avira\AntiVir Desktop\sched.exe 276
C:\Windows\system32\svchost.exe 304
C:\Windows\system32\taskeng.exe 508
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe 1688
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe 1800
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 544
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 1776
C:\Windows\system32\svchost.exe 2108
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2252
C:\Windows\System32\svchost.exe 2288
C:\Windows\System32\svchost.exe 2340
C:\Windows\system32\svchost.exe 2356
C:\Program Files\SMINST\BLService.exe 2376
C:\Program Files\CyberLink\Shared files\RichVideo.exe 2424
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2464
C:\Windows\system32\svchost.exe 2512
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe 2552
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe 2572
C:\Windows\System32\svchost.exe 2664
C:\Windows\system32\SearchIndexer.exe 2692
C:\Windows\system32\svchost.exe 3464
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3856
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe 3892
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe 3948
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe 3976
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 4012
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe 4040
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe 2500
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe 2476
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe 1244
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe 1592
C:\Program Files\Common Files\Real\Update_OB\realsched.exe 428
C:\Program Files\IDT\WDM\sttray.exe 2436
C:\Windows\system32\wbem\unsecapp.exe 1632
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2116
C:\Program Files\Java\jre6\bin\jusched.exe 2332
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe 320
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe 2372
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2604
C:\Windows\ehome\ehtray.exe 2628
C:\Program Files\uTorrent\uTorrent.exe 2132
C:\Windows\system32\wbem\wmiprvse.exe 1348
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 3052
C:\Windows\ehome\ehmsas.exe 996
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 768
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe 2880
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe 1256
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 3984
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 3532
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 4068
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3528
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 1216
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 3236
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe 3228
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 5180
C:\Program Files\Windows Live\Contacts\wlcomm.exe 5352
C:\Program Files\Mozilla Firefox\firefox.exe 5620
C:\Windows\System32\NOTEPAD.EXE 3064
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe 5252
C:\Windows\system32\SearchProtocolHost.exe 3636
C:\Windows\system32\SearchFilterHost.exe 5600
C:\Program Files\List_Kill'em\List_Kill'em.exe 6060
C:\Windows\system32\conime.exe 312
C:\Windows\system32\cmd.exe 2184
C:\Windows\system32\wbem\wmiprvse.exe 2180
C:\Users\jean-baptiste\AppData\Local\Temp\40F8.tmp\pv.exe 3404

======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
LightScribe Control Panel REG_SZ C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HPAdvisor REG_SZ C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
Steam REG_SZ C:\Program Files\Steam\Steam.exe -silent
RGSC REG_SZ C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
uTorrent REG_SZ "C:\Program Files\uTorrent\uTorrent.exe"
ccleaner REG_SZ "C:\Program Files\CCleaner\ccleaner.exe" /AUTO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
StartCCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
DVDAgent REG_SZ "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
TSMAgent REG_SZ "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
CLMLServer for HP TouchSmart REG_SZ "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
TVAgent REG_SZ "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
UCam_Menu REG_SZ "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
SmartMenu REG_EXPAND_SZ %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
UpdateLBPShortCut REG_SZ "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
UpdatePSTShortCut REG_SZ "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
QlbCtrl.exe REG_SZ C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
UpdateP2GoShortCut REG_SZ "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
UpdatePDIRShortCut REG_SZ "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
HP Health Check Scheduler REG_SZ c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
WirelessAssistant REG_SZ C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
hpqSRMon REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
SystrayORAHSS REG_SZ "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
TkBellExe REG_SZ "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
SysTrayApp REG_EXPAND_SZ %ProgramFiles%\IDT\WDM\sttray.exe
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
ConsentPromptBehaviorAdmin REG_DWORD 2 (0x2)
ConsentPromptBehaviorUser REG_DWORD 1 (0x1)
EnableInstallerDetection REG_DWORD 1 (0x1)
EnableLUA REG_DWORD 0 (0x0)
EnableSecureUIAPaths REG_DWORD 1 (0x1)
EnableVirtualization REG_DWORD 1 (0x1)
PromptOnSecureDesktop REG_DWORD 1 (0x1)
ValidateAdminCodeSignatures REG_DWORD 0 (0x0)
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
scforceoption REG_DWORD 0 (0x0)
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
FilterAdministratorToken REG_DWORD 0 (0x0)
EnableUIADesktopToggle REG_DWORD 0 (0x0)
DisableStatusMessages REG_DWORD 0 (0x0)

