Problème avec des publicités qui s'ouvrent

jb61 -  
moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour, j'ai un problème avec internet, depuis deux semaines des publicités s'ouvrent toutes seules sur mon pc.
J'ai fait un scan avec Hijackthis mais je ne sais pas comment faire après.
Merci pour votre aide !!

Rapport du scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:59, on 27/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5290\ACEIEAddOn.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.85.0\HostIE.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll
O2 - BHO: Gameztar Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.2080\wso.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.85.0\HostIE.dll (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Gameztar Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.85.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.85.0\ZangoSA.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.85.0\Weather.exe" -auto
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VideoBarApp] C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvbapp.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Service Google Update (gupdate1c9e92765deed0d) (gupdate1c9e92765deed0d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

--
End of file - 17685 bytes

Merci !!
Configuration: Windows Vista
Firefox 3.5.6

14 réponses

  1. lemarseilaidu49
     
    slt tu peut telecharger ccleaner sa enleve tous les cookie
    0
  2. jb61 Messages postés 3 Statut Membre
     
    J'ai essayé mais ça n'a pas marché !
    0
  3. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    bonjour

    vu ton rapport il n'est pas surprenant d'avoir des pubs

    Note importante :
    Pour les ordinateurs équipés de Windows Vista et Windows 7, la désactivation du Contrôle des comptes utilisateurs est obligatoire
    sous peine de ne pas pouvoir faire fonctionner correctement l'outil.
    Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

    Téléchargez et enregistrez le fichier d installation sur le bureau
    http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

    Double cliquez sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.
    Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
    Au menu principal choisir l'option "s" et tapez sur [entrée] .
    Laissez travailler l'outil et ne touchez à rien ...
    Postez le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    0
    1. jb61
       
      Voici le rapport du scan:


      .
      ======= RAPPORT D'AD-REMOVER 1.1.4.6_F | UNIQUEMENT XP/VISTA/7 =======
      .
      Mit à jour par C_XX le 26.12.2009 à 20:47
      Contact: AdRemover.contact@gmail.com
      Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
      .
      Lancé à: 20:49:06, 27/12/2009 | Mode Normal | Option: SCAN
      Exécuté de: C:\Program Files\Ad-Remover\
      Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
      Nom du PC: PC-DE-JEAN-BAPT | Utilisateur actuel: jean-baptiste

      Bonnes fêtes de fin d'année à vous tous :)
      .
      ============== ÉLÉMENT(S) TROUVÉ(S) ==============
      .
      Service: WinSvc

      C:\Users\JEAN-B~1\AppData\Roaming\Mozilla\FireFox\Profiles\o7qi6gqf.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
      C:\Users\JEAN-B~1\FAVORI~1\MyQuickFinder.url
      C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
      C:\Program Files\Mozilla FireFox\Components\AskSearch.js
      C:\Poker\Poker 770
      C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
      C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Poker 770
      C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Zango
      C:\Program Files\AskBarDis
      C:\Program Files\Automated Content Enhancer
      C:\Program Files\Content Management Wizard
      C:\Program Files\Customized Platform Advancer
      C:\Program Files\Everest Poker
      C:\Program Files\Gameztar Toolbar
      C:\Program Files\Internet Today
      C:\Program Files\QuestService
      C:\Program Files\ShoppingReport
      C:\Program Files\Textual Content Provider
      C:\Program Files\Web Search Operator
      C:\Program Files\Winsudate
      C:\Program Files\Zango
      C:\Users\JEAN-B~1\AppData\Roaming\WeatherDPA
      C:\Users\JEAN-B~1\AppData\Roaming\Zango
      C:\Users\jean-baptiste\AppData\Local\Internet Today
      C:\Users\jean-baptiste\AppData\LocalLow\Automated Content Enhancer
      C:\Users\jean-baptiste\AppData\LocalLow\Customized Platform Advancer
      C:\Users\jean-baptiste\AppData\LocalLow\ShoppingReport
      C:\Users\jean-baptiste\AppData\LocalLow\Textual Content Provider
      C:\Users\jean-baptiste\AppData\LocalLow\Web Search Operator
      C:\Users\jean-baptiste\AppData\LocalLow\Zango
      C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
      C:\ProgramData\QuestService
      C:\ProgramData\ZangoSA
      C:\ProgramData\{CA8CD71A-7992-4226-B949-0D7C9976D2F3}
      C:\Windows\Installer\862237.msi
      C:\Users\Public\Desktop\Poker 770.lnk
      .
      HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKCU\software\appdatalow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKCU\software\appdatalow\AskBarDis
      HKCU\software\appdatalow\software\Automated Content Enhancer
      HKCU\software\appdatalow\software\CMW
      HKCU\software\appdatalow\software\Customized Platform Advancer
      HKCU\software\appdatalow\software\Gameztar Toolbar
      HKCU\software\appdatalow\software\Media Access Startup
      HKCU\software\appdatalow\software\ShoppingReport
      HKCU\software\appdatalow\software\Web Search Operator
      HKCU\software\appdatalow\software\Zango
      HKCU\software\AskBarDis
      HKCU\software\Gameztar Toolbar
      HKCU\software\Grand Virtual
      HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
      HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
      HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
      HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
      HKCU\software\microsoft\internet explorer\searchscopes\{342168F8-AE4A-41E8-A6B5-8FB9FECBEF37}
      HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
      HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
      HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\VideoBarApp
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherDPA
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WinUsr
      HKCU\software\Poker 770
      HKCU\software\ShoppingReport
      HKCU\software\zangosa
      HKLM\software\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKLM\software\appdatalow\AskBarDis
      HKLM\software\appdatalow\software\Automated Content Enhancer
      HKLM\software\appdatalow\software\Customized Platform Advancer
      HKLM\software\appdatalow\software\Internet Today
      HKLM\software\appdatalow\software\Web Search Operator
      HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
      HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
      HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
      HKLM\Software\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
      HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
      HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
      HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
      HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
      HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
      HKLM\Software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}
      HKLM\Software\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
      HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
      HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
      HKLM\Software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}
      HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
      HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
      HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
      HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKLM\Software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}
      HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842}
      HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
      HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
      HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
      HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
      HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
      HKLM\Software\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
      HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116}
      HKLM\Software\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
      HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
      HKLM\Software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
      HKLM\Software\Classes\CLSID\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKLM\Software\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
      HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
      HKLM\software\classes\CntntCntr.CntntDic
      HKLM\software\classes\CntntCntr.CntntDic.1
      HKLM\software\classes\CntntCntr.CntntDisp
      HKLM\software\classes\CntntCntr.CntntDisp.1
      HKLM\software\classes\CoreSrv.CoreServices
      HKLM\software\classes\CoreSrv.CoreServices.1
      HKLM\software\classes\CoreSrv.LfgAx
      HKLM\software\classes\CoreSrv.LfgAx.1
      HKLM\software\classes\ExplorerBar.CMW
      HKLM\software\classes\ExplorerBar.CMW.1
      HKLM\software\classes\ExplorerBar.FunExplorer
      HKLM\software\classes\ExplorerBar.FunExplorer.1
      HKLM\software\classes\ExplorerBar.FunRedirector
      HKLM\software\classes\ExplorerBar.FunRedirector.1
      HKLM\software\classes\ExplorerBar.TCP
      HKLM\software\classes\ExplorerBar.TCP.1
      HKLM\software\classes\HbCoreSrv.DynamicProp
      HKLM\software\classes\HbCoreSrv.DynamicProp.1
      HKLM\software\classes\HBMain.CommBand
      HKLM\software\classes\HBMain.CommBand.1
      HKLM\software\classes\hbr.HbMain
      HKLM\software\classes\hbr.HbMain.1
      HKLM\software\classes\HostIE.Bho
      HKLM\software\classes\HostIE.Bho.1
      HKLM\software\classes\HostOL.MailAnim
      HKLM\software\classes\HostOL.MailAnim.1
      HKLM\software\classes\HostOL.WebmailSend
      HKLM\software\classes\HostOL.WebmailSend.1
      HKLM\software\classes\installer\Products\05391F592A3AB1944A4045DB3DD44BD9
      HKLM\Software\Classes\Interface\{01009AEC-AFAA-4982-9F2B-6411C5C27E77}
      HKLM\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
      HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
      HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
      HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
      HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
      HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
      HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
      HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
      HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
      HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
      HKLM\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
      HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
      HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
      HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
      HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
      HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
      HKLM\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
      HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
      HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
      HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
      HKLM\Software\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
      HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
      HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
      HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
      HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
      HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
      HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
      HKLM\Software\Classes\Interface\{AF55160D-CDE1-4A8B-8001-66DA06BEE740}
      HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
      HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
      HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
      HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
      HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
      HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
      HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
      HKLM\software\classes\ShoppingReport.HbAx
      HKLM\software\classes\ShoppingReport.HbAx.1
      HKLM\software\classes\ShoppingReport.HbInfoBand
      HKLM\software\classes\ShoppingReport.HbInfoBand.1
      HKLM\software\classes\ShoppingReport.IEButton
      HKLM\software\classes\ShoppingReport.IEButton.1
      HKLM\software\classes\ShoppingReport.IEButtonA
      HKLM\software\classes\ShoppingReport.IEButtonA.1
      HKLM\software\classes\ShoppingReport.RprtCtrl
      HKLM\software\classes\ShoppingReport.RprtCtrl.1
      HKLM\software\classes\Srv.CoreServices
      HKLM\software\classes\Srv.CoreServices.1
      HKLM\software\classes\Toolbar.HtmlMenuUI
      HKLM\software\classes\Toolbar.HtmlMenuUI.1
      HKLM\software\classes\Toolbar.ToolbarCtl
      HKLM\software\classes\Toolbar.ToolbarCtl.1
      HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
      HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
      HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
      HKLM\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
      HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
      HKLM\Software\Classes\TypeLib\{5297E905-1DFB-4A9C-9871-A4F95FD58945}
      HKLM\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
      HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
      HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
      HKLM\Software\Classes\TypeLib\{89085678-632D-4DEB-BDA0-CD912C63203E}
      HKLM\Software\Classes\TypeLib\{A56FE01C-77C4-4F5E-8198-E4B72207890A}
      HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
      HKLM\Software\Classes\TypeLib\{ABEC1835-3181-4ABD-8DDE-875AEC4DF6D2}
      HKLM\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
      HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
      HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
      HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
      HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
      HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
      HKLM\software\classes\Wallpaper.WallpaperManager
      HKLM\software\classes\Wallpaper.WallpaperManager.1
      HKLM\software\Media Access Startup
      HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
      HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
      HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0566A191-D675-4911-9C7E-50EDBEF90F32}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40574696-DB17-4512-A79C-FB6086F15C65}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4414A37B-E7E9-4ddc-855F-A581276D565B}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{731969D9-D88F-4f37-A384-D23638973AD2}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A451DAF9-C5AB-4a0e-B585-69012225002E}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
      HKLM\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
      HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
      HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\05391F592A3AB1944A4045DB3DD44BD9
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZangoOE
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZangoSA
      HKLM\Software\Mozilla\Firefox\Extensions\\{40f1eb95-4de4-4f36-a826-054ee36bb905}
      HKLM\Software\Mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}
      HKLM\Software\Mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}
      HKLM\Software\Mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}
      HKLM\software\Poker 770
      HKLM\software\QuestService
      HKLM\software\ShoppingReport
      HKLM\software\Zango
      HKLM\SYSTEM\ControlSet001\Services\winsvc
      HKLM\SYSTEM\ControlSet002\Services\winsvc
      HKLM\SYSTEM\CurrentControlSet\Services\winsvc
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\AskBarDis
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Automated Content Enhancer
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\CMW
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Customized Platform Advancer
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Gameztar Toolbar
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Media Access Startup
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\ShoppingReport
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Web Search Operator
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\appdatalow\software\Zango
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\AskBarDis
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\Gameztar Toolbar
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\Grand Virtual
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\Poker 770
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\ShoppingReport
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\software\zangosa
      .
      ============== Scan additionnel ==============
      .
      .
      * Mozilla FireFox Version 3.5.6 [fr] *
      .
      Nom du profil: o7qi6gqf.default (jean-baptiste)
      .
      (JEAN-B~1, prefs.js) Browser.download.dir, C:\Users\jean-baptiste\Downloads
      (JEAN-B~1, prefs.js) Browser.download.lastDir, C:\Users\jean-baptiste\Documents
      (JEAN-B~1, prefs.js) Browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1392740&SearchSource=3&q={searchTerms}
      (JEAN-B~1, prefs.js) Browser.search.selectedEngine, Gameztar Toolbar
      (JEAN-B~1, prefs.js) Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://google.com
      (JEAN-B~1, prefs.js) Extensions.enabledItems, {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,{E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960,illimitux@illimitux.net:3.4,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}:2.2.0.9,{8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0,{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7,{E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546,Zango@Zango.com:10.3.85.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.6
      (JEAN-B~1, prefs.js) Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
      .
      (JEAN-B~1, prefs.js) TROUVE - CommunityToolbar.SearchFromAddressBarSavedUrl, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
      (JEAN-B~1, prefs.js) TROUVE - Browser.search.defaultthis.engineName, MyPlayCity Customized Web Search
      (JEAN-B~1, prefs.js) TROUVE - Browser.search.selectedEngine, Gameztar Toolbar
      (JEAN-B~1, prefs.js) TROUVE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1
      (JEAN-B~1, prefs.js) TROUVE - General.useragent.extra.hotvideobar, hotvideobar_3_1_939641899131923_9_254 VB_gameztar
      (JEAN-B~1, prefs.js) TROUVE - Hotvideobar.startonce, false
      (JEAN-B~1, prefs.js) TROUVE - Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
      (JEAN-B~1, prefs.js) TROUVE - Noscript.untrusted, cpxinteractive.com every.com freelotto.com ikariam.fr mixmaster.fr sweetim.com hxxp://cpxinteractive.com hxxp://every.com hxxp://freelotto.com hxxp://ikariam.fr hxxp://mixmaster.fr hxxp://sweetim.com hxxps://cpxinteractive.com hxxps://every.com hxxps://freelotto.com hxxps://ikariam.fr hxxps://mixmaster.fr hxxps://sweetim.com
      .
      .
      .
      * Internet Explorer Version 7.0.6002.18005 *
      .
      [HKEY_CURRENT_USER\..\Internet Explorer\Main]
      .
      Start Page: hxxp://google.com/
      Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
      Do404Search: 01000000
      Local Page: C:\Windows\system32\blank.htm
      Show_ToolBar: yes
      Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
      Enable Browser Extensions: yes
      Use Search Asst: no
      .
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
      .
      Start Page: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
      Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
      Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
      Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
      Delete_Temp_Files_On_Exit: yes
      Local Page: %SystemRoot%\system32\blank.htm
      Enable Browser Extensions: yes
      Use Search Asst: no
      .
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
      .
      Tabs: res://ieframe.dll/tabswelcome.htm
      .
      ===================================
      .
      605 Octet(s) - C:\Ad-Report-SCAN[1].log
      22274 Octet(s) - C:\Ad-Report-SCAN[2].log
      .
      2542 Fichier(s) - C:\Users\JEAN-B~1\AppData\Local\Temp
      19 Fichier(s) - C:\Windows\Temp
      129 Fichier(s) - C:\Windows\Prefetch
      .
      3 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
      0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
      .
      Fin à: 21:11:07 | 27/12/2009 - SCAN[2]
      .
      ============== E.O.F ==============
      .


