Présence de rootkit

Léa -  
 Léa -
Bonjour,
J'ai Avast en tant qu'anti virus et depuis quelques temps il m'indique qu'un rootkit a été trouvé.
Nom du fichier : C:\Windows\System32\Drivers\wnvgz.sys
Type : services cachés
Nom du malware : Wi\Program Files\

J'ai essayé de le supprimer par différents moyens, j'ai installé AVG anti rootkit qui ne me le détecte pas. Je ne sais pas comment m'en débarrasser. De plus je ne sais pas quel dégâts il peut causer.
Je vous signale également que je ne suis pas très douée en informatique.
Si quelqu'un peut m'aider à résoudre mon problème je le remercie d'avance.
En attendant vos réponses, passer un bon réveillon.

16 réponses

Réponse 1 / 16
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt


Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
Réponse 2 / 16
Léa
 
Alors pour le log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by PoPo at 2009-12-31 12:34:50
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 51 GB (54%) free of 94 GB
Total RAM: 2046 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:07, on 31/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\BisonCam\BisonAPP.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PoPo\Downloads\RSIT.exe
C:\Program Files\trend micro\PoPo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyBa.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyBa.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyBa.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [BisonAPP] C:\Windows\BisonCam\BisonAPP.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Power Notes] "C:\Program Files\Power Soft\Power Notes\Notes.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F98D4363-8959-40F9-B8EF-7749A481F667}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 3 / 16
Léa
 
Et pour le info.txt

info.txt logfile of random's system information tool 1.06 2009-12-31 12:35:13

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Anti-Rootkit Free-->C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bison WebCam-->C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\setup.exe -runfromtemp -l0x040c -removeonly
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon MP Navigator EX 2.0-->"C:\Program Files\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 2.0\uninst.ini
Canon MP540 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series /L0x000c
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Enregistrement utilisateur de Canon MP540 series-->C:\Program Files\Canon\IJEREG\MP540 series\UNINST.EXE
FileZilla Client 3.0.6-->C:\Program Files\FileZilla FTP Client\uninstall.exe
FirstSteps Diagnostics-->MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}
FLAC codecs-->C:\Program Files\illiminable\oggcodecs\uninst.exe
Fujitsu Siemens Computers WLAN 802.11b/g (SiS163u)-->C:\Windows\system32\unwlsdrv.exe SiS163u
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F10001\UIU32m.exe -U -IPDAZLCMzK.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HomePlayer 1.5.5-->C:\Program Files\HomePlayer1.5.5\uninst.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
InterVideo WinDVD 8-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c
iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.16)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
myBabylon Toolbar-->C:\PROGRA~1\MYBABY~1\UNWISE.EXE C:\PROGRA~1\MYBABY~1\INSTALL.LOG
Nero 7 Essentials-->MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571036}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1597D0AE-34A7-4A8B-A395-2E30EB745470}
Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi One Touch Access 6.85.3011-->msiexec /qn /x {4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi One Touch Access-->MsiExec.exe /I{4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi Player-->MsiExec.exe /I{A528306A-C5EC-481C-A619-6106334E6800}
Nokia Ovi Suite-->MsiExec.exe /I{150C6C87-D187-4105-BF7A-090378D7AE2A}
Nokia Ovi System Utilities 6.85.3014-->msiexec /qn /x {C7CDB2AC-A0AB-4D83-B046-187E24D9EA68}
Nokia Ovi System Utilities-->MsiExec.exe /X{C7CDB2AC-A0AB-4D83-B046-187E24D9EA68}
Nokia Photos-->MsiExec.exe /I{B0B49C20-D2D1-437B-80F0-C2298F5DCD2B}
Nokia Software Updater-->MsiExec.exe /X{2FA28330-2028-4033-BD10-425C87EB4D54}
Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}
NVIDIA Drivers-->C:\Windows\system32\nvunrm.exe UninstallGUI
OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
PC Connectivity Solution-->MsiExec.exe /I{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}
Power Manager 2.1.7-->"C:\Program Files\Power Manager\unins000.exe"
PowerDV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Safari-->MsiExec.exe /I{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Videora iPod Converter 3.07-->C:\Program Files\Red Kawa\Video Converter 3\uninstaller.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Security center information======