===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 128 (0x80)
NoDriveAutoRun REG_DWORD 128 (0x80)
HonorAutoRunSetting REG_DWORD 0 (0x0)

===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
BindDirectlyToPropertySetStorage REG_DWORD 0 (0x0)
NoDriveAutoRun REG_DWORD 128 (0x80)
NoDriveTypeAutoRun REG_DWORD 128 (0x80)
HonorAutoRunSetting REG_DWORD 0 (0x0)

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ

===============

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{E54729E8-BB3D-4270-9D49-7389EA579090} REG_SZ EasyBits Security Shield Hook - prevents launching insecure programs by kids

===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe REG_SZ C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

===============
BHO :
======
[<NO NAME> REG_SZ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
Wlansvc : 0x2
SharedAccess : 0x3
windefend : 0x2
wuauserv : 0x2
wscsvc : 0x2

=========


E:\Autorun.inf :
----------------
[autorun]
icon=Livebox.ico
open=installation_livebox.exe

=======
Drive :
=======

D‚fragmenteur de disque Windows
Copyright (c) 2006 Microsoft Corp.

Rapport d'analyse pour le volume C:

Taille du volume = 222 Go
Espace libre = 101 Go
tendue d'espace libre la plus grande = 53.13 Go
Pourcentage de fragmentation des fichiers = 5 %

Remarqueÿ: sur les volumes NTFS, les fragments de fichiers de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.

Il n'est pas n‚cessaire de d‚fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
C:\Windows\System32\EZUPBH~1.DLL

¤¤¤¤¤¤¤¤¤¤ Keys :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks "{E54729E8-BB3D-4270-9D49-7389EA579090}"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker"
HKCR\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090}
HKCR\ezUPBHook.ShellObj
HKCR\ezUPBHook.ShellObj.1
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID
HKCR\TypeLib\{478CAB91-9E28-11D4-97FF-0050047D51FB}
HKLM\SYSTEM\ControlSet001\Enum\Root\Legacy_BHDRVX86
HKLM\SYSTEM\ControlSet002\Enum\Root\Legacy_BHDRVX86

================
Other infections
================

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-29 17:15:14
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

==========
Programs
==========

Activation Assistant for the 2007 Microsoft Office suites
Ad-Remover
Adobe
Alwil Software
AMD
AOL
Apple Software Update
Atheros
ATI
ATI Technologies
Avira
AviSynth 2.5
Capcom
CCleaner
Codemasters
Common Files
Conduit
CyberLink
desktop.ini
DIFX
DivX
DJ Mix Lite
EA Sports
EasyBits For Kids
eRightSoft
Fichiers communs
Frets on Fire
Google
Hewlett-Packard
Hewlett-Packard Company
HP
HP Games
IDT
InstallShield Installation Information
Internet Explorer
Java
JMicron
LimeWire
List_Kill'em
Malwarebytes' Anti-Malware
Micro Application
Microsoft
Microsoft Games
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
Microsoft Works
Microsoft.NET
Movie Maker
Mozilla Firefox
MSBuild
MSXML 4.0
muvee Technologies
MyPlayCity
MyPlayCity.com
Norton Support
Online Services
OpenAL
OrangeHSS
Pvm
QuickTime
Real
Realtek
Reference Assemblies
Securitoo
Skyline
SMINST
Steam
Synaptics
Trend Micro
Trials 2 Second Edition
Ubi Soft
Ubisoft
UltraMixer
Uninstall Information
uTorrent
VideoLAN
VirtualDJ
Wanadoo
Windows Calendar
Windows Collaboration
Windows Defender
Windows Journal
Windows Live
Windows Live SkyDrive
Windows Mail
Windows Media Player
Windows NT
Windows Photo Gallery
Windows Portable Devices
Windows Sidebar
WinRAR

============
Lecteur C:
============

$RECYCLE.BIN
.jagex_cache_32
Ad-Report-CLEAN[1].log
Ad-Report-SCAN[1].log
Ad-Report-SCAN[2].log
Ad-Report-SCAN[3].log
autoexec.bat
autorun.inf
boot
bootmgr
config.sys
Documents and Settings
ExtractLog.txt
Games
hiberfil.sys
HP
IO.SYS
Kill'em
List'em.txt
MSDOS.SYS
MSOCache
OtsLabs
pagefile.sys
PerfLogs
Poker
Program Files
ProgramData
rsit
Securitoo
Setup.log
SWSetup
System Volume Information
System.sav
TEMP
UsbFix
UsbFix.txt
Users
Windows

¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\PatchNew.py
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\PatchSEditorX_PDRFULL.bat
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLAUD.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLDemuxer.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLDumpDispatch.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLEdtDemuxer.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLM4Muxer.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLM4Splt.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLMediaDetect.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLMPEGVAnalyzer.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLMpgSplitter.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLSEditorMuxGraph.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLSEditorPushSrc.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLSEditorSplitGraph.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLSEditorX.ini
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_MpgMuxer.ini
C:\Program Files\HP Games\Polar Pool\levels\ice_cave\scene\crack.jpg
C:\Program Files\HP Games\Polar Pool\levels\ice_cave\scene\crack_alpha.jpg
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m23s\Patch-05-05-2009-16h06m23s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m23s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m27s\Patch-05-05-2009-16h06m27s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m27s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m30s\Patch-05-05-2009-16h06m30s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m30s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m33s\Patch-05-05-2009-16h06m33s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m33s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m38s\Patch-05-05-2009-16h06m38s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m38s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m42s\Patch-05-05-2009-16h06m42s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m42s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m45s\Patch-05-05-2009-16h06m45s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m45s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m49s\Patch-05-05-2009-16h06m49s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m49s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m53s\Patch-05-05-2009-16h06m53s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m53s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m56s\Patch-05-05-2009-16h06m56s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m56s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m58s\Patch-05-05-2009-16h06m58s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m58s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m01s\Patch-05-05-2009-16h07m01s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m01s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m05s\Patch-05-05-2009-16h07m05s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m05s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m08s\Patch-05-05-2009-16h07m08s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m08s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m12s\Patch-05-05-2009-16h07m12s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m12s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m16s\Patch-05-05-2009-16h07m16s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m16s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m19s\Patch-05-05-2009-16h07m19s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m19s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m22s\Patch-05-05-2009-16h07m22s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m22s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m26s\Patch-05-05-2009-16h07m26s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m26s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m31s\Patch-05-05-2009-16h07m31s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m31s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m34s\Patch-05-05-2009-16h07m34s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m34s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-05-2009-19h58m57s\Patch-05-05-2009-19h58m57s.log
C:\ProgramData\NortonInstaller\Logs\05-05-2009-19h58m57s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\05-06-2009-17h47m51s\Patch-05-06-2009-17h47m51s.log
C:\ProgramData\NortonInstaller\Logs\05-06-2009-17h47m51s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-21-2009-10h40m17s\Patch-08-21-2009-10h40m17s.log
C:\ProgramData\NortonInstaller\Logs\08-21-2009-10h40m17s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-21-2009-10h40m19s\Patch-08-21-2009-10h40m19s.log
C:\ProgramData\NortonInstaller\Logs\08-21-2009-10h40m19s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-21-2009-14h04m09s\Patch-08-21-2009-14h04m09s.log
C:\ProgramData\NortonInstaller\Logs\08-21-2009-14h04m09s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-22-2009-08h23m16s\Patch-08-22-2009-08h23m16s.log
C:\ProgramData\NortonInstaller\Logs\08-22-2009-08h23m16s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-23-2009-19h02m33s\Patch-08-23-2009-19h02m33s.log
C:\ProgramData\NortonInstaller\Logs\08-23-2009-19h02m33s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-23-2009-19h20m51s\Patch-08-23-2009-19h20m51s.log
C:\ProgramData\NortonInstaller\Logs\08-23-2009-19h20m51s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-25-2009-12h24m59s\Patch-08-25-2009-12h24m59s.log
C:\ProgramData\NortonInstaller\Logs\08-25-2009-12h24m59s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-26-2009-09h58m51s\Patch-08-26-2009-09h58m51s.log
C:\ProgramData\NortonInstaller\Logs\08-26-2009-09h58m51s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-27-2009-11h22m00s\Patch-08-27-2009-11h22m00s.log
C:\ProgramData\NortonInstaller\Logs\08-27-2009-11h22m00s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-27-2009-15h39m44s\Patch-08-27-2009-15h39m44s.log
C:\ProgramData\NortonInstaller\Logs\08-27-2009-15h39m44s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-28-2009-10h47m19s\Patch-08-28-2009-10h47m19s.log