      Merci !
      0
  4. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    Même outil (Ad Remover)

    Option L Lancer le nettoyage

    Poster le rapport

    ensuite

    • Télécharge Random's System Information Tool (RSIT) de Random/Random.

    http://images.malwareremoval.com/random/RSIT.exe

    • Enregistre le sur ton Bureau.

    • Double clique sur RSIT.exe pour lancer l'outil.

    • Clique sur "Continue" à l'écran Disclaimer.

    • Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)

    et tu devras accepter la licence.

    • Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp

    Les rapports se trouvent à cet endroit:
    C:\rsit\info.txt
    C:\rsit\log.txt

    0
    1. jb61
       
      Second rapport :

      .
      ======= RAPPORT D'AD-REMOVER 1.1.4.6_F | UNIQUEMENT XP/VISTA/7 =======
      .
      Mit à jour par C_XX le 26.12.2009 à 20:47
      Contact: AdRemover.contact@gmail.com
      Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
      .
      Lancé à: 21:41:23, 27/12/2009 | Mode Normal | Option: CLEAN
      Exécuté de: C:\Program Files\Ad-Remover\
      Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
      Nom du PC: PC-DE-JEAN-BAPT | Utilisateur actuel: jean-baptiste

      Bonnes fêtes de fin d'année à vous tous :)
      .
      ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
      .
      Service: WinSvc

      C:\Users\JEAN-B~1\AppData\Roaming\Mozilla\FireFox\Profiles\o7qi6gqf.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
      C:\Users\JEAN-B~1\FAVORI~1\MyQuickFinder.url
      C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
      C:\Program Files\Mozilla FireFox\Components\AskSearch.js
      C:\Poker\Poker 770
      C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
      C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Poker 770
      C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Zango
      C:\Program Files\AskBarDis
      C:\Program Files\Automated Content Enhancer
      C:\Program Files\Content Management Wizard
      C:\Program Files\Customized Platform Advancer
      C:\Program Files\Everest Poker
      C:\Program Files\Gameztar Toolbar
      C:\Program Files\Internet Today
      C:\Program Files\QuestService
      C:\Program Files\ShoppingReport
      C:\Program Files\Textual Content Provider
      C:\Program Files\Web Search Operator
      C:\Program Files\Winsudate
      C:\Program Files\Zango
      C:\Users\JEAN-B~1\AppData\Roaming\WeatherDPA
      C:\Users\JEAN-B~1\AppData\Roaming\Zango
      C:\Users\jean-baptiste\AppData\Local\Internet Today
      C:\Users\jean-baptiste\AppData\LocalLow\Automated Content Enhancer
      C:\Users\jean-baptiste\AppData\LocalLow\Customized Platform Advancer
      C:\Users\jean-baptiste\AppData\LocalLow\ShoppingReport
      C:\Users\jean-baptiste\AppData\LocalLow\Textual Content Provider
      C:\Users\jean-baptiste\AppData\LocalLow\Web Search Operator
      C:\Users\jean-baptiste\AppData\LocalLow\Zango
      C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
      C:\ProgramData\QuestService
      C:\ProgramData\ZangoSA
      C:\ProgramData\{CA8CD71A-7992-4226-B949-0D7C9976D2F3}
      C:\Windows\Installer\862237.msi
      C:\Users\Public\Desktop\Poker 770.lnk

      (!) -- Fichiers temporaires supprimés.

      .
      HKCU\software\appdatalow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKCU\software\appdatalow\AskBarDis
      HKCU\software\appdatalow\software\Automated Content Enhancer
      HKCU\software\appdatalow\software\CMW
      HKCU\software\appdatalow\software\Customized Platform Advancer
      HKCU\software\appdatalow\software\Gameztar Toolbar
      HKCU\software\appdatalow\software\Media Access Startup
      HKCU\software\appdatalow\software\ShoppingReport
      HKCU\software\appdatalow\software\Web Search Operator
      HKCU\software\appdatalow\software\Zango
      HKCU\software\AskBarDis
      HKCU\software\Gameztar Toolbar
      HKCU\software\Grand Virtual
      HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
      HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
      HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
      HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
      HKCU\software\microsoft\internet explorer\searchscopes\{342168F8-AE4A-41E8-A6B5-8FB9FECBEF37}
      HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
      HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
      HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\VideoBarApp
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherDPA
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WinUsr
      HKCU\software\Poker 770
      HKCU\software\ShoppingReport
      HKCU\software\zangosa
      HKLM\software\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKLM\software\appdatalow\AskBarDis
      HKLM\software\appdatalow\software\Automated Content Enhancer
      HKLM\software\appdatalow\software\Customized Platform Advancer
      HKLM\software\appdatalow\software\Internet Today
      HKLM\software\appdatalow\software\Web Search Operator
      HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
      HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
      HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
      HKLM\Software\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
      HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
      HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
      HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
      HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
      HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
      HKLM\Software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}
      HKLM\Software\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
      HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
      HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
      HKLM\Software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}
      HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
      HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
      HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
      HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKLM\Software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}
      HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842}
      HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
      HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
      HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
      HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
      HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
      HKLM\Software\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
      HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116}
      HKLM\Software\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
      HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
      HKLM\Software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
      HKLM\Software\Classes\CLSID\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKLM\Software\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
      HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
      HKLM\software\classes\CntntCntr.CntntDic
      HKLM\software\classes\CntntCntr.CntntDic.1
      HKLM\software\classes\CntntCntr.CntntDisp
      HKLM\software\classes\CntntCntr.CntntDisp.1
      HKLM\software\classes\CoreSrv.CoreServices
      HKLM\software\classes\CoreSrv.CoreServices.1
      HKLM\software\classes\CoreSrv.LfgAx
      HKLM\software\classes\CoreSrv.LfgAx.1
      HKLM\software\classes\ExplorerBar.CMW
      HKLM\software\classes\ExplorerBar.CMW.1
      HKLM\software\classes\ExplorerBar.FunExplorer
      HKLM\software\classes\ExplorerBar.FunExplorer.1
      HKLM\software\classes\ExplorerBar.FunRedirector
      HKLM\software\classes\ExplorerBar.FunRedirector.1
      HKLM\software\classes\ExplorerBar.TCP
      HKLM\software\classes\ExplorerBar.TCP.1
      HKLM\software\classes\HbCoreSrv.DynamicProp
      HKLM\software\classes\HbCoreSrv.DynamicProp.1
      HKLM\software\classes\HBMain.CommBand
      HKLM\software\classes\HBMain.CommBand.1
      HKLM\software\classes\hbr.HbMain
      HKLM\software\classes\hbr.HbMain.1
      HKLM\software\classes\HostIE.Bho
      HKLM\software\classes\HostIE.Bho.1
      HKLM\software\classes\HostOL.MailAnim
      HKLM\software\classes\HostOL.MailAnim.1
      HKLM\software\classes\HostOL.WebmailSend
      HKLM\software\classes\HostOL.WebmailSend.1
      HKLM\software\classes\installer\Products\05391F592A3AB1944A4045DB3DD44BD9
      HKLM\Software\Classes\Interface\{01009AEC-AFAA-4982-9F2B-6411C5C27E77}
      HKLM\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
      HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
      HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
      HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
      HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
      HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
      HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
      HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
      HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
      HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
      HKLM\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
      HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
      HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
      HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
      HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
      HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
      HKLM\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
      HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
      HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
      HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
      HKLM\Software\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
      HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
      HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
      HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
      HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
      HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
      HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
      HKLM\Software\Classes\Interface\{AF55160D-CDE1-4A8B-8001-66DA06BEE740}
      HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
      HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
      HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
      HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
      HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
      HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
      HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
      HKLM\software\classes\ShoppingReport.HbAx
      HKLM\software\classes\ShoppingReport.HbAx.1
      HKLM\software\classes\ShoppingReport.HbInfoBand
      HKLM\software\classes\ShoppingReport.HbInfoBand.1
      HKLM\software\classes\ShoppingReport.IEButton
      HKLM\software\classes\ShoppingReport.IEButton.1
      HKLM\software\classes\ShoppingReport.IEButtonA
      HKLM\software\classes\ShoppingReport.IEButtonA.1
      HKLM\software\classes\ShoppingReport.RprtCtrl
      HKLM\software\classes\ShoppingReport.RprtCtrl.1
      HKLM\software\classes\Srv.CoreServices
      HKLM\software\classes\Srv.CoreServices.1
      HKLM\software\classes\Toolbar.HtmlMenuUI
      HKLM\software\classes\Toolbar.HtmlMenuUI.1
      HKLM\software\classes\Toolbar.ToolbarCtl
      HKLM\software\classes\Toolbar.ToolbarCtl.1
      HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
      HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
      HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
      HKLM\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
      HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
      HKLM\Software\Classes\TypeLib\{5297E905-1DFB-4A9C-9871-A4F95FD58945}
      HKLM\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
      HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
      HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
      HKLM\Software\Classes\TypeLib\{89085678-632D-4DEB-BDA0-CD912C63203E}
      HKLM\Software\Classes\TypeLib\{A56FE01C-77C4-4F5E-8198-E4B72207890A}
      HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
      HKLM\Software\Classes\TypeLib\{ABEC1835-3181-4ABD-8DDE-875AEC4DF6D2}
      HKLM\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
      HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
      HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
      HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
      HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
      HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
      HKLM\software\classes\Wallpaper.WallpaperManager
      HKLM\software\classes\Wallpaper.WallpaperManager.1
      HKLM\software\Media Access Startup
      HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
      HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
      HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0566A191-D675-4911-9C7E-50EDBEF90F32}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40574696-DB17-4512-A79C-FB6086F15C65}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4414A37B-E7E9-4ddc-855F-A581276D565B}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{731969D9-D88F-4f37-A384-D23638973AD2}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A451DAF9-C5AB-4a0e-B585-69012225002E}
      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
      HKLM\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
      HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\05391F592A3AB1944A4045DB3DD44BD9
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZangoOE
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZangoSA
      HKLM\Software\Mozilla\Firefox\Extensions\\{40f1eb95-4de4-4f36-a826-054ee36bb905}
      HKLM\Software\Mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}
      HKLM\Software\Mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}
      HKLM\Software\Mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}
      HKLM\software\Poker 770
      HKLM\software\QuestService
      HKLM\software\ShoppingReport
      HKLM\software\Zango
      HKLM\SYSTEM\ControlSet002\Services\winsvc
      HKU\s-1-5-21-1407876068-1395202609-184458217-1000\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
      .
      ============== Scan additionnel ==============
      .
      .
      * Mozilla FireFox Version 3.5.6 [fr] *
      .
      Nom du profil: o7qi6gqf.default (jean-baptiste)
      .
      (JEAN-B~1, prefs.js) Browser.download.dir, C:\Users\jean-baptiste\Downloads
      (JEAN-B~1, prefs.js) Browser.download.lastDir, C:\Users\jean-baptiste\Documents
      (JEAN-B~1, prefs.js) Browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1392740&SearchSource=3&q={searchTerms}
      (JEAN-B~1, prefs.js) Browser.search.selectedEngine, Gameztar Toolbar
      (JEAN-B~1, prefs.js) Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://google.com
      (JEAN-B~1, prefs.js) Extensions.enabledItems, {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,{E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960,illimitux@illimitux.net:3.4,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}:2.2.0.9,{8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0,{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7,{E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546,Zango@Zango.com:10.3.85.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.6
      (JEAN-B~1, prefs.js) Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
      .
      (JEAN-B~1, prefs.js) EFFACE - CommunityToolbar.SearchFromAddressBarSavedUrl, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
      (JEAN-B~1, prefs.js) EFFACE - Browser.search.defaultthis.engineName, MyPlayCity Customized Web Search
      (JEAN-B~1, prefs.js) EFFACE - Browser.search.selectedEngine, Gameztar Toolbar
      (JEAN-B~1, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1
      (JEAN-B~1, prefs.js) EFFACE - General.useragent.extra.hotvideobar, hotvideobar_3_1_939641899131923_9_254 VB_gameztar
      (JEAN-B~1, prefs.js) EFFACE - Hotvideobar.startonce, false
      (JEAN-B~1, prefs.js) EFFACE - Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
      (JEAN-B~1, prefs.js) EFFACE - Noscript.untrusted, cpxinteractive.com every.com freelotto.com ikariam.fr mixmaster.fr sweetim.com hxxp://cpxinteractive.com hxxp://every.com hxxp://freelotto.com hxxp://ikariam.fr hxxp://mixmaster.fr hxxp://sweetim.com hxxps://cpxinteractive.com hxxps://every.com hxxps://freelotto.com hxxps://ikariam.fr hxxps://mixmaster.fr hxxps://sweetim.com
      .
      .
      .
      * Internet Explorer Version 7.0.6002.18005 *
      .
      [HKEY_CURRENT_USER\..\Internet Explorer\Main]
      .
      Start Page: hxxp://fr.msn.com/
      Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      Do404Search: 01000000
      Local Page: C:\Windows\system32\blank.htm
      Show_ToolBar: yes
      Enable Browser Extensions: yes
      Use Search Asst: no
      Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
      .
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
      .
      Start Page: hxxp://fr.msn.com/
      Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Delete_Temp_Files_On_Exit: yes
      Local Page: %SystemRoot%\system32\blank.htm
      Enable Browser Extensions: yes
      Use Search Asst: no
      Search bar: hxxp://search.msn.com/spbasic.htm
      .
      [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
      .
      Tabs: res://ieframe.dll/tabswelcome.htm
      .
      ===================================
      .
      20511 Octet(s) - C:\Ad-Report-CLEAN[1].log
      605 Octet(s) - C:\Ad-Report-SCAN[1].log
      22647 Octet(s) - C:\Ad-Report-SCAN[2].log
      605 Octet(s) - C:\Ad-Report-SCAN[3].log
      .
      3 Fichier(s) - C:\Users\JEAN-B~1\AppData\Local\Temp
      2 Fichier(s) - C:\Windows\Temp
      0 Fichier(s) - C:\Windows\Prefetch
      .
      23 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
      2119 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
      .
      Fin à: 22:19:50 | 27/12/2009 - CLEAN[1]
      .
      ============== E.O.F ==============
      .
      0
      1. jb61 > jb61
         