AS: Windows Defender (disabled)

======System event log======

Computer Name: PC-de-PoPo
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 192930
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20091230172112.454870-000
Event Type: Erreur
User:

Computer Name: PC-de-PoPo
Event Code: 7022
Message: Le service Windows Update est en attente de démarrage.
Record Number: 193018
Source Name: Service Control Manager
Time Written: 20091230172713.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-PoPo
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 193036
Source Name: Tcpip
Time Written: 20091230195908.517270-000
Event Type: Avertissement
User:

Computer Name: PC-de-PoPo
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 193052
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20091230200914.828600-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-PoPo
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 193069
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20091231101736.872196-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: PC-de-PoPo
Event Code: 1
Message: Nokia M Platform 2.5.197 (NLib 0.8.482)

LIKE query is not supported with path properties in relative path datastores.
errorcode: 51031
Non implémenté
errorcode: -2147467263

Stack trace:
.\MDSWatcher.cpp(1652) : CMDSWatcher::HandleFileEvent
.\MDataStoreObj.cpp(2291) : CMDataStore::Get
.\MDataStoreObj.cpp(3848) : CMDataStore::GetImpl
.\MQueryProcessor.cpp(733) : CMQueryProcessor::caseAComparisonitemExpr
.\MQueryProcessor.cpp(762) : CMQueryProcessor::caseACollateComparisonitemExpr
.\MQueryProcessor.cpp(468) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(460) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(459) : CMQueryProcessor::caseALikeBinop


Record Number: 52029
Source Name: Nokia M Platform
Time Written: 20091229212532.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-PoPo
Event Code: 1
Message: Nokia M Platform 2.5.197 (NLib 0.8.482)

LIKE query is not supported with path properties in relative path datastores.
errorcode: 51031
Non implémenté
errorcode: -2147467263

Stack trace:
.\MDSWatcher.cpp(1652) : CMDSWatcher::HandleFileEvent
.\MDataStoreObj.cpp(2291) : CMDataStore::Get
.\MDataStoreObj.cpp(3848) : CMDataStore::GetImpl
.\MQueryProcessor.cpp(733) : CMQueryProcessor::caseAComparisonitemExpr
.\MQueryProcessor.cpp(762) : CMQueryProcessor::caseACollateComparisonitemExpr
.\MQueryProcessor.cpp(468) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(460) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(459) : CMQueryProcessor::caseALikeBinop


Record Number: 52030
Source Name: Nokia M Platform
Time Written: 20091229212533.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-PoPo
Event Code: 1
Message: Nokia M Platform 2.5.197 (NLib 0.8.482)

LIKE query is not supported with path properties in relative path datastores.
errorcode: 51031
Non implémenté
errorcode: -2147467263

Stack trace:
.\MDSWatcher.cpp(1652) : CMDSWatcher::HandleFileEvent
.\MDataStoreObj.cpp(2291) : CMDataStore::Get
.\MDataStoreObj.cpp(3848) : CMDataStore::GetImpl
.\MQueryProcessor.cpp(733) : CMQueryProcessor::caseAComparisonitemExpr
.\MQueryProcessor.cpp(762) : CMQueryProcessor::caseACollateComparisonitemExpr
.\MQueryProcessor.cpp(468) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(460) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(459) : CMQueryProcessor::caseALikeBinop


Record Number: 52031
Source Name: Nokia M Platform
Time Written: 20091229212545.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-PoPo
Event Code: 1
Message: Nokia M Platform 2.5.197 (NLib 0.8.482)

LIKE query is not supported with path properties in relative path datastores.
errorcode: 51031
Non implémenté
errorcode: -2147467263