C:\ProgramData\NortonInstaller\Logs\08-28-2009-10h47m19s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-29-2009-10h25m49s\Patch-08-29-2009-10h25m49s.log
C:\ProgramData\NortonInstaller\Logs\08-29-2009-10h25m49s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-30-2009-12h05m51s\Patch-08-30-2009-12h05m51s.log
C:\ProgramData\NortonInstaller\Logs\08-30-2009-12h05m51s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\08-31-2009-11h45m51s\Patch-08-31-2009-11h45m51s.log
C:\ProgramData\NortonInstaller\Logs\08-31-2009-11h45m51s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-01-2009-11h02m09s\Patch-09-01-2009-11h02m09s.log
C:\ProgramData\NortonInstaller\Logs\09-01-2009-11h02m09s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-02-2009-14h07m12s\Patch-09-02-2009-14h07m12s.log
C:\ProgramData\NortonInstaller\Logs\09-02-2009-14h07m12s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-03-2009-18h54m50s\Patch-09-03-2009-18h54m51s.log
C:\ProgramData\NortonInstaller\Logs\09-03-2009-18h54m50s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-04-2009-19h47m13s\Patch-09-04-2009-19h47m13s.log
C:\ProgramData\NortonInstaller\Logs\09-04-2009-19h47m13s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-05-2009-12h04m40s\Patch-09-05-2009-12h04m40s.log
C:\ProgramData\NortonInstaller\Logs\09-05-2009-12h04m40s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-06-2009-00h42m00s\Patch-09-06-2009-00h42m00s.log
C:\ProgramData\NortonInstaller\Logs\09-06-2009-00h42m00s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-06-2009-19h14m14s\Patch-09-06-2009-19h14m14s.log
C:\ProgramData\NortonInstaller\Logs\09-06-2009-19h14m14s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-06-2009-20h51m41s\Patch-09-06-2009-20h51m41s.log
C:\ProgramData\NortonInstaller\Logs\09-06-2009-20h51m41s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-06-2009-21h07m23s\Patch-09-06-2009-21h07m23s.log
C:\ProgramData\NortonInstaller\Logs\09-06-2009-21h07m23s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-06-2009-21h22m41s\Patch-09-06-2009-21h22m43s.log
C:\ProgramData\NortonInstaller\Logs\09-06-2009-21h22m41s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-07-2009-18h31m14s\Patch-09-07-2009-18h31m14s.log
C:\ProgramData\NortonInstaller\Logs\09-07-2009-18h31m14s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-07-2009-20h27m00s\Patch-09-07-2009-20h27m00s.log
C:\ProgramData\NortonInstaller\Logs\09-07-2009-20h27m00s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-08-2009-15h21m30s\Patch-09-08-2009-15h21m30s.log
C:\ProgramData\NortonInstaller\Logs\09-08-2009-15h21m30s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-08-2009-18h05m45s\Patch-09-08-2009-18h05m45s.log
C:\ProgramData\NortonInstaller\Logs\09-08-2009-18h05m45s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-09-2009-15h37m12s\Patch-09-09-2009-15h37m12s.log
C:\ProgramData\NortonInstaller\Logs\09-09-2009-15h37m12s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-09-2009-17h10m33s\Patch-09-09-2009-17h10m33s.log
C:\ProgramData\NortonInstaller\Logs\09-09-2009-17h10m33s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-10-2009-18h57m07s\Patch-09-10-2009-18h57m08s.log
C:\ProgramData\NortonInstaller\Logs\09-10-2009-18h57m07s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m12s\Patch-09-10-2009-19h08m12s.log
C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m12s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m14s\Patch-09-10-2009-19h08m14s.log
C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m14s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m16s\Patch-09-10-2009-19h08m16s.log
C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m16s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m20s\Patch-09-10-2009-19h08m20s.log
C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m20s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h04m29s\Patch-09-11-2009-17h04m29s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h04m29s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m06s\Patch-09-11-2009-17h16m06s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m06s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m10s\Patch-09-11-2009-17h16m10s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m10s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m15s\Patch-09-11-2009-17h16m15s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m15s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m24s\Patch-09-11-2009-17h16m24s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m24s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m29s\Patch-09-11-2009-17h16m29s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m29s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m33s\Patch-09-11-2009-17h16m33s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m33s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m42s\Patch-09-11-2009-17h16m42s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m42s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m47s\Patch-09-11-2009-17h16m47s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m47s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m52s\Patch-09-11-2009-17h16m52s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m52s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m55s\Patch-09-11-2009-17h16m55s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m55s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m57s\Patch-09-11-2009-17h16m57s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m57s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m01s\Patch-09-11-2009-17h17m01s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m01s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m04s\Patch-09-11-2009-17h17m04s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m04s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m06s\Patch-09-11-2009-17h17m06s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m06s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m09s\Patch-09-11-2009-17h17m09s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m09s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m12s\Patch-09-11-2009-17h17m12s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m12s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-21h24m57s\Patch-09-11-2009-21h24m57s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-21h24m57s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-12-2009-00h00m51s\Patch-09-12-2009-00h00m51s.log