        rapport à partir de Random's System Information Tool:
        (log.txt)


        Logfile of random's system information tool 1.06 (written by random/random)
        Run by jean-baptiste at 2009-12-27 22:50:36
        Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
        System drive C: has 104 GB (46%) free of 228 GB
        Total RAM: 3068 MB (59% free)

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 22:51:15, on 27/12/2009
        Platform: Windows Vista SP2 (WinNT 6.00.1906)
        MSIE: Internet Explorer v7.00 (7.00.6002.18005)
        Boot mode: Normal

        Running processes:
        C:\Windows\system32\Dwm.exe
        C:\Windows\system32\taskeng.exe
        C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
        C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
        C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
        C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
        C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
        C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
        C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
        C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
        C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
        C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
        C:\Program Files\Common Files\Real\Update_OB\realsched.exe
        C:\Program Files\IDT\WDM\sttray.exe
        C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
        C:\Program Files\Java\jre6\bin\jusched.exe
        C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
        C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
        C:\Windows\ehome\ehtray.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        C:\Windows\ehome\ehmsas.exe
        C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
        C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
        C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
        C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
        C:\Windows\explorer.exe
        C:\Windows\system32\wbem\unsecapp.exe
        C:\Windows\system32\notepad.exe
        C:\Program Files\Mozilla Firefox\firefox.exe
        C:\Windows\system32\SearchFilterHost.exe
        C:\Users\jean-baptiste\Downloads\RSIT.exe
        C:\Program Files\Trend Micro\HijackThis\jean-baptiste.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
        O1 - Hosts: ::1 localhost
        O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
        O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
        O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
        O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
        O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
        O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
        O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
        O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
        O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
        O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
        O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
        O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
        O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
        O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
        O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
        O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
        O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
        O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
        O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
        O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
        O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
        O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
        O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
        O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
        O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
        O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
        O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
        O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
        O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
        O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
        O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
        O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
        O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
        O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
        O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
        O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
        O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
        O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
        O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
        O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
        O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
        O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
        O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
        O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
        O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
        O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
        O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
        O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
        O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
        O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
        O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
        O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
        O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
        O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
        O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
        O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
        O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
        O13 - Gopher Prefix:
        O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
        O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
        O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
        O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe
        O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
        O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
        O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
        O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
        O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
        O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
        O23 - Service: Service Google Update (gupdate1c9e92765deed0d) (gupdate1c9e92765deed0d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
        O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
        O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
        O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
        O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
        O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
        O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
        O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
        O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
        O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe
        O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
        O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
        0
      2. jb61 > jb61
         
        Second rapport à partir de Random's System Information Tool:
        (info.txt)


        info.txt logfile of random's system information tool 1.06 2009-12-27 22:51:20

        ======Uninstall list======

        -->"C:\Program Files\HP Games\5 Card Deluxe\Uninstall.exe"
        -->"C:\Program Files\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
        -->"C:\Program Files\HP Games\Age of Castles\Uninstall.exe"
        -->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
        -->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
        -->"C:\Program Files\HP Games\Build-a-lot 2\Uninstall.exe"
        -->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
        -->"C:\Program Files\HP Games\Capoeira Fighter 3\Uninstall.exe"
        -->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
        -->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
        -->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
        -->"C:\Program Files\HP Games\FATE\Uninstall.exe"
        -->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
        -->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
        -->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
        -->"C:\Program Files\HP Games\Granny in Paradise\Uninstall.exe"
        -->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
        -->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
        -->"C:\Program Files\HP Games\Mahjongg Artifacts\Uninstall.exe"
        -->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
        -->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
        -->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
        -->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
        -->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
        -->"C:\Program Files\HP Games\Polar Pool\Uninstall.exe"
        -->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
        -->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
        -->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
        -->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
        -->"C:\Program Files\HP Games\The Treasures of Montezuma\Uninstall.exe"
        -->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
        -->"C:\Program Files\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
        -->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
        -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
        -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
        -->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
        µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
        32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}
        Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
        ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
        Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
        Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
        Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
        Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
        Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe"
        AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
        AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
        Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
        Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
        Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
        Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
        Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x040c
        avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
        Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
        Catalyst Control Center - Branding-->MsiExec.exe /I{187817E2-6407-461C-B59B-56CE73363D34}
        CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
        CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
        CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
        DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
        DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
        DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
        DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
        DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
        DJ Mix Lite-->C:\Program Files\DJ Mix Lite\uninstall.exe
        ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
        Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
        FIFA 08 Demo-->MsiExec.exe /X{7D1928D2-26FA-45FA-A4DD-A876D7293818}
        Frets On Fire-->"C:\Program Files\Frets on Fire\Uninstall.exe"
        Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
        Gameztar Toolbar-->"C:\ProgramData\{CA8CD71A-7992-4226-B949-0D7C9976D2F3}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
        Gameztar Toolbar-->C:\ProgramData\{CA8CD71A-7992-4226-B949-0D7C9976D2F3}\Setup.exe
        Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
        Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
        Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
        GRID-->"C:\Program Files\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x040c -removeonly
        HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
        Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
        Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
        HP Active Support Library-->"C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe" -runfromtemp -l0x0409 -removeonly
        HP Common Access Service Library-->MsiExec.exe /I{732A3F80-008B-4350-BD58-EC5AE98707B8}
        HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly
        HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
        HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
        HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
        HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
        HP MediaSmart DVD-->"C:\Program Files\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
        HP MediaSmart DVD-->"C:\Program Files\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
        HP MediaSmart Music/Photo/Video-->"C:\Program Files\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall
        HP MediaSmart Music/Photo/Video-->"C:\Program Files\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS
        HP MediaSmart SmartMenu-->MsiExec.exe /I{A7AC8E69-01FF-494E-9A2C-423B82CEA604}
        HP MediaSmart TV-->"C:\Program Files\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
        HP MediaSmart TV-->"C:\Program Files\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
        HP MediaSmart Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
        HP MediaSmart Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall /z
        HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}\setup\hpzscr01.exe -datfile hposcr30.dat -onestop
        HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
        HP Quick Launch Buttons 6.40 L1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
        HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
        HP Solution Center 11.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
        HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
        HP Total Care Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{95A747E0-DF19-46CB-A622-20A0107201BD}\setup.exe" -l0x9 -removeonly
        HP Update-->MsiExec.exe /X{47F36D92-E58E-456D-B73C-3382737E4C42}
        HP User Guides 0134-->MsiExec.exe /X{6ABE0E28-3A8E-4ADC-A050-784064B76236}
        HP Wireless Assistant-->MsiExec.exe /X{E5E29403-3D25-40C6-892B-F9FEE2A95585}
        HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
        HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
        IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x40c -remove -removeonly
        IL-2 Sturmovik-->C:\Windows\UbiSoft\SetupUbi.exe -uninstall IL-2 Sturmovik
        Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
        Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
        Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
        JMicron Flash Media Controller Driver-->"C:\Program Files\JMicron\JMCR_DIR\setup.exe" delpkg
        Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
        LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
        LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
        LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
        LimeWire 5.1.3-->"C:\Program Files\LimeWire\uninstall.exe"
        Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
        Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
        Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
        Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
        Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
        Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
        Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
        Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
        Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
        Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
        Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
        Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
        Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
        Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
        Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
        Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
        Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
        Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
        Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
        Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
        Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
        Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
        Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
        Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
        Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
        Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
        Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
        Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
        Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
        Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
        Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
        Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
        Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
        Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
        Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
        Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
        Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
        Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
        Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
        Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
        Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
        Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
        Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
        Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
        Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
        Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
        Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
        Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
        MotoGP 08 Demo-->"C:\Program Files\InstallShield Installation Information\{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}\setup.exe" -runfromtemp -l0x040c -removeonly
        Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
        MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
        MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
        MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
        muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
        MyPlayCity Toolbar-->C:\PROGRA~1\MYPLAY~1\UNWISE.EXE /U C:\PROGRA~1\MYPLAY~1\INSTALL.LOG
        Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.2.11\InstStub.exe /X
        Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
        OCR Software by I.R.I.S. 11.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
        OpenAL-->"C:\Program Files\OpenAL\OalinstGridRelease.exe" /U
        Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
        OtsTurntables Free 1.00.027-->"C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OtsTTfre.osi"
        Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
        Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
        Package de pilotes Windows - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\enecir.inf_1a3c82dd\enecir.inf
        Poker 770-->"C:\Poker\Poker 770\_SetupCasino_5725.exe" /uninstall
        Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
        Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
        PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
        PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
        ProtectSmart Hard Drive Protection-->MsiExec.exe /X{9D615069-AA8F-4E89-AE9D-77AAE90F529F}
        QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
        RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
        Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
        Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
        Sagem Wi-Fi 11g USB adapter (driver)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2ED60C17-4568-4CD5-830A-03C4688B09A1}\setup.exe" -l0x40c
        SAGEM Wi-Fi 11g USB adapter (pilote)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7421E270-0140-4F62-AE39-ECB9F1C81B35}\setup.exe" -l0x40c
        Sandlot Games Client Services 1.2.2-->"C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
        Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
        Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
        Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
        Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
        Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
        Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
        Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
        Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
        Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
        ShopperReports-->C:\Program Files\ShoppingReport\Uninst.exe
        SPORE Creature Creator Trial Edition-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
        Steam-->C:\PROGRA~1\Steam\UNWISE.EXE C:\PROGRA~1\Steam\INSTALL.LOG
        SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
        Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
        TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U
        Tom Clancy's Rainbow Six: Lockdown Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70D52D20-82A5-43CC-85C1-C994FA2EC591}\Setup.exe" -l0x40c
        Trial Bike Ultra-->"C:\Program Files\MyPlayCity.com\Trial Bike Ultra\unins000.exe"
        Trials 2 Second Edition-->C:\Program Files\Trials 2 Second Edition\Uninstall.exe
        UltraMixer 2.3.8-->"C:\Program Files\UltraMixer\unins000.exe"
        Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
        Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
        Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
        Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
        VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
        Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
        VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
        Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
        Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
        Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
        Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
        Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
        Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
        Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
        Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
        Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
        Zango-->"C:\Program Files\Zango\bin\10.3.85.0\ZangoUninstaller.exe" Web

        ======Security center information======

        AS: Windows Defender

        ======System event log======

        Computer Name: PC-de-jean-bapt
        Event Code: 7022
        Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
        Record Number: 38133
        Source Name: Service Control Manager
        Time Written: 20090817092741.000000-000
        Event Type: Erreur
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 7000
        Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
        Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
        Record Number: 38092
        Source Name: Service Control Manager
        Time Written: 20090817092717.000000-000
        Event Type: Erreur
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 15016
        Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
        Record Number: 38050
        Source Name: Microsoft-Windows-HttpEvent
        Time Written: 20090817092558.441600-000
        Event Type: Erreur
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 4001
        Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