Stack trace:
.\MDSWatcher.cpp(1652) : CMDSWatcher::HandleFileEvent
.\MDataStoreObj.cpp(2291) : CMDataStore::Get
.\MDataStoreObj.cpp(3848) : CMDataStore::GetImpl
.\MQueryProcessor.cpp(733) : CMQueryProcessor::caseAComparisonitemExpr
.\MQueryProcessor.cpp(762) : CMQueryProcessor::caseACollateComparisonitemExpr
.\MQueryProcessor.cpp(468) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(460) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(459) : CMQueryProcessor::caseALikeBinop


Record Number: 52032
Source Name: Nokia M Platform
Time Written: 20091229212545.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-PoPo
Event Code: 1
Message: Nokia M Platform 2.5.197 (NLib 0.8.482)

LIKE query is not supported with path properties in relative path datastores.
errorcode: 51031
Non implémenté
errorcode: -2147467263

Stack trace:
.\MDSWatcher.cpp(2155) : CMDSWatcher::HandleFolderEvent
.\MDataStoreObj.cpp(2291) : CMDataStore::Get
.\MDataStoreObj.cpp(3848) : CMDataStore::GetImpl
.\MQueryProcessor.cpp(762) : CMQueryProcessor::caseACollateComparisonitemExpr
.\MQueryProcessor.cpp(468) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(460) : CMQueryProcessor::caseALikeBinop
.\MQueryProcessor.cpp(459) : CMQueryProcessor::caseALikeBinop


Record Number: 52033
Source Name: Nokia M Platform
Time Written: 20091229212619.000000-000
Event Type: Avertissement
User:

=====Security event log=====

Computer Name: PC-de-PoPo
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-POPO$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x294
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 37308
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090704114414.851168-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-PoPo
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 37309
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090704114414.851168-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-PoPo
Event Code: 4616
Message: L’heure du système a été modifiée.

Sujet :
ID de sécurité : S-1-5-19
Nom du compte : SERVICE LOCAL
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e5

Informations sur le processus :
ID du processus : 0x520
Nom : C:\Windows\System32\svchost.exe

Heure précédente : 13:44:16 04/07/2009
Nouvelle heure : 13:44:16 04/07/2009

Cet événement est généré lorsque l’heure du système est modifiée. Le changement régulier de l’heure du système est une opération normale de la part du service de temps Windows qui s’exécute avec des privilèges système. Mais, d’autres modifications de l’heure du système peuvent indiquer des tentatives de falsification de l’ordinateur.
Record Number: 37310
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090704114416.738600-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-PoPo
Event Code: 4634
Message: Fermeture de session d’un compte.

Sujet :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID du compte : 0x2c4c6

Type d’ouverture de session : 3

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
Record Number: 37311
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090704114418.220600-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-PoPo
Event Code: 4608
Message: Windows démarre.

Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé.
Record Number: 37312
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090705135333.700535-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Nokia\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\VistaCodecPack\QT\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6801
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 4 / 16
Léa
 
Alors pour moi c'est du charabia mais j'espère que ça va me permettre de résoudre le problème.
Merci en tout cas d'avoir répondu si rapidement.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
open office est à la version 3 ...

____________



Mettre a jour java:
https://javara.fr.malavida.com/­indows

Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.

si cela ne fonctionne pas

https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80

tu peux désinstaller les vieilles versions.

____________________

branche tous tes supports externes puis colle un rapport usbfix option 2
0
Réponse 6 / 16
Léa
 
Voici le rapport de JavaRa.log

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Thu Dec 31 13:37:10 2009

Found and removed: C:\Program Files\Java\jre1.6.0_03

Found and removed: C:\Program Files\Java\jre1.6.0_04

Found and removed: C:\Program Files\Java\jre1.6.0_05

Found and removed: C:\Program Files\Java\jre1.6.0_07

Found and removed: C:\Users\PoPo\AppData\LocalLow\Sun\Java\jre1.6.0_04

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

Found and removed: SOFTWARE\Classes\JavaPlugin.160_04

Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\JavaPlugin.160_03

Found and removed: Software\Classes\JavaPlugin.160_04

Found and removed: Software\Classes\JavaPlugin.160_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_07

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_07

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160070}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_04.b12\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\

------------------------------------

Finished reporting.
0
Réponse 7 / 16
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok fais usbfix
0
Réponse 8 / 16
Léa
 