C:\ProgramData\NortonInstaller\Logs\09-12-2009-00h00m51s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-12-2009-04h15m41s\Patch-09-12-2009-04h15m41s.log
C:\ProgramData\NortonInstaller\Logs\09-12-2009-04h15m41s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m23s\Patch-05-05-2009-16h06m23s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m23s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m27s\Patch-05-05-2009-16h06m27s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m27s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m30s\Patch-05-05-2009-16h06m30s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m30s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m33s\Patch-05-05-2009-16h06m33s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m33s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m38s\Patch-05-05-2009-16h06m38s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m38s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m42s\Patch-05-05-2009-16h06m42s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m42s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m45s\Patch-05-05-2009-16h06m45s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m45s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m49s\Patch-05-05-2009-16h06m49s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m49s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m53s\Patch-05-05-2009-16h06m53s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m53s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m56s\Patch-05-05-2009-16h06m56s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m56s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m58s\Patch-05-05-2009-16h06m58s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m58s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m01s\Patch-05-05-2009-16h07m01s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m01s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m05s\Patch-05-05-2009-16h07m05s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m05s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m08s\Patch-05-05-2009-16h07m08s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m08s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m12s\Patch-05-05-2009-16h07m12s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m12s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m16s\Patch-05-05-2009-16h07m16s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m16s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m19s\Patch-05-05-2009-16h07m19s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m19s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m22s\Patch-05-05-2009-16h07m22s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m22s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m26s\Patch-05-05-2009-16h07m26s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m26s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m31s\Patch-05-05-2009-16h07m31s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m31s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m34s\Patch-05-05-2009-16h07m34s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m34s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-19h58m57s\Patch-05-05-2009-19h58m57s.log
C:\Users\All Users\NortonInstaller\Logs\05-05-2009-19h58m57s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\05-06-2009-17h47m51s\Patch-05-06-2009-17h47m51s.log
C:\Users\All Users\NortonInstaller\Logs\05-06-2009-17h47m51s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-21-2009-10h40m17s\Patch-08-21-2009-10h40m17s.log
C:\Users\All Users\NortonInstaller\Logs\08-21-2009-10h40m17s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-21-2009-10h40m19s\Patch-08-21-2009-10h40m19s.log
C:\Users\All Users\NortonInstaller\Logs\08-21-2009-10h40m19s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-21-2009-14h04m09s\Patch-08-21-2009-14h04m09s.log
C:\Users\All Users\NortonInstaller\Logs\08-21-2009-14h04m09s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-22-2009-08h23m16s\Patch-08-22-2009-08h23m16s.log
C:\Users\All Users\NortonInstaller\Logs\08-22-2009-08h23m16s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-23-2009-19h02m33s\Patch-08-23-2009-19h02m33s.log
C:\Users\All Users\NortonInstaller\Logs\08-23-2009-19h02m33s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-23-2009-19h20m51s\Patch-08-23-2009-19h20m51s.log
C:\Users\All Users\NortonInstaller\Logs\08-23-2009-19h20m51s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-25-2009-12h24m59s\Patch-08-25-2009-12h24m59s.log
C:\Users\All Users\NortonInstaller\Logs\08-25-2009-12h24m59s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-26-2009-09h58m51s\Patch-08-26-2009-09h58m51s.log
C:\Users\All Users\NortonInstaller\Logs\08-26-2009-09h58m51s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-27-2009-11h22m00s\Patch-08-27-2009-11h22m00s.log
C:\Users\All Users\NortonInstaller\Logs\08-27-2009-11h22m00s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-27-2009-15h39m44s\Patch-08-27-2009-15h39m44s.log
C:\Users\All Users\NortonInstaller\Logs\08-27-2009-15h39m44s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-28-2009-10h47m19s\Patch-08-28-2009-10h47m19s.log
C:\Users\All Users\NortonInstaller\Logs\08-28-2009-10h47m19s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-29-2009-10h25m49s\Patch-08-29-2009-10h25m49s.log
C:\Users\All Users\NortonInstaller\Logs\08-29-2009-10h25m49s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-30-2009-12h05m51s\Patch-08-30-2009-12h05m51s.log
C:\Users\All Users\NortonInstaller\Logs\08-30-2009-12h05m51s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\08-31-2009-11h45m51s\Patch-08-31-2009-11h45m51s.log
C:\Users\All Users\NortonInstaller\Logs\08-31-2009-11h45m51s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-01-2009-11h02m09s\Patch-09-01-2009-11h02m09s.log
C:\Users\All Users\NortonInstaller\Logs\09-01-2009-11h02m09s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-02-2009-14h07m12s\Patch-09-02-2009-14h07m12s.log