        Record Number: 38034
        Source Name: Microsoft-Windows-WLAN-AutoConfig
        Time Written: 20090817004212.416000-000
        Event Type: Avertissement
        User: AUTORITE NT\SYSTEM

        Computer Name: PC-de-jean-bapt
        Event Code: 4227
        Message: TCP/IP n’a pas pu établir une connexion sortante car le point de terminaison local sélectionné a été récemment utilisé pour se connecter au même point de terminaison distant. Cette erreur se produit généralement lorsque les connexions sortantes sont ouvertes et fermées à un débit élevé, provoquant l’utilisation de tous les ports locaux disponibles et obligeant TCP/IP à réutiliser un port local pour une connexion sortante. Pour réduire le risque d’altération des données, la norme TCP/IP exige qu’un laps de temps minimal s’écoule entre des connexions successives d’un point de terminaison local à un point de terminaison distant.
        Record Number: 38018
        Source Name: Tcpip
        Time Written: 20090816202106.443000-000
        Event Type: Avertissement
        User:

        =====Application event log=====

        Computer Name: PC-de-jean-bapt
        Event Code: 8194
        Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

        Opération :
        Données du rédacteur en cours de collecte

        Contexte :
        ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
        Nom du rédacteur: System Writer
        ID d’instance du rédacteur: {5c49533b-1cc7-44f7-ac15-50f47c2c2a7c}
        Record Number: 473
        Source Name: VSS
        Time Written: 20090504181441.000000-000
        Event Type: Erreur
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 8194
        Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

        Opération :
        Données du rédacteur en cours de collecte

        Contexte :
        ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
        Nom du rédacteur: System Writer
        ID d’instance du rédacteur: {5c49533b-1cc7-44f7-ac15-50f47c2c2a7c}
        Record Number: 470
        Source Name: VSS
        Time Written: 20090504181405.000000-000
        Event Type: Erreur
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 10
        Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
        Record Number: 464
        Source Name: Microsoft-Windows-WMI
        Time Written: 20090504181006.000000-000
        Event Type: Erreur
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 8194
        Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

        Opération :
        Données du rédacteur en cours de collecte

        Contexte :
        ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
        Nom du rédacteur: System Writer
        ID d’instance du rédacteur: {a9711e31-b594-4287-8c74-a76fb10e96bf}
        Record Number: 429
        Source Name: VSS
        Time Written: 20090504142721.000000-000
        Event Type: Erreur
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 8194
        Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

        Opération :
        Données du rédacteur en cours de collecte

        Contexte :
        ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
        Nom du rédacteur: System Writer
        ID d’instance du rédacteur: {a9711e31-b594-4287-8c74-a76fb10e96bf}
        Record Number: 425
        Source Name: VSS
        Time Written: 20090504140808.000000-000
        Event Type: Erreur
        User:

        =====Security event log=====

        Computer Name: PC-de-jean-bapt
        Event Code: 4624
        Message: L’ouverture de session d’un compte s’est correctement déroulée.

        Sujet :
        ID de sécurité : S-1-5-18
        Nom du compte : PC-DE-JEAN-BAPT$
        Domaine du compte : WORKGROUP
        ID d’ouverture de session : 0x3e7

        Type d’ouverture de session : 2

        Nouvelle ouverture de session :
        ID de sécurité : S-1-5-21-1407876068-1395202609-184458217-1000
        Nom du compte : jean-baptiste
        Domaine du compte : PC-de-jean-bapt
        ID d’ouverture de session : 0x39a55
        GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

        Informations sur le processus :
        ID du processus : 0x2fc
        Nom du processus : C:\Windows\System32\winlogon.exe

        Informations sur le réseau :
        Nom de la station de travail : PC-DE-JEAN-BAPT
        Adresse du réseau source : 127.0.0.1
        Port source : 0

        Informations détaillées sur l’authentification :
        Processus d’ouverture de session : User32
        Package d’authentification : Negotiate
        Services en transit : -
        Nom du package (NTLM uniquement) : -
        Longueur de la clé : 0

        Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

        Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

        Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

        Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

        Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

        Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
        - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
        - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
        - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
        - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
        Record Number: 1582
        Source Name: Microsoft-Windows-Security-Auditing
        Time Written: 20090507170123.274227-000
        Event Type: Succès de l'audit
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 4648
        Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

        Sujet :
        ID de sécurité : S-1-5-18
        Nom du compte : PC-DE-JEAN-BAPT$
        Domaine du compte : WORKGROUP
        ID d’ouverture de session : 0x3e7
        GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

        Compte dont les informations d’identification ont été utilisées :
        Nom du compte : jean-baptiste
        Domaine du compte : PC-de-jean-bapt
        GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

        Serveur cible :
        Nom du serveur cible : localhost
        Informations supplémentaires : localhost

        Informations sur le processus :
        ID du processus : 0x2fc
        Nom du processus : C:\Windows\System32\winlogon.exe

        Informations sur le réseau :
        Adresse du réseau : 127.0.0.1
        Port : 0

        Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
        Record Number: 1581
        Source Name: Microsoft-Windows-Security-Auditing
        Time Written: 20090507170123.274227-000
        Event Type: Succès de l'audit
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 4672
        Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

        Sujet :
        ID de sécurité : S-1-5-18
        Nom du compte : SYSTEM
        Domaine du compte : AUTORITE NT
        ID d’ouverture de session : 0x3e7

        Privilèges : SeAssignPrimaryTokenPrivilege
        SeTcbPrivilege
        SeSecurityPrivilege
        SeTakeOwnershipPrivilege
        SeLoadDriverPrivilege
        SeBackupPrivilege
        SeRestorePrivilege
        SeDebugPrivilege
        SeAuditPrivilege
        SeSystemEnvironmentPrivilege
        SeImpersonatePrivilege
        Record Number: 1580
        Source Name: Microsoft-Windows-Security-Auditing
        Time Written: 20090507170117.761006-000
        Event Type: Succès de l'audit
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 4624
        Message: L’ouverture de session d’un compte s’est correctement déroulée.

        Sujet :
        ID de sécurité : S-1-5-18
        Nom du compte : PC-DE-JEAN-BAPT$
        Domaine du compte : WORKGROUP
        ID d’ouverture de session : 0x3e7

        Type d’ouverture de session : 5

        Nouvelle ouverture de session :
        ID de sécurité : S-1-5-18
        Nom du compte : SYSTEM
        Domaine du compte : AUTORITE NT
        ID d’ouverture de session : 0x3e7
        GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

        Informations sur le processus :
        ID du processus : 0x2a0
        Nom du processus : C:\Windows\System32\services.exe

        Informations sur le réseau :
        Nom de la station de travail :
        Adresse du réseau source : -
        Port source : -

        Informations détaillées sur l’authentification :
        Processus d’ouverture de session : Advapi
        Package d’authentification : Negotiate
        Services en transit : -
        Nom du package (NTLM uniquement) : -
        Longueur de la clé : 0

        Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

        Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

        Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

        Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

        Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

        Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
        - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
        - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
        - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
        - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
        Record Number: 1579
        Source Name: Microsoft-Windows-Security-Auditing
        Time Written: 20090507170117.761006-000
        Event Type: Succès de l'audit
        User:

        Computer Name: PC-de-jean-bapt
        Event Code: 4648
        Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

        Sujet :
        ID de sécurité : S-1-5-18
        Nom du compte : PC-DE-JEAN-BAPT$
        Domaine du compte : WORKGROUP
        ID d’ouverture de session : 0x3e7
        GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

        Compte dont les informations d’identification ont été utilisées :
        Nom du compte : SYSTEM
        Domaine du compte : AUTORITE NT
        GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

        Serveur cible :
        Nom du serveur cible : localhost
        Informations supplémentaires : localhost

        Informations sur le processus :
        ID du processus : 0x2a0
        Nom du processus : C:\Windows\System32\services.exe

        Informations sur le réseau :
        Adresse du réseau : -
        Port : -

        Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
        Record Number: 1578
        Source Name: Microsoft-Windows-Security-Auditing
        Time Written: 20090507170117.761006-000
        Event Type: Succès de l'audit
        User:

        ======Environment variables======

        "ComSpec"=%SystemRoot%\system32\cmd.exe
        "FP_NO_HOST_CHECK"=NO
        "OS"=Windows_NT
        "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
        "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
        "PROCESSOR_ARCHITECTURE"=x86
        "TEMP"=%SystemRoot%\TEMP
        "TMP"=%SystemRoot%\TEMP
        "USERNAME"=SYSTEM
        "windir"=%SystemRoot%
        "PROCESSOR_LEVEL"=17
        "PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
        "PROCESSOR_REVISION"=0301
        "NUMBER_OF_PROCESSORS"=2
        "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
        "DFSTRACINGON"=FALSE
        "OnlineServices"=Online Services
        "Platform"=MCD
        "PCBRAND"=Pavilion
        "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
        "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
        "RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
        "RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0

        -----------------EOF-----------------
        0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jb61 Messages postés 3 Statut Membre
     
    Merci pour votre aide !
    0
  7. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ok

    1) trop d'antivirus, il y a conflits entre eux et les virus en profitent

    le mieux c'est antivir

    désinstaller norton
    https://www.commentcamarche.net/faq/2453-supprimer-desinstaller-norton-antivirus-norton-internet-security

    desinstaller avast
    https://www.commentcamarche.net/telecharger/securite/22859-utilitaire-de-desinstallation-de-avast/

    ...........................

    2)

    Téléchargez USBFIX de Chiquitine29, C_xx

    http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
    ou
    https://www.ionos.fr/?affiliate_id=77097

    /!\ Utilisateur de vista et windows 7 :
    ne pas oublier de désactiver Le contrôle des comptes utilisateurs
    https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

    /!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

    • Double clic sur le raccourci UsbFix présent sur le bureau .

    • Choisir l'option2
    (d’autres options disponibles, voir le tutoriel).
    • Laissez travailler l'outil.
    Le menu démarrer et les icônes vont disparaître.. c'est normal.

    Si un message te demande de redémarrer l'ordinateur fais le ...

    ● Au redémarrage, le fix se relance... laisses l'opération s'effectuer.

    ● Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse

    • Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    • Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    • Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

    ..........................

    3)
    Téléchargez MalwareByte's Anti-Malware

    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    . Enregistres le sur le bureau
    . Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
    . Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
    . Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
    . Une fois la mise à jour terminé
    . Rend-toi dans l'onglet, Recherche
    . Sélectionnes Exécuter un examen complet
    . Cliques sur Rechercher
    . Le scan démarre.
    . A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    . Cliques sur Ok pour poursuivre.
    . Si des malwares ont été détectés, clique sur Afficher les résultats
    . Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
    . Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
    . Rends toi dans l'onglet rapport/log
    . Tu cliques dessus pour l'afficher, une fois affiché
    . Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
    . Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
    . tu cliques droit dans le cadre de la reponse et coller

    Si tu as besoin d'aide regarde ces tutoriels :
    Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

    0
    1. jb61
       
      Rapport avec UsbFix :


      ############################## | UsbFix V6.067 |

      User : jean-baptiste (Administrateurs) # PC-DE-JEAN-BAPT
      Update on 24/12/2009 by Chiquitine29, C_XX & Chimay8
      Start at: 14:05:30 | 28/12/2009
      Website : http://pagesperso-orange.fr/NosTools/index.html
      Contact : FindyKill.Contact@gmail.com

      AMD Athlon(tm) X2 Dual-Core QL-64
      Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
      Internet Explorer 7.0.6002.18005
      Windows Firewall Status : Enabled

      C:\ -> Disque fixe local # 222,29 Go (101,38 Go free) # NTFS
      D:\ -> Disque fixe local # 10,6 Go (1,79 Go free) [RECOVERY] # NTFS
      E:\ -> Disque CD-ROM # 126,08 Mo (0 Mo free) [livebox] # CDFS
      F:\ -> Disque amovible # 244,48 Mo (177,42 Mo free) # FAT

      ############################## | Processus actifs |

      C:\Windows\System32\smss.exe 464
      C:\Windows\system32\csrss.exe 536
      C:\Windows\system32\wininit.exe 600
      C:\Windows\system32\csrss.exe 612
      C:\Windows\system32\services.exe 648
      C:\Windows\system32\lsass.exe 660
      C:\Windows\system32\lsm.exe 668
      C:\Windows\system32\winlogon.exe 740
      C:\Windows\system32\svchost.exe 852
      C:\Windows\system32\svchost.exe 936
      C:\Windows\system32\Ati2evxx.exe 1036
      C:\Windows\System32\svchost.exe 1052
      C:\Windows\System32\svchost.exe 1096
      C:\Windows\system32\svchost.exe 1168
      C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe 1192
      C:\Windows\system32\SLsvc.exe 1472
      C:\Windows\system32\svchost.exe 1492
      C:\Windows\system32\Ati2evxx.exe 1552
      C:\Windows\system32\Hpservice.exe 1568
      C:\Windows\system32\svchost.exe 1656
      C:\Windows\System32\spoolsv.exe 1944
      C:\Windows\system32\taskeng.exe 2000
      C:\Windows\system32\Dwm.exe 192
      C:\Program Files\Avira\AntiVir Desktop\sched.exe 340
      C:\Windows\system32\svchost.exe 384
      C:\Windows\Explorer.EXE 404
      C:\Windows\system32\taskeng.exe 528
      C:\Windows\system32\runonce.exe 592
      C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe 788
      C:\Windows\system32\conime.exe 512
      C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe 2272
      C:\Program Files\Avira\AntiVir Desktop\avguard.exe 2292
      C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2324
      C:\Windows\system32\svchost.exe 2416
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2496
      C:\Windows\System32\svchost.exe 2556
      C:\Windows\System32\svchost.exe 2600
      C:\Windows\system32\svchost.exe 2632
      C:\Program Files\SMINST\BLService.exe 2652
      C:\Program Files\CyberLink\Shared files\RichVideo.exe 2704
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2728
      C:\Windows\system32\svchost.exe 2780
      C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe 2804
      C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe 2824
      C:\Windows\System32\svchost.exe 2852
      C:\Windows\system32\SearchIndexer.exe 2872
      C:\Windows\system32\wbem\wmiprvse.exe 3208
      C:\Windows\system32\PresentationSettings.exe 3476
      C:\Windows\system32\svchost.exe 3924