Oula j'ai pas compris. Je fais quoi exactement et où?
0
Réponse 9 / 16
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
c'est indiqué sous la procédure de javara
0
Réponse 10 / 16
Léa
 
Je suis désolée mais je comprends rien :s
Je trouve pas ce qu'il faut faire. Je ne sais pas où se trouve la procédure de javara.
0
Réponse 11 / 16
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
f


je remets mais c'est ecrit au dessus!

branche tous tes supports externes puis colle un rapport usbfix option 2
0
Réponse 12 / 16
Léa
 
Alors voila j'ai trouvé. J'ai fait avec ma clé usb qui se ballade sur beaucoup de pc mais je suis censée faire quelque chose pour réparer ou c'est déjà fait?

############################## | UsbFix V6.068 |

User : PoPo (Administrateurs) # PC-DE-POPO
Update on 28/12/2009 by El Desaparecido , C_XX & Chimay8
Start at: 15:11:42 | 31/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 92,21 Go (51,52 Go free) [System] # NTFS
D:\ -> Disque fixe local # 45,12 Go (21,03 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\Windows\System32\smss.exe 428
C:\Windows\system32\csrss.exe 564
C:\Windows\system32\wininit.exe 616
C:\Windows\system32\csrss.exe 624
C:\Windows\system32\services.exe 664
C:\Windows\system32\lsass.exe 676
C:\Windows\system32\lsm.exe 684
C:\Windows\system32\winlogon.exe 812
C:\Windows\system32\svchost.exe 888
C:\Windows\system32\svchost.exe 956
C:\Windows\System32\svchost.exe 992
C:\Windows\System32\svchost.exe 1136
C:\Windows\System32\svchost.exe 1180
C:\Windows\system32\svchost.exe 1192
C:\Windows\system32\SLsvc.exe 1300
C:\Windows\system32\svchost.exe 1372
C:\Windows\system32\svchost.exe 1496
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1724
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1764
C:\Windows\system32\Dwm.exe 1772
C:\Windows\Explorer.EXE 1800
C:\Program Files\Windows Defender\MSASCui.exe 1908
C:\Windows\RtHDVCpl.exe 1916
C:\Program Files\Apoint2K\Apoint.exe 2000
C:\Program Files\Power Manager\PM.exe 196
C:\Windows\BisonCam\BisonAPP.exe 312
C:\Windows\System32\rundll32.exe 12
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 556
C:\Program Files\Apoint2K\ApMsgFwd.exe 1260
C:\Program Files\iTunes\iTunesHelper.exe 872
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE 1532
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe 1520
C:\Program Files\Windows Sidebar\sidebar.exe 1668
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1868
C:\Windows\System32\spoolsv.exe 1676
C:\Windows\ehome\ehtray.exe 1652
C:\Windows\system32\taskeng.exe 884
C:\Windows\system32\svchost.exe 1760
C:\Windows\System32\rundll32.exe 1612
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe 540
C:\Windows\system32\taskeng.exe 2068
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN 2276
C:\Program Files\Apoint2K\Apntex.exe 2384
C:\Windows\ehome\ehmsas.exe 2540
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2804
C:\Program Files\Bonjour\mDNSResponder.exe 2820
C:\Windows\system32\svchost.exe 2856
c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 2916
C:\Windows\system32\svchost.exe 2968
C:\Program Files\CyberLink\Shared Files\RichVideo.exe 3168
C:\Windows\system32\svchost.exe 3292
C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe 3332
C:\Windows\System32\svchost.exe 3392
C:\Windows\system32\SearchIndexer.exe 3432
C:\Windows\system32\DRIVERS\xaudio.exe 3496
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 3592
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3652
C:\Program Files\iPod\bin\iPodService.exe 3724
C:\Windows\system32\wbem\wmiprvse.exe 2332
C:\Windows\system32\wbem\unsecapp.exe 3372
C:\Program Files\Windows Live\Contacts\wlcomm.exe 2568
C:\Windows\system32\wuauclt.exe 6060
C:\Windows\system32\NOTEPAD.EXE 5832
C:\Windows\system32\conime.exe 756
C:\Program Files\Mozilla Firefox\firefox.exe 4192
C:\Windows\system32\wbem\wmiprvse.exe 764