C:\Users\All Users\NortonInstaller\Logs\09-02-2009-14h07m12s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-03-2009-18h54m50s\Patch-09-03-2009-18h54m51s.log
C:\Users\All Users\NortonInstaller\Logs\09-03-2009-18h54m50s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-04-2009-19h47m13s\Patch-09-04-2009-19h47m13s.log
C:\Users\All Users\NortonInstaller\Logs\09-04-2009-19h47m13s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-05-2009-12h04m40s\Patch-09-05-2009-12h04m40s.log
C:\Users\All Users\NortonInstaller\Logs\09-05-2009-12h04m40s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-00h42m00s\Patch-09-06-2009-00h42m00s.log
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-00h42m00s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-19h14m14s\Patch-09-06-2009-19h14m14s.log
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-19h14m14s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-20h51m41s\Patch-09-06-2009-20h51m41s.log
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-20h51m41s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-21h07m23s\Patch-09-06-2009-21h07m23s.log
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-21h07m23s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-21h22m41s\Patch-09-06-2009-21h22m43s.log
C:\Users\All Users\NortonInstaller\Logs\09-06-2009-21h22m41s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-07-2009-18h31m14s\Patch-09-07-2009-18h31m14s.log
C:\Users\All Users\NortonInstaller\Logs\09-07-2009-18h31m14s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-07-2009-20h27m00s\Patch-09-07-2009-20h27m00s.log
C:\Users\All Users\NortonInstaller\Logs\09-07-2009-20h27m00s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-08-2009-15h21m30s\Patch-09-08-2009-15h21m30s.log
C:\Users\All Users\NortonInstaller\Logs\09-08-2009-15h21m30s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-08-2009-18h05m45s\Patch-09-08-2009-18h05m45s.log
C:\Users\All Users\NortonInstaller\Logs\09-08-2009-18h05m45s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-09-2009-15h37m12s\Patch-09-09-2009-15h37m12s.log
C:\Users\All Users\NortonInstaller\Logs\09-09-2009-15h37m12s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-09-2009-17h10m33s\Patch-09-09-2009-17h10m33s.log
C:\Users\All Users\NortonInstaller\Logs\09-09-2009-17h10m33s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-18h57m07s\Patch-09-10-2009-18h57m08s.log
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-18h57m07s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m12s\Patch-09-10-2009-19h08m12s.log
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m12s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m14s\Patch-09-10-2009-19h08m14s.log
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m14s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m16s\Patch-09-10-2009-19h08m16s.log
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m16s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m20s\Patch-09-10-2009-19h08m20s.log
C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m20s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h04m29s\Patch-09-11-2009-17h04m29s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h04m29s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m06s\Patch-09-11-2009-17h16m06s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m06s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m10s\Patch-09-11-2009-17h16m10s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m10s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m15s\Patch-09-11-2009-17h16m15s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m15s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m24s\Patch-09-11-2009-17h16m24s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m24s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m29s\Patch-09-11-2009-17h16m29s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m29s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m33s\Patch-09-11-2009-17h16m33s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m33s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m42s\Patch-09-11-2009-17h16m42s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m42s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m47s\Patch-09-11-2009-17h16m47s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m47s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m52s\Patch-09-11-2009-17h16m52s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m52s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m55s\Patch-09-11-2009-17h16m55s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m55s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m57s\Patch-09-11-2009-17h16m57s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m57s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m01s\Patch-09-11-2009-17h17m01s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m01s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m04s\Patch-09-11-2009-17h17m04s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m04s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m06s\Patch-09-11-2009-17h17m06s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m06s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m09s\Patch-09-11-2009-17h17m09s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m09s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m12s\Patch-09-11-2009-17h17m12s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m12s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-21h24m57s\Patch-09-11-2009-21h24m57s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-21h24m57s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-12-2009-00h00m51s\Patch-09-12-2009-00h00m51s.log
C:\Users\All Users\NortonInstaller\Logs\09-12-2009-00h00m51s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-12-2009-04h15m41s\Patch-09-12-2009-04h15m41s.log
C:\Users\All Users\NortonInstaller\Logs\09-12-2009-04h15m41s\Patch.1.mft.7z
C:\Program Files\Microsoft Works\Install.exe
C:\SWSetup\MSWorks\Install.exe
C:\SWSetup\MSWorks\PFiles\MSWorks\Install.exe
C:\Windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 11 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
▶ Relance List&Kill'em avec le raccourci sur ton bureau ,