      ################## | Elements infectieux |

      Supprimé ! C:\$Recycle.Bin\S-1-5-18
      Supprimé ! C:\$Recycle.Bin\S-1-5-21-1407876068-1395202609-184458217-1000
      Supprimé ! C:\$Recycle.Bin\S-1-5-21-1407876068-1395202609-184458217-500
      Supprimé ! C:\$Recycle.Bin\S-1-5-21-3661256019-2943968800-811760289-500
      Supprimé ! D:\$Recycle.Bin\S-1-5-18
      Supprimé ! D:\$Recycle.Bin\S-1-5-21-1407876068-1395202609-184458217-1000
      Supprimé ! D:\$Recycle.Bin\S-1-5-21-1407876068-1395202609-184458217-500
      Non supprimé ! E:\autorun.inf

      ################## | Registre |

      Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"
      Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"

      ################## | Mountpoints2 |

      Supprimé ! HKCU\...\Explorer\MountPoints2\{ce14a3eb-38b0-11de-824a-806e6f6e6963}\Shell\AutoRun\Command

      ################## | Listing des fichiers présent |

      [27/12/2009 22:19|--a------|21012] C:\Ad-Report-CLEAN[1].log
      [27/12/2009 20:45|--a------|605] C:\Ad-Report-SCAN[1].log
      [27/12/2009 21:11|--a------|22647] C:\Ad-Report-SCAN[2].log
      [27/12/2009 21:40|--a------|605] C:\Ad-Report-SCAN[3].log
      [18/09/2006 22:43|--a------|24] C:\autoexec.bat
      [11/04/2009 07:36|-rahs----|333257] C:\bootmgr
      [18/09/2006 22:43|--a------|10] C:\config.sys
      [26/12/2009 22:57|--a------|286024] C:\ExtractLog.txt
      [?|?|?] C:\hiberfil.sys
      [31/07/2009 02:08|-rahs----|0] C:\IO.SYS
      [31/07/2009 02:08|-rahs----|0] C:\MSDOS.SYS
      [?|?|?] C:\pagefile.sys
      [27/12/2009 13:39|--a------|159] C:\Setup.log
      [28/12/2009 14:09|--a------|4597] C:\UsbFix.txt
      [04/05/2009 14:45|---hs----|13] D:\BLOCK.RIN
      [03/10/2006 22:02|---hs----|438328] D:\bootmgr
      [04/11/2008 16:37|---hs----|1199] D:\Desktop.ini
      [10/09/2002 15:14|---hs----|8134] D:\Folder.htt
      [28/12/2009 14:03|--ahs----|196] D:\MASTER.LOG
      [12/09/2008 16:17|---hs----|381873] D:\protect.arabic
      [15/09/2008 14:57|---hs----|182624] D:\protect.bulgarian
      [16/09/2002 13:37|---hs----|181898] D:\protect.chinese hong kong
      [16/09/2002 13:37|---hs----|181916] D:\protect.chinese simplified
      [16/09/2002 13:37|---hs----|181898] D:\protect.chinese traditional
      [27/04/2006 15:19|---hs----|181865] D:\protect.czech
      [03/11/2005 14:21|---hs----|181726] D:\protect.danish
      [10/09/2002 12:56|---hs----|181605] D:\protect.dutch
      [10/09/2002 12:50|---hs----|181651] D:\protect.ed
      [22/11/2004 14:28|---hs----|181648] D:\protect.english
      [03/11/2005 14:20|---hs----|181673] D:\protect.finnish
      [03/11/2005 14:19|---hs----|181736] D:\protect.french
      [03/11/2005 14:18|---hs----|181669] D:\protect.german
      [23/11/2005 14:56|---hs----|182689] D:\protect.greek
      [23/01/2006 08:18|---hs----|182605] D:\protect.hebrew
      [28/08/2007 13:58|---hs----|181696] D:\protect.hungarian
      [03/11/2005 14:17|---hs----|181554] D:\protect.italian
      [19/06/2007 14:22|---hs----|182351] D:\protect.japanese
      [24/11/2005 10:24|---hs----|218295] D:\protect.korean
      [03/11/2005 14:15|---hs----|181578] D:\protect.norwegian
      [25/04/2006 13:44|---hs----|181789] D:\protect.polish
      [03/11/2005 14:13|---hs----|181624] D:\protect.portuguese
      [27/10/2005 18:24|---hs----|181882] D:\protect.portuguese brazilian
      [15/09/2008 14:57|---hs----|181735] D:\protect.romanian
      [28/06/2004 07:52|---hs----|211936] D:\protect.russian
      [04/07/2007 10:46|---hs----|181954] D:\protect.slovak
      [03/11/2005 14:11|---hs----|181586] D:\protect.spanish
      [10/09/2002 13:15|---hs----|181602] D:\protect.swedish
      [12/08/2003 09:37|---hs----|181783] D:\protect.turkish
      [11/01/2007 10:45|-r-------|60] E:\AUTORUN.inf
      [28/12/2006 11:41|-r-------|47870] E:\Livebox.ico
      [05/09/2005 12:12|-r-------|249856] E:\atw.exe
      [11/01/2007 10:16|-r-------|112] E:\atw.ini
      [09/01/2007 15:12|-r-------|119470] E:\controle_parental.swf
      [09/01/2007 18:13|-r-------|6246] E:\cp.dcr
      [29/01/2006 02:33|-r-------|1206112] E:\installation_livebox.exe
      [01/10/2008 20:08|--a------|1238625] F:\IMGP1698.JPG
      [05/09/2008 01:31|--a------|1260943] F:\IMGP1529.JPG
      [05/09/2008 01:32|--a------|1270354] F:\IMGP1530.JPG
      [05/09/2008 01:36|--a------|1242027] F:\IMGP1538.JPG
      [04/08/2009 15:08|--a------|3214514] F:\IMG_0678.JPG
      [01/10/2008 19:43|--a------|1231656] F:\IMGP1683.JPG
      [26/02/2006 07:00|--a------|1068327] F:\DSCF0950.JPG
      [25/12/2009 17:42|--a------|1170358] F:\DSCF0957.JPG
      [27/02/2006 02:29|--a------|1125374] F:\DSCF0991.JPG
      [27/02/2006 07:43|--a------|1101658] F:\DSCF1011.JPG
      [25/12/2009 17:45|--a------|1189301] F:\DSCF1012.JPG
      [27/02/2006 23:47|--a------|1074021] F:\DSCF1022.JPG
      [25/12/2009 17:46|--a------|1180814] F:\DSCF1037.JPG
      [02/09/2008 13:28|--a------|45681] F:\1992988681_small_1.jpg
      [02/09/2008 13:28|--a------|60039] F:\1993046587_2.jpg
      [31/08/2008 11:12|--a------|947856] F:\ag31-001.jpg
      [30/08/2008 11:59|--a------|2310890] F:\DSC_0019.jpg
      [30/08/2008 19:47|--a------|2713321] F:\DSC_0030a.jpg
      [30/08/2008 19:53|--a------|2574095] F:\DSC_0038a.jpg
      [30/08/2008 19:57|--a------|2647376] F:\DSC_0042a.jpg
      [30/08/2008 12:17|--a------|2370903] F:\DSC_0051.jpg
      [30/08/2008 12:19|--a------|2625229] F:\DSC_0056.jpg
      [30/08/2008 12:20|--a------|2363659] F:\DSC_0061.jpg
      [30/08/2008 12:26|--a------|2419177] F:\DSC_0068.jpg
      [30/08/2008 12:26|--a------|2442810] F:\DSC_0069.jpg
      [30/08/2008 12:27|--a------|2443714] F:\DSC_0070.jpg
      [30/08/2008 13:34|--a------|2437436] F:\DSC_0153.jpg
      [30/08/2008 13:57|--a------|2446602] F:\DSC_0174.jpg
      [30/08/2008 14:05|--a------|2527923] F:\DSC_0180.jpg
      [24/04/2006 01:07|--a------|1148593] F:\DSCF1104.JPG
      [24/04/2006 01:15|--a------|1093448] F:\DSCF1118.JPG
      [06/02/2006 05:51|--a------|1213727] F:\DSCF0848.JPG
      [06/02/2006 05:51|--a------|1128822] F:\DSCF0849.JPG
      [14/06/2008 18:04|--a------|1089212] F:\IMGA0018.JPG
      [14/06/2008 18:45|--a------|1019436] F:\IMGA0039.JPG
      [14/06/2008 19:49|--a------|1074509] F:\IMGA0066.JPG
      [07/06/2008 15:38|--a------|1121449] F:\P6070025.JPG
      [08/06/2008 18:31|--a------|1333219] F:\Photo 025.jpg
      [08/06/2008 18:32|--a------|1089765] F:\Photo 035.jpg
      [08/06/2008 18:32|--a------|1080777] F:\Photo 036.jpg
      [08/06/2008 18:32|--a------|1037548] F:\Photo 037.jpg
      [08/06/2008 18:32|--a------|961114] F:\Photo 038.jpg
      [08/06/2008 18:32|--a------|988035] F:\Photo 039.jpg
      [08/06/2008 18:32|--a------|950048] F:\Photo 040.jpg
      [08/06/2008 18:32|--a------|965412] F:\Photo 041.jpg
      [08/06/2008 18:32|--a------|989128] F:\Photo 042.jpg
      [08/06/2008 18:32|--a------|1161005] F:\Photo 046.jpg
      [25/08/2007 17:16|-r-h-----|23934] F:\winamp_cache_0001.xml
      [07/11/2007 19:22|--ah-----|296] F:\WMPInfo.xml

      ################## | Vaccination |

      # C:\autorun.inf -> Dossier créé par UsbFix.
      # D:\autorun.inf -> Dossier créé par UsbFix.
      # F:\autorun.inf -> Dossier créé par UsbFix.

      ################## | Cracks / Keygens / Serials |
      0
  8. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    vu

    maintenant MalwareByte's Anti-Malware
    0
    1. jb61
       
      Je suis en train de faire l'examen complet avec MalwareByte's Anti-Malware.

      Je vous tient au courant des qu'il sera terminé.
      0
      1. jb61 > jb61
         
        rapport avec MalwareByte's Anti-Malware:

        Malwarebytes' Anti-Malware 1.42
        Version de la base de données: 3444
        Windows 6.0.6002 Service Pack 2
        Internet Explorer 7.0.6002.18005

        28/12/2009 23:17:38
        mbam-log-2009-12-28 (23-17-38).txt

        Type de recherche: Examen complet (C:\|D:\|)
        Eléments examinés: 373999
        Temps écoulé: 2 hour(s), 59 minute(s), 16 second(s)

        Processus mémoire infecté(s): 0
        Module(s) mémoire infecté(s): 0
        Clé(s) du Registre infectée(s): 12
        Valeur(s) du Registre infectée(s): 1
        Elément(s) de données du Registre infecté(s): 0
        Dossier(s) infecté(s): 0
        Fichier(s) infecté(s): 14

        Processus mémoire infecté(s):
        (Aucun élément nuisible détecté)

        Module(s) mémoire infecté(s):
        (Aucun élément nuisible détecté)

        Clé(s) du Registre infectée(s):
        HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.

        Valeur(s) du Registre infectée(s):
        HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\zango@zango.com (Adware.Zango) -> Quarantined and deleted successfully.

        Elément(s) de données du Registre infecté(s):
        (Aucun élément nuisible détecté)

        Dossier(s) infecté(s):
        (Aucun élément nuisible détecté)

        Fichier(s) infecté(s):
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\GAMEZT~1\213~1.667\ProductInfo.dll.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibcom.dll.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibidl.dll.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibsvc.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibupt.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\WINSUD~1\gibusr.exe.vir (Adware.Gibmedia) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\48C8FBD2\B94081D6\ProductInfo.dll.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\aiaSetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\CMWSetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\ITSetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\ProductInfo.dll.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\psksetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\sessetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\{CA8CD~1\OFFLINE\MFILEB~1.DLL\bag\TPSetup.exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
        0
      2. jb61 > jb61
         
        Merci beaucoup pour ton aide !!
        0
  9. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    vu

    tu peux vider la quarantaine

    comment va le pc maintenant ?

    fais un nouveau RSIT et postes moi le rapport log qu'on nettoie tout ca

    0
    1. jb61
       
      Pour l'instant j'ai plus de problème avec les publicités, en espérant que ça dur !