mais cette fois-ci :

▶ choisis l'option 2 = Mode Suppression

laisse travailler l'outil.

en fin de scan un rapport s'ouvre

▶ colle le contenu dans ta reponse


.................

ce soir ou demain je t'enverrai un post pour nettoyer..
0
jb61
 
Dsl de répondre que maintenant, j'étais occupé ces derniers jours.


rapport avec List&Kill'em:


Kill'em by g3n-h@ckm@n 1.1.6.2

User : jean-baptiste (Administrateurs) # PC-DE-JEAN-BAPT
Update on 28/12/2009 by g3n-h@ckm@n ::::: 01:30
Start at: 11:56:46 | 31/12/2009
Contact : g3n-h@ckm@n sur CCM

AMD Athlon(tm) X2 Dual-Core QL-64
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled

C:\ -> Disque fixe local | 222,29 Go (99,32 Go free) | NTFS
D:\ -> Disque fixe local | 10,6 Go (1,79 Go free) [RECOVERY] | NTFS
E:\ -> Disque CD-ROM | 6,43 Go (0 Mo free) [GRID] | UDF


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\Windows\System32\smss.exe 468
C:\Windows\system32\csrss.exe 536
C:\Windows\system32\wininit.exe 600
C:\Windows\system32\csrss.exe 608
C:\Windows\system32\services.exe 648
C:\Windows\system32\lsass.exe 660
C:\Windows\system32\lsm.exe 672
C:\Windows\system32\winlogon.exe 756
C:\Windows\system32\svchost.exe 856
C:\Windows\system32\svchost.exe 936
C:\Windows\system32\Ati2evxx.exe 1036
C:\Windows\System32\svchost.exe 1052
C:\Windows\System32\svchost.exe 1084
C:\Windows\system32\svchost.exe 1104
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe 1136
C:\Windows\system32\SLsvc.exe 1460
C:\Windows\system32\Ati2evxx.exe 1496
C:\Windows\system32\svchost.exe 1520
C:\Windows\system32\Hpservice.exe 1604
C:\Windows\system32\svchost.exe 1680
C:\Windows\system32\Dwm.exe 1876
C:\Windows\Explorer.EXE 1908
C:\Windows\System32\spoolsv.exe 2004
C:\Windows\system32\taskeng.exe 2028
C:\Program Files\Avira\AntiVir Desktop\sched.exe 124
C:\Windows\system32\svchost.exe 364
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe 844
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 996
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe 1416
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 1452
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe 1572
C:\Windows\system32\taskeng.exe 1536
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe 1780
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe 1208
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe 592
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe 2124
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe 2156
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe 2200
C:\Program Files\Common Files\Real\Update_OB\realsched.exe 2220
C:\Program Files\IDT\WDM\sttray.exe 2240
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2256
C:\Program Files\Java\jre6\bin\jusched.exe 2280
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe 2288
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe 2296
C:\Windows\ehome\ehtray.exe 2428
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 2548
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe 2792
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 2812
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2848
C:\Windows\system32\svchost.exe 3000
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 3032
C:\Windows\System32\svchost.exe 3060
C:\Windows\System32\svchost.exe 3108
C:\Windows\system32\svchost.exe 3172
C:\Program Files\SMINST\BLService.exe 3196
C:\Program Files\CyberLink\Shared files\RichVideo.exe 3212
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3288
C:\Windows\system32\svchost.exe 3340
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe 3376
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe 3400
C:\Windows\System32\svchost.exe 3440
C:\Windows\system32\SearchIndexer.exe 3464
C:\Windows\ehome\ehmsas.exe 3976
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe 524
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3348
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 1784
C:\Windows\system32\conime.exe 1308
C:\Windows\system32\svchost.exe 3640
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 4236
C:\Windows\system32\wbem\wmiprvse.exe 4388
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 4676
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe 4868
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 4928
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 4988
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe 5128
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 5216
C:\Windows\system32\wbem\wmiprvse.exe 5784
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4552
C:\Windows\system32\wbem\unsecapp.exe 3992
C:\Program Files\List_Kill'em\List_Kill'em.exe 4252
C:\Windows\system32\cmd.exe 4844
C:\Program Files\Mozilla Firefox\firefox.exe 2764
C:\Users\jean-baptiste\AppData\Local\Temp\F92D.tmp\pv.exe 4352