      Rapport avec RSIT:

      Logfile of random's system information tool 1.06 (written by random/random)
      Run by jean-baptiste at 2009-12-29 16:45:29
      Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
      System drive C: has 103 GB (45%) free of 228 GB
      Total RAM: 3068 MB (60% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 16:45:33, on 29/12/2009
      Platform: Windows Vista SP2 (WinNT 6.00.1906)
      MSIE: Internet Explorer v7.00 (7.00.6002.18005)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Windows\system32\taskeng.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
      C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
      C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
      C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      C:\Program Files\IDT\WDM\sttray.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
      C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\uTorrent\uTorrent.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Windows\ehome\ehmsas.exe
      C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
      C:\Program Files\Windows Live\Contacts\wlcomm.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Users\jean-baptiste\Downloads\RSIT.exe
      C:\Program Files\Trend Micro\HijackThis\jean-baptiste.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
      O1 - Hosts: ::1 localhost
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
      O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
      O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
      O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
      O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
      O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
      O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
      O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
      O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
      O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
      O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
      O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
      O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
      O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
      O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
      O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
      O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
      O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
      O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
      O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O13 - Gopher Prefix:
      O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
      O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe
      O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
      O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
      O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
      O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
      O23 - Service: Service Google Update (gupdate1c9e92765deed0d) (gupdate1c9e92765deed0d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
      O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe
      O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
      O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
      0
  10. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ca va durer..

    Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)

    ▶ Télécharge et installe List&Kill'em et enregistre le sur ton bureau
    http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe

    double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

    coche la case "creer une icone sur le bureau"

    une fois terminée , clic sur "terminer" et le programme se lancer seul

    choisis la langue puis choisis l'option 1 = Mode Recherche

    ▶ laisse travailler l'outil

    à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

    un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

    ▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

    tu peux supprimer le rapport catchme.log de ton bureau maintenant.
    0
  11. jb61 Messages postés 3 Statut Membre
     
    Rapport du scan avec List&Kill'em:

    List'em by g3n-h@ckm@n 1.1.6.2

    Thx to Chiquitine29.....& CCM team

    User : jean-baptiste (Administrateurs) # PC-DE-JEAN-BAPT
    Update on 28/12/2009 by g3n-h@ckm@n ::::: 01:30
    Start at: 17:04:44 | 29/12/2009
    Contact : g3n-h@ckm@n sur CCM

    AMD Athlon(tm) X2 Dual-Core QL-64
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 7.0.6002.18005
    Windows Firewall Status : Disabled

    C:\ -> Disque fixe local | 222,29 Go (100,5 Go free) | NTFS
    D:\ -> Disque fixe local | 10,6 Go (1,79 Go free) [RECOVERY] | NTFS
    E:\ -> Disque CD-ROM | 126,08 Mo (0 Mo free) [livebox] | CDFS

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

    C:\Windows\System32\smss.exe 408
    C:\Windows\system32\csrss.exe 536
    C:\Windows\system32\wininit.exe 600
    C:\Windows\system32\csrss.exe 612
    C:\Windows\system32\services.exe 648
    C:\Windows\system32\lsass.exe 664
    C:\Windows\system32\lsm.exe 672
    C:\Windows\system32\winlogon.exe 752
    C:\Windows\system32\svchost.exe 860
    C:\Windows\system32\svchost.exe 940
    C:\Windows\system32\Ati2evxx.exe 1048
    C:\Windows\System32\svchost.exe 1068
    C:\Windows\System32\svchost.exe 1100
    C:\Windows\system32\svchost.exe 1112
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe 1160
    C:\Windows\system32\SLsvc.exe 1436
    C:\Windows\system32\svchost.exe 1472
    C:\Windows\system32\Ati2evxx.exe 1516
    C:\Windows\system32\Hpservice.exe 1572
    C:\Windows\system32\svchost.exe 1676
    C:\Windows\system32\Dwm.exe 1828
    C:\Windows\Explorer.EXE 1864
    C:\Windows\System32\spoolsv.exe 2032
    C:\Windows\system32\taskeng.exe 2040
    C:\Program Files\Avira\AntiVir Desktop\sched.exe 276
    C:\Windows\system32\svchost.exe 304
    C:\Windows\system32\taskeng.exe 508
    C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe 1688
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe 1800
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe 544
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 1776
    C:\Windows\system32\svchost.exe 2108
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2252
    C:\Windows\System32\svchost.exe 2288
    C:\Windows\System32\svchost.exe 2340
    C:\Windows\system32\svchost.exe 2356
    C:\Program Files\SMINST\BLService.exe 2376
    C:\Program Files\CyberLink\Shared files\RichVideo.exe 2424
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2464
    C:\Windows\system32\svchost.exe 2512
    C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe 2552
    C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe 2572
    C:\Windows\System32\svchost.exe 2664
    C:\Windows\system32\SearchIndexer.exe 2692
    C:\Windows\system32\svchost.exe 3464
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3856
    C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe 3892
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe 3948
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe 3976
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 4012
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe 4040
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe 2500
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe 2476
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe 1244
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe 1592
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe 428
    C:\Program Files\IDT\WDM\sttray.exe 2436
    C:\Windows\system32\wbem\unsecapp.exe 1632
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2116
    C:\Program Files\Java\jre6\bin\jusched.exe 2332
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe 320
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe 2372
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2604
    C:\Windows\ehome\ehtray.exe 2628
    C:\Program Files\uTorrent\uTorrent.exe 2132
    C:\Windows\system32\wbem\wmiprvse.exe 1348
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 3052
    C:\Windows\ehome\ehmsas.exe 996
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 768
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe 2880
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe 1256
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 3984
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 3532
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 4068
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3528
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 1216
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 3236
    C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe 3228
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 5180
    C:\Program Files\Windows Live\Contacts\wlcomm.exe 5352
    C:\Program Files\Mozilla Firefox\firefox.exe 5620
    C:\Windows\System32\NOTEPAD.EXE 3064
    C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe 5252
    C:\Windows\system32\SearchProtocolHost.exe 3636
    C:\Windows\system32\SearchFilterHost.exe 5600
    C:\Program Files\List_Kill'em\List_Kill'em.exe 6060
    C:\Windows\system32\conime.exe 312
    C:\Windows\system32\cmd.exe 2184
    C:\Windows\system32\wbem\wmiprvse.exe 2180
    C:\Users\jean-baptiste\AppData\Local\Temp\40F8.tmp\pv.exe 3404

    ======================
    Keys "Run"
    ======================
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    LightScribe Control Panel REG_SZ C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    HPAdvisor REG_SZ C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
    msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
    Steam REG_SZ C:\Program Files\Steam\Steam.exe -silent
    RGSC REG_SZ C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
    swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    uTorrent REG_SZ "C:\Program Files\uTorrent\uTorrent.exe"
    ccleaner REG_SZ "C:\Program Files\CCleaner\ccleaner.exe" /AUTO

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    StartCCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    DVDAgent REG_SZ "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
    TSMAgent REG_SZ "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
    CLMLServer for HP TouchSmart REG_SZ "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
    TVAgent REG_SZ "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
    UCam_Menu REG_SZ "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
    SmartMenu REG_EXPAND_SZ %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    UpdateLBPShortCut REG_SZ "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    UpdatePSTShortCut REG_SZ "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    QlbCtrl.exe REG_SZ C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    UpdateP2GoShortCut REG_SZ "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    UpdatePDIRShortCut REG_SZ "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    HP Health Check Scheduler REG_SZ c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    WirelessAssistant REG_SZ C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    hpqSRMon REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    SystrayORAHSS REG_SZ "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    TkBellExe REG_SZ "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    SysTrayApp REG_EXPAND_SZ %ProgramFiles%\IDT\WDM\sttray.exe
    avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

    =====================
    Other Keys
    =====================
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    ConsentPromptBehaviorAdmin REG_DWORD 2 (0x2)
    ConsentPromptBehaviorUser REG_DWORD 1 (0x1)
    EnableInstallerDetection REG_DWORD 1 (0x1)
    EnableLUA REG_DWORD 0 (0x0)
    EnableSecureUIAPaths REG_DWORD 1 (0x1)
    EnableVirtualization REG_DWORD 1 (0x1)
    PromptOnSecureDesktop REG_DWORD 1 (0x1)
    ValidateAdminCodeSignatures REG_DWORD 0 (0x0)
    dontdisplaylastusername REG_DWORD 0 (0x0)
    legalnoticecaption REG_SZ
    legalnoticetext REG_SZ
    scforceoption REG_DWORD 0 (0x0)
    shutdownwithoutlogon REG_DWORD 1 (0x1)
    undockwithoutlogon REG_DWORD 1 (0x1)
    FilterAdministratorToken REG_DWORD 0 (0x0)
    EnableUIADesktopToggle REG_DWORD 0 (0x0)
    DisableStatusMessages REG_DWORD 0 (0x0)

    ===============
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    NoDriveTypeAutoRun REG_DWORD 128 (0x80)
    NoDriveAutoRun REG_DWORD 128 (0x80)
    HonorAutoRunSetting REG_DWORD 0 (0x0)

    ===============
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    BindDirectlyToPropertySetStorage REG_DWORD 0 (0x0)
    NoDriveAutoRun REG_DWORD 128 (0x80)
    NoDriveTypeAutoRun REG_DWORD 128 (0x80)
    HonorAutoRunSetting REG_DWORD 0 (0x0)

    ===============
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    AppInit_DLLS REG_SZ

    ===============

    ===============
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    {E54729E8-BB3D-4270-9D49-7389EA579090} REG_SZ EasyBits Security Shield Hook - prevents launching insecure programs by kids

    ===============
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe REG_SZ C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ===============
    BHO :
    ======
    [<NO NAME> REG_SZ ]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

    ================
    Internet Explorer :
    ================
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    Start Page REG_SZ https://www.msn.com/fr-fr

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    Start Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

    ========
    Services
    ========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

    Ndisuio : 0x3
    EapHost : 0x3
    Wlansvc : 0x2
    SharedAccess : 0x3
    windefend : 0x2
    wuauserv : 0x2
    wscsvc : 0x2

    =========

    E:\Autorun.inf :
    ----------------
    [autorun]
    icon=Livebox.ico
    open=installation_livebox.exe

    =======
    Drive :
    =======

    D‚fragmenteur de disque Windows
    Copyright (c) 2006 Microsoft Corp.

    Rapport d'analyse pour le volume C:

    Taille du volume = 222 Go
    Espace libre = 101 Go
    tendue d'espace libre la plus grande = 53.13 Go
    Pourcentage de fragmentation des fichiers = 5 %

    Remarqueÿ: sur les volumes NTFS, les fragments de fichiers de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.

    Il n'est pas n‚cessaire de d‚fragmenter ce volume.

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
    C:\Windows\System32\EZUPBH~1.DLL

    ¤¤¤¤¤¤¤¤¤¤ Keys :

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks "{E54729E8-BB3D-4270-9D49-7389EA579090}"
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker"
    HKCR\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090}
    HKCR\ezUPBHook.ShellObj
    HKCR\ezUPBHook.ShellObj.1
    HKCR\Install.Install
    HKCR\Install.Install\CLSID
    HKCR\Install.Install\CurVer
    HKCR\Install.Install.1
    HKCR\Install.Install.1\CLSID
    HKCR\TypeLib\{478CAB91-9E28-11D4-97FF-0050047D51FB}
    HKLM\SYSTEM\ControlSet001\Enum\Root\Legacy_BHDRVX86
    HKLM\SYSTEM\ControlSet002\Enum\Root\Legacy_BHDRVX86

    ================
    Other infections
    ================

    catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-29 17:15:14
    Windows 6.0.6002 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    user & kernel MBR OK

    ==========
    Programs
    ==========

    Activation Assistant for the 2007 Microsoft Office suites
    Ad-Remover
    Adobe
    Alwil Software
    AMD
    AOL
    Apple Software Update
    Atheros
    ATI
    ATI Technologies
    Avira
    AviSynth 2.5
    Capcom
    CCleaner
    Codemasters
    Common Files
    Conduit
    CyberLink
    desktop.ini
    DIFX
    DivX
    DJ Mix Lite
    EA Sports
    EasyBits For Kids
    eRightSoft
    Fichiers communs
    Frets on Fire
    Google
    Hewlett-Packard
    Hewlett-Packard Company
    HP
    HP Games
    IDT
    InstallShield Installation Information
    Internet Explorer
    Java
    JMicron
    LimeWire
    List_Kill'em
    Malwarebytes' Anti-Malware
    Micro Application
    Microsoft
    Microsoft Games
    Microsoft Office
    Microsoft Silverlight
    Microsoft SQL Server Compact Edition
    Microsoft Sync Framework
    Microsoft Works
    Microsoft.NET
    Movie Maker
    Mozilla Firefox
    MSBuild
    MSXML 4.0
    muvee Technologies
    MyPlayCity
    MyPlayCity.com
    Norton Support
    Online Services
    OpenAL
    OrangeHSS
    Pvm
    QuickTime
    Real
    Realtek
    Reference Assemblies
    Securitoo
    Skyline
    SMINST
    Steam
    Synaptics
    Trend Micro
    Trials 2 Second Edition
    Ubi Soft
    Ubisoft
    UltraMixer
    Uninstall Information
    uTorrent
    VideoLAN
    VirtualDJ
    Wanadoo
    Windows Calendar
    Windows Collaboration
    Windows Defender
    Windows Journal
    Windows Live
    Windows Live SkyDrive
    Windows Mail
    Windows Media Player
    Windows NT
    Windows Photo Gallery
    Windows Portable Devices
    Windows Sidebar
    WinRAR

    ============
    Lecteur C:
    ============

    $RECYCLE.BIN
    .jagex_cache_32
    Ad-Report-CLEAN[1].log
    Ad-Report-SCAN[1].log
    Ad-Report-SCAN[2].log
    Ad-Report-SCAN[3].log
    autoexec.bat
    autorun.inf
    boot
    bootmgr
    config.sys
    Documents and Settings
    ExtractLog.txt
    Games
    hiberfil.sys
    HP
    IO.SYS
    Kill'em
    List'em.txt
    MSDOS.SYS
    MSOCache
    OtsLabs
    pagefile.sys
    PerfLogs
    Poker
    Program Files
    ProgramData
    rsit
    Securitoo
    Setup.log
    SWSetup
    System Volume Information
    System.sav
    TEMP
    UsbFix
    UsbFix.txt
    Users
    Windows

    ¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\PatchNew.py
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\PatchSEditorX_PDRFULL.bat
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLAUD.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLDemuxer.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLDumpDispatch.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLEdtDemuxer.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLM4Muxer.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLM4Splt.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLMediaDetect.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLMPEGVAnalyzer.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLMpgSplitter.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLSEditorMuxGraph.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLSEditorPushSrc.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLSEditorSplitGraph.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_CLSEditorX.ini
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\SVRT3\debug\PatchTool\Template_MpgMuxer.ini
    C:\Program Files\HP Games\Polar Pool\levels\ice_cave\scene\crack.jpg
    C:\Program Files\HP Games\Polar Pool\levels\ice_cave\scene\crack_alpha.jpg
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m23s\Patch-05-05-2009-16h06m23s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m23s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m27s\Patch-05-05-2009-16h06m27s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m27s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m30s\Patch-05-05-2009-16h06m30s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m30s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m33s\Patch-05-05-2009-16h06m33s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m33s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m38s\Patch-05-05-2009-16h06m38s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m38s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m42s\Patch-05-05-2009-16h06m42s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m42s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m45s\Patch-05-05-2009-16h06m45s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m45s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m49s\Patch-05-05-2009-16h06m49s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m49s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m53s\Patch-05-05-2009-16h06m53s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m53s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m56s\Patch-05-05-2009-16h06m56s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m56s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m58s\Patch-05-05-2009-16h06m58s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h06m58s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m01s\Patch-05-05-2009-16h07m01s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m01s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m05s\Patch-05-05-2009-16h07m05s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m05s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m08s\Patch-05-05-2009-16h07m08s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m08s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m12s\Patch-05-05-2009-16h07m12s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m12s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m16s\Patch-05-05-2009-16h07m16s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m16s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m19s\Patch-05-05-2009-16h07m19s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m19s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m22s\Patch-05-05-2009-16h07m22s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m22s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m26s\Patch-05-05-2009-16h07m26s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m26s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m31s\Patch-05-05-2009-16h07m31s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m31s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m34s\Patch-05-05-2009-16h07m34s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-16h07m34s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-19h58m57s\Patch-05-05-2009-19h58m57s.log
    C:\ProgramData\NortonInstaller\Logs\05-05-2009-19h58m57s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\05-06-2009-17h47m51s\Patch-05-06-2009-17h47m51s.log
    C:\ProgramData\NortonInstaller\Logs\05-06-2009-17h47m51s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-21-2009-10h40m17s\Patch-08-21-2009-10h40m17s.log
    C:\ProgramData\NortonInstaller\Logs\08-21-2009-10h40m17s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-21-2009-10h40m19s\Patch-08-21-2009-10h40m19s.log
    C:\ProgramData\NortonInstaller\Logs\08-21-2009-10h40m19s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-21-2009-14h04m09s\Patch-08-21-2009-14h04m09s.log
    C:\ProgramData\NortonInstaller\Logs\08-21-2009-14h04m09s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-22-2009-08h23m16s\Patch-08-22-2009-08h23m16s.log
    C:\ProgramData\NortonInstaller\Logs\08-22-2009-08h23m16s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-23-2009-19h02m33s\Patch-08-23-2009-19h02m33s.log
    C:\ProgramData\NortonInstaller\Logs\08-23-2009-19h02m33s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-23-2009-19h20m51s\Patch-08-23-2009-19h20m51s.log
    C:\ProgramData\NortonInstaller\Logs\08-23-2009-19h20m51s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-25-2009-12h24m59s\Patch-08-25-2009-12h24m59s.log
    C:\ProgramData\NortonInstaller\Logs\08-25-2009-12h24m59s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-26-2009-09h58m51s\Patch-08-26-2009-09h58m51s.log
    C:\ProgramData\NortonInstaller\Logs\08-26-2009-09h58m51s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-27-2009-11h22m00s\Patch-08-27-2009-11h22m00s.log
    C:\ProgramData\NortonInstaller\Logs\08-27-2009-11h22m00s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-27-2009-15h39m44s\Patch-08-27-2009-15h39m44s.log
    C:\ProgramData\NortonInstaller\Logs\08-27-2009-15h39m44s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-28-2009-10h47m19s\Patch-08-28-2009-10h47m19s.log
    C:\ProgramData\NortonInstaller\Logs\08-28-2009-10h47m19s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-29-2009-10h25m49s\Patch-08-29-2009-10h25m49s.log
    C:\ProgramData\NortonInstaller\Logs\08-29-2009-10h25m49s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-30-2009-12h05m51s\Patch-08-30-2009-12h05m51s.log
    C:\ProgramData\NortonInstaller\Logs\08-30-2009-12h05m51s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\08-31-2009-11h45m51s\Patch-08-31-2009-11h45m51s.log
    C:\ProgramData\NortonInstaller\Logs\08-31-2009-11h45m51s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-01-2009-11h02m09s\Patch-09-01-2009-11h02m09s.log
    C:\ProgramData\NortonInstaller\Logs\09-01-2009-11h02m09s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-02-2009-14h07m12s\Patch-09-02-2009-14h07m12s.log
    C:\ProgramData\NortonInstaller\Logs\09-02-2009-14h07m12s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-03-2009-18h54m50s\Patch-09-03-2009-18h54m51s.log
    C:\ProgramData\NortonInstaller\Logs\09-03-2009-18h54m50s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-04-2009-19h47m13s\Patch-09-04-2009-19h47m13s.log
    C:\ProgramData\NortonInstaller\Logs\09-04-2009-19h47m13s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-05-2009-12h04m40s\Patch-09-05-2009-12h04m40s.log
    C:\ProgramData\NortonInstaller\Logs\09-05-2009-12h04m40s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-00h42m00s\Patch-09-06-2009-00h42m00s.log
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-00h42m00s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-19h14m14s\Patch-09-06-2009-19h14m14s.log
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-19h14m14s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-20h51m41s\Patch-09-06-2009-20h51m41s.log
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-20h51m41s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-21h07m23s\Patch-09-06-2009-21h07m23s.log
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-21h07m23s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-21h22m41s\Patch-09-06-2009-21h22m43s.log
    C:\ProgramData\NortonInstaller\Logs\09-06-2009-21h22m41s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-07-2009-18h31m14s\Patch-09-07-2009-18h31m14s.log
    C:\ProgramData\NortonInstaller\Logs\09-07-2009-18h31m14s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-07-2009-20h27m00s\Patch-09-07-2009-20h27m00s.log
    C:\ProgramData\NortonInstaller\Logs\09-07-2009-20h27m00s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-08-2009-15h21m30s\Patch-09-08-2009-15h21m30s.log
    C:\ProgramData\NortonInstaller\Logs\09-08-2009-15h21m30s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-08-2009-18h05m45s\Patch-09-08-2009-18h05m45s.log
    C:\ProgramData\NortonInstaller\Logs\09-08-2009-18h05m45s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-09-2009-15h37m12s\Patch-09-09-2009-15h37m12s.log
    C:\ProgramData\NortonInstaller\Logs\09-09-2009-15h37m12s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-09-2009-17h10m33s\Patch-09-09-2009-17h10m33s.log
    C:\ProgramData\NortonInstaller\Logs\09-09-2009-17h10m33s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-18h57m07s\Patch-09-10-2009-18h57m08s.log
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-18h57m07s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m12s\Patch-09-10-2009-19h08m12s.log
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m12s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m14s\Patch-09-10-2009-19h08m14s.log
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m14s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m16s\Patch-09-10-2009-19h08m16s.log
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m16s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m20s\Patch-09-10-2009-19h08m20s.log
    C:\ProgramData\NortonInstaller\Logs\09-10-2009-19h08m20s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h04m29s\Patch-09-11-2009-17h04m29s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h04m29s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m06s\Patch-09-11-2009-17h16m06s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m06s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m10s\Patch-09-11-2009-17h16m10s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m10s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m15s\Patch-09-11-2009-17h16m15s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m15s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m24s\Patch-09-11-2009-17h16m24s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m24s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m29s\Patch-09-11-2009-17h16m29s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m29s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m33s\Patch-09-11-2009-17h16m33s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m33s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m42s\Patch-09-11-2009-17h16m42s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m42s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m47s\Patch-09-11-2009-17h16m47s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m47s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m52s\Patch-09-11-2009-17h16m52s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m52s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m55s\Patch-09-11-2009-17h16m55s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m55s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m57s\Patch-09-11-2009-17h16m57s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h16m57s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m01s\Patch-09-11-2009-17h17m01s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m01s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m04s\Patch-09-11-2009-17h17m04s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m04s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m06s\Patch-09-11-2009-17h17m06s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m06s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m09s\Patch-09-11-2009-17h17m09s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m09s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m12s\Patch-09-11-2009-17h17m12s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-17h17m12s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-21h24m57s\Patch-09-11-2009-21h24m57s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-21h24m57s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-12-2009-00h00m51s\Patch-09-12-2009-00h00m51s.log
    C:\ProgramData\NortonInstaller\Logs\09-12-2009-00h00m51s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-12-2009-04h15m41s\Patch-09-12-2009-04h15m41s.log
    C:\ProgramData\NortonInstaller\Logs\09-12-2009-04h15m41s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m23s\Patch-05-05-2009-16h06m23s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m23s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m27s\Patch-05-05-2009-16h06m27s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m27s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m30s\Patch-05-05-2009-16h06m30s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m30s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m33s\Patch-05-05-2009-16h06m33s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m33s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m38s\Patch-05-05-2009-16h06m38s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m38s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m42s\Patch-05-05-2009-16h06m42s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m42s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m45s\Patch-05-05-2009-16h06m45s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m45s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m49s\Patch-05-05-2009-16h06m49s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m49s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m53s\Patch-05-05-2009-16h06m53s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m53s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m56s\Patch-05-05-2009-16h06m56s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m56s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m58s\Patch-05-05-2009-16h06m58s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h06m58s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m01s\Patch-05-05-2009-16h07m01s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m01s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m05s\Patch-05-05-2009-16h07m05s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m05s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m08s\Patch-05-05-2009-16h07m08s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m08s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m12s\Patch-05-05-2009-16h07m12s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m12s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m16s\Patch-05-05-2009-16h07m16s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m16s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m19s\Patch-05-05-2009-16h07m19s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m19s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m22s\Patch-05-05-2009-16h07m22s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m22s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m26s\Patch-05-05-2009-16h07m26s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m26s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m31s\Patch-05-05-2009-16h07m31s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m31s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m34s\Patch-05-05-2009-16h07m34s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-16h07m34s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-19h58m57s\Patch-05-05-2009-19h58m57s.log
    C:\Users\All Users\NortonInstaller\Logs\05-05-2009-19h58m57s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\05-06-2009-17h47m51s\Patch-05-06-2009-17h47m51s.log
    C:\Users\All Users\NortonInstaller\Logs\05-06-2009-17h47m51s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-21-2009-10h40m17s\Patch-08-21-2009-10h40m17s.log
    C:\Users\All Users\NortonInstaller\Logs\08-21-2009-10h40m17s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-21-2009-10h40m19s\Patch-08-21-2009-10h40m19s.log
    C:\Users\All Users\NortonInstaller\Logs\08-21-2009-10h40m19s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-21-2009-14h04m09s\Patch-08-21-2009-14h04m09s.log
    C:\Users\All Users\NortonInstaller\Logs\08-21-2009-14h04m09s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-22-2009-08h23m16s\Patch-08-22-2009-08h23m16s.log
    C:\Users\All Users\NortonInstaller\Logs\08-22-2009-08h23m16s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-23-2009-19h02m33s\Patch-08-23-2009-19h02m33s.log
    C:\Users\All Users\NortonInstaller\Logs\08-23-2009-19h02m33s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-23-2009-19h20m51s\Patch-08-23-2009-19h20m51s.log
    C:\Users\All Users\NortonInstaller\Logs\08-23-2009-19h20m51s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-25-2009-12h24m59s\Patch-08-25-2009-12h24m59s.log
    C:\Users\All Users\NortonInstaller\Logs\08-25-2009-12h24m59s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-26-2009-09h58m51s\Patch-08-26-2009-09h58m51s.log
    C:\Users\All Users\NortonInstaller\Logs\08-26-2009-09h58m51s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-27-2009-11h22m00s\Patch-08-27-2009-11h22m00s.log
    C:\Users\All Users\NortonInstaller\Logs\08-27-2009-11h22m00s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-27-2009-15h39m44s\Patch-08-27-2009-15h39m44s.log
    C:\Users\All Users\NortonInstaller\Logs\08-27-2009-15h39m44s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-28-2009-10h47m19s\Patch-08-28-2009-10h47m19s.log
    C:\Users\All Users\NortonInstaller\Logs\08-28-2009-10h47m19s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-29-2009-10h25m49s\Patch-08-29-2009-10h25m49s.log
    C:\Users\All Users\NortonInstaller\Logs\08-29-2009-10h25m49s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-30-2009-12h05m51s\Patch-08-30-2009-12h05m51s.log
    C:\Users\All Users\NortonInstaller\Logs\08-30-2009-12h05m51s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\08-31-2009-11h45m51s\Patch-08-31-2009-11h45m51s.log
    C:\Users\All Users\NortonInstaller\Logs\08-31-2009-11h45m51s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-01-2009-11h02m09s\Patch-09-01-2009-11h02m09s.log
    C:\Users\All Users\NortonInstaller\Logs\09-01-2009-11h02m09s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-02-2009-14h07m12s\Patch-09-02-2009-14h07m12s.log
    C:\Users\All Users\NortonInstaller\Logs\09-02-2009-14h07m12s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-03-2009-18h54m50s\Patch-09-03-2009-18h54m51s.log
    C:\Users\All Users\NortonInstaller\Logs\09-03-2009-18h54m50s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-04-2009-19h47m13s\Patch-09-04-2009-19h47m13s.log
    C:\Users\All Users\NortonInstaller\Logs\09-04-2009-19h47m13s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-05-2009-12h04m40s\Patch-09-05-2009-12h04m40s.log
    C:\Users\All Users\NortonInstaller\Logs\09-05-2009-12h04m40s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-00h42m00s\Patch-09-06-2009-00h42m00s.log
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-00h42m00s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-19h14m14s\Patch-09-06-2009-19h14m14s.log
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-19h14m14s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-20h51m41s\Patch-09-06-2009-20h51m41s.log
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-20h51m41s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-21h07m23s\Patch-09-06-2009-21h07m23s.log
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-21h07m23s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-21h22m41s\Patch-09-06-2009-21h22m43s.log
    C:\Users\All Users\NortonInstaller\Logs\09-06-2009-21h22m41s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-07-2009-18h31m14s\Patch-09-07-2009-18h31m14s.log
    C:\Users\All Users\NortonInstaller\Logs\09-07-2009-18h31m14s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-07-2009-20h27m00s\Patch-09-07-2009-20h27m00s.log
    C:\Users\All Users\NortonInstaller\Logs\09-07-2009-20h27m00s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-08-2009-15h21m30s\Patch-09-08-2009-15h21m30s.log
    C:\Users\All Users\NortonInstaller\Logs\09-08-2009-15h21m30s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-08-2009-18h05m45s\Patch-09-08-2009-18h05m45s.log
    C:\Users\All Users\NortonInstaller\Logs\09-08-2009-18h05m45s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-09-2009-15h37m12s\Patch-09-09-2009-15h37m12s.log
    C:\Users\All Users\NortonInstaller\Logs\09-09-2009-15h37m12s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-09-2009-17h10m33s\Patch-09-09-2009-17h10m33s.log
    C:\Users\All Users\NortonInstaller\Logs\09-09-2009-17h10m33s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-18h57m07s\Patch-09-10-2009-18h57m08s.log
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-18h57m07s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m12s\Patch-09-10-2009-19h08m12s.log
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m12s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m14s\Patch-09-10-2009-19h08m14s.log
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m14s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m16s\Patch-09-10-2009-19h08m16s.log
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m16s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m20s\Patch-09-10-2009-19h08m20s.log
    C:\Users\All Users\NortonInstaller\Logs\09-10-2009-19h08m20s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h04m29s\Patch-09-11-2009-17h04m29s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h04m29s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m06s\Patch-09-11-2009-17h16m06s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m06s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m10s\Patch-09-11-2009-17h16m10s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m10s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m15s\Patch-09-11-2009-17h16m15s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m15s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m24s\Patch-09-11-2009-17h16m24s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m24s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m29s\Patch-09-11-2009-17h16m29s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m29s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m33s\Patch-09-11-2009-17h16m33s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m33s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m42s\Patch-09-11-2009-17h16m42s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m42s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m47s\Patch-09-11-2009-17h16m47s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m47s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m52s\Patch-09-11-2009-17h16m52s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m52s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m55s\Patch-09-11-2009-17h16m55s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m55s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m57s\Patch-09-11-2009-17h16m57s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h16m57s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m01s\Patch-09-11-2009-17h17m01s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m01s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m04s\Patch-09-11-2009-17h17m04s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m04s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m06s\Patch-09-11-2009-17h17m06s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m06s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m09s\Patch-09-11-2009-17h17m09s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m09s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m12s\Patch-09-11-2009-17h17m12s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-17h17m12s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-21h24m57s\Patch-09-11-2009-21h24m57s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-21h24m57s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-12-2009-00h00m51s\Patch-09-12-2009-00h00m51s.log
    C:\Users\All Users\NortonInstaller\Logs\09-12-2009-00h00m51s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-12-2009-04h15m41s\Patch-09-12-2009-04h15m41s.log
    C:\Users\All Users\NortonInstaller\Logs\09-12-2009-04h15m41s\Patch.1.mft.7z
    C:\Program Files\Microsoft Works\Install.exe
    C:\SWSetup\MSWorks\Install.exe
    C:\SWSetup\MSWorks\PFiles\MSWorks\Install.exe
    C:\Windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  12. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ▶ Relance List&Kill'em avec le raccourci sur ton bureau ,