Detections :
==========


¤¤¤¤¤¤¤¤¤¤ Files/folders :

"C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log"
"C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log"
"C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log"
"C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log"
"C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log"
"C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log"
"C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log"
"C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log"
"C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log"
"C:\Windows\SYSTEM32\EZUPBH~1.DLL"


¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

Quarantine :

EZUPBH~1.DLL.Kill'em
{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log.Kill'em
{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log.Kill'em
{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log.Kill'em
{40BF1E83-20EB-11D8-97C5-0009C5020658}.log.Kill'em
{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log.Kill'em
{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log.Kill'em
{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log.Kill'em
{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log.Kill'em
{d36dd326-7280-11d8-97c8-000129760cbe}.log.Kill'em

==============
host file OK !
==============

========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{E54729E8-BB3D-4270-9D49-7389EA579090}
Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
Deleted : HKCR\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090}
Deleted : HKCR\ezUPBHook.ShellObj
Deleted : HKCR\ezUPBHook.ShellObj.1
Deleted : HKCR\Install.Install
Deleted : HKCR\Install.Install.1
Deleted : HKCR\TypeLib\{478CAB91-9E28-11D4-97FF-0050047D51FB}

============
Disk Cleaned
============

================
Prefetch cleaned
================



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 12 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
comment va le pc ?

relances RSIT et poste le rapport log stp
0
jb61
 
rapport avec RSIT:


Logfile of random's system information tool 1.06 (written by random/random)
Run by jean-baptiste at 2009-12-31 12:45:40
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 102 GB (45%) free of 228 GB
Total RAM: 3068 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:11, on 31/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\jean-baptiste\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\jean-baptiste.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Service Google Update (gupdate1c9e92765deed0d) (gupdate1c9e92765deed0d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
0
Réponse 13 / 14
Utilisateur anonyme
 
salut FYK 1&2
0
Réponse 14 / 14
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
▶ Télécharge OTM (OldTimer) sur ton Bureau :
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
▶ Double-clique sur OTM.exe afin de le lancer.
▶ Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
web mess.exe


:services
ASKUpgrade

:commands
[emptytemp]
[start explorer]
[reboot]
▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

*Le nom du rapport correspond au moment de sa création : date_heure.log
0

Discussions similaires

Help - fenêtre d'impression des PDF s'ouvre seul
Jenny5988 -
joe09 -

21 réponses
"Mes images" s'ouvre avec Paint
patrick-l -
Michle -

10 réponses
Mes programmes ne veulent plus se lancer
FlyEmirates -
pistouri -

9 réponses
Ouverture intempestive de la fenêtre d'impression
Cdsbureau -
Cdsbureau -

5 réponses
désactiver Paint pour...
chantaliere -
moniberg -

3 réponses