    mais cette fois-ci :

    ▶ choisis l'option 2 = Mode Suppression

    laisse travailler l'outil.

    en fin de scan un rapport s'ouvre

    ▶ colle le contenu dans ta reponse

    .................

    ce soir ou demain je t'enverrai un post pour nettoyer..
    0
    1. jb61
       
      Dsl de répondre que maintenant, j'étais occupé ces derniers jours.


      rapport avec List&Kill'em:


      Kill'em by g3n-h@ckm@n 1.1.6.2

      User : jean-baptiste (Administrateurs) # PC-DE-JEAN-BAPT
      Update on 28/12/2009 by g3n-h@ckm@n ::::: 01:30
      Start at: 11:56:46 | 31/12/2009
      Contact : g3n-h@ckm@n sur CCM

      AMD Athlon(tm) X2 Dual-Core QL-64
      Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
      Internet Explorer 7.0.6002.18005
      Windows Firewall Status : Enabled

      C:\ -> Disque fixe local | 222,29 Go (99,32 Go free) | NTFS
      D:\ -> Disque fixe local | 10,6 Go (1,79 Go free) [RECOVERY] | NTFS
      E:\ -> Disque CD-ROM | 6,43 Go (0 Mo free) [GRID] | UDF


      ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

      C:\Windows\System32\smss.exe 468
      C:\Windows\system32\csrss.exe 536
      C:\Windows\system32\wininit.exe 600
      C:\Windows\system32\csrss.exe 608
      C:\Windows\system32\services.exe 648
      C:\Windows\system32\lsass.exe 660
      C:\Windows\system32\lsm.exe 672
      C:\Windows\system32\winlogon.exe 756
      C:\Windows\system32\svchost.exe 856
      C:\Windows\system32\svchost.exe 936
      C:\Windows\system32\Ati2evxx.exe 1036
      C:\Windows\System32\svchost.exe 1052
      C:\Windows\System32\svchost.exe 1084
      C:\Windows\system32\svchost.exe 1104
      C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe 1136
      C:\Windows\system32\SLsvc.exe 1460
      C:\Windows\system32\Ati2evxx.exe 1496
      C:\Windows\system32\svchost.exe 1520
      C:\Windows\system32\Hpservice.exe 1604
      C:\Windows\system32\svchost.exe 1680
      C:\Windows\system32\Dwm.exe 1876
      C:\Windows\Explorer.EXE 1908
      C:\Windows\System32\spoolsv.exe 2004
      C:\Windows\system32\taskeng.exe 2028
      C:\Program Files\Avira\AntiVir Desktop\sched.exe 124
      C:\Windows\system32\svchost.exe 364
      C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe 844
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 996
      C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe 1416
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 1452
      C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe 1572
      C:\Windows\system32\taskeng.exe 1536
      C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe 1780
      C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe 1208
      C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe 592
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe 2124
      C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe 2156
      C:\Program Files\OrangeHSS\Systray\SystrayApp.exe 2200
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe 2220
      C:\Program Files\IDT\WDM\sttray.exe 2240
      C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2256
      C:\Program Files\Java\jre6\bin\jusched.exe 2280
      C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe 2288
      C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe 2296
      C:\Windows\ehome\ehtray.exe 2428
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 2548
      C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe 2792
      C:\Program Files\Avira\AntiVir Desktop\avguard.exe 2812
      C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2848
      C:\Windows\system32\svchost.exe 3000
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe 3032
      C:\Windows\System32\svchost.exe 3060
      C:\Windows\System32\svchost.exe 3108
      C:\Windows\system32\svchost.exe 3172
      C:\Program Files\SMINST\BLService.exe 3196
      C:\Program Files\CyberLink\Shared files\RichVideo.exe 3212
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3288
      C:\Windows\system32\svchost.exe 3340
      C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe 3376
      C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe 3400
      C:\Windows\System32\svchost.exe 3440
      C:\Windows\system32\SearchIndexer.exe 3464
      C:\Windows\ehome\ehmsas.exe 3976
      C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe 524
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3348
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 1784
      C:\Windows\system32\conime.exe 1308
      C:\Windows\system32\svchost.exe 3640
      C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 4236
      C:\Windows\system32\wbem\wmiprvse.exe 4388
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 4676
      C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe 4868
      C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 4928
      C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 4988
      C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe 5128
      C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 5216
      C:\Windows\system32\wbem\wmiprvse.exe 5784
      c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4552
      C:\Windows\system32\wbem\unsecapp.exe 3992
      C:\Program Files\List_Kill'em\List_Kill'em.exe 4252
      C:\Windows\system32\cmd.exe 4844
      C:\Program Files\Mozilla Firefox\firefox.exe 2764
      C:\Users\jean-baptiste\AppData\Local\Temp\F92D.tmp\pv.exe 4352

      Detections :
      ==========


      ¤¤¤¤¤¤¤¤¤¤ Files/folders :

      "C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log"
      "C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log"
      "C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log"
      "C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log"
      "C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log"
      "C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log"
      "C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log"
      "C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log"
      "C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log"
      "C:\Windows\SYSTEM32\EZUPBH~1.DLL"


      ¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

      Quarantine :

      EZUPBH~1.DLL.Kill'em
      {051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log.Kill'em
      {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log.Kill'em
      {23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log.Kill'em
      {40BF1E83-20EB-11D8-97C5-0009C5020658}.log.Kill'em
      {4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log.Kill'em
      {9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log.Kill'em
      {C59C179C-668D-49A9-B6EA-0121CCFC1243}.log.Kill'em
      {CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log.Kill'em
      {d36dd326-7280-11d8-97c8-000129760cbe}.log.Kill'em

      ==============
      host file OK !
      ==============

      ========
      Registry
      ========
      Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{E54729E8-BB3D-4270-9D49-7389EA579090}
      Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
      Deleted : HKCR\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090}
      Deleted : HKCR\ezUPBHook.ShellObj
      Deleted : HKCR\ezUPBHook.ShellObj.1
      Deleted : HKCR\Install.Install
      Deleted : HKCR\Install.Install.1
      Deleted : HKCR\TypeLib\{478CAB91-9E28-11D4-97FF-0050047D51FB}

      ============
      Disk Cleaned
      ============

      ================
      Prefetch cleaned
      ================



      ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
      0
  13. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    comment va le pc ?

    relances RSIT et poste le rapport log stp
    0
    1. jb61
       
      rapport avec RSIT:


      Logfile of random's system information tool 1.06 (written by random/random)
      Run by jean-baptiste at 2009-12-31 12:45:40
      Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
      System drive C: has 102 GB (45%) free of 228 GB
      Total RAM: 3068 MB (63% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 12:46:11, on 31/12/2009
      Platform: Windows Vista SP2 (WinNT 6.00.1906)
      MSIE: Internet Explorer v7.00 (7.00.6002.18005)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
      C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
      C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      C:\Program Files\IDT\WDM\sttray.exe
      C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
      C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Windows\ehome\ehmsas.exe
      C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      C:\Windows\system32\conime.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Users\jean-baptiste\Downloads\RSIT.exe
      C:\Program Files\Trend Micro\HijackThis\jean-baptiste.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
      O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
      O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
      O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
      O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
      O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
      O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
      O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
      O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
      O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
      O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
      O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
      O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
      O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
      O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
      O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
      O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
      O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
      O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
      O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O13 - Gopher Prefix:
      O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
      O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe
      O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
      O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
      O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
      O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
      O23 - Service: Service Google Update (gupdate1c9e92765deed0d) (gupdate1c9e92765deed0d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
      O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe
      O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
      O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
      0
  14. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ▶ Télécharge OTM (OldTimer) sur ton Bureau :
    http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
    ▶ Double-clique sur OTM.exe afin de le lancer.
    ▶ Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe
    iexplore.exe
    firefox.exe
    msnmsgr.exe
    Teatimer.exe
    web mess.exe

    :services
    ASKUpgrade

    :commands
    [emptytemp]
    [start explorer]
    [reboot]

    ▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    ▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM

    Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

    ▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

    *Le nom du rapport correspond au moment de sa création : date_heure.log
    0