################## | Elements infectieux |

C:\Windows\msnimport.exe
F:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
F:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665

################## | Registre |


################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\G
shell\AutoRun\command =G:\LaunchU3.exe -a

HKCU\..\..\Explorer\MountPoints2\I
shell\AutoRun\command =wd_windows_tools\setup.exe

HKCU\..\..\Explorer\MountPoints2\{13b06fed-d7bd-11dc-a701-001060d07d2e}
shell\Auto\command =AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

HKCU\..\..\Explorer\MountPoints2\{13b06ffa-d7bd-11dc-a701-001060d07d2e}
shell\AutoRun\command =F:\LaunchU3.exe -a

HKCU\..\..\Explorer\MountPoints2\{7e45ed65-cf29-11dc-9331-001060d07d2e}
shell\AutoRun\command =wd_windows_tools\setup.exe

################## | Cracks > Keygens > Serials |


################## | ! Fin du rapport # UsbFix V6.068 ! |
0
Réponse 13 / 16
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
fais l'option 2 et mets le rapport
0
Réponse 14 / 16
Léa
 
Désolée pour tout à l'heure j'avais pas lu jusqu'au bout.
Voici le rapport


############################## | UsbFix V6.068 |

User : PoPo (Administrateurs) # PC-DE-POPO
Update on 28/12/2009 by El Desaparecido , C_XX & Chimay8
Start at: 15:41:23 | 31/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 92,21 Go (51,44 Go free) [System] # NTFS
D:\ -> Disque fixe local # 45,12 Go (21,03 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\Windows\System32\smss.exe 492
C:\Windows\system32\csrss.exe 564
C:\Windows\system32\wininit.exe 616
C:\Windows\system32\csrss.exe 628
C:\Windows\system32\services.exe 664
C:\Windows\system32\lsass.exe 676
C:\Windows\system32\lsm.exe 684
C:\Windows\system32\winlogon.exe 804
C:\Windows\system32\svchost.exe 880
C:\Windows\system32\svchost.exe 944
C:\Windows\System32\svchost.exe 984
C:\Windows\System32\svchost.exe 1104
C:\Windows\System32\svchost.exe 1176
C:\Windows\system32\svchost.exe 1188
C:\Windows\system32\SLsvc.exe 1304
C:\Windows\system32\svchost.exe 1356
C:\Windows\system32\svchost.exe 1500
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1732
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1752
C:\Windows\system32\Dwm.exe 1812
C:\Windows\Explorer.EXE 1824
C:\Windows\system32\runonce.exe 1884
C:\Windows\System32\spoolsv.exe 1264
C:\Windows\system32\svchost.exe 1468
C:\Windows\system32\taskeng.exe 1512
C:\Windows\system32\taskeng.exe 1660
C:\Windows\system32\PresentationSettings.exe 2044
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1124
C:\Program Files\Bonjour\mDNSResponder.exe 1144
C:\Windows\system32\svchost.exe 1032
c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 1960
C:\Windows\system32\svchost.exe 2080
C:\Program Files\CyberLink\Shared Files\RichVideo.exe 2112
C:\Windows\system32\svchost.exe 2160
C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe 2320
C:\Windows\System32\svchost.exe 2344
C:\Windows\system32\SearchIndexer.exe 2404
C:\Windows\system32\DRIVERS\xaudio.exe 2512
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2612
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2632
C:\Windows\system32\wbem\wmiprvse.exe 2816

################## | Elements infectieux |

Supprimé ! C:\Windows\msnimport.exe
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1654671940-757179397-1803065850-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2152478756-3922319563-605102323-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3432319531-4188733938-1215649882-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1654671940-757179397-1803065850-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-3432319531-4188733938-1215649882-500

################## | Registre |


################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\G\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\I\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{13b06fed-d7bd-11dc-a701-001060d07d2e}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{13b06ffa-d7bd-11dc-a701-001060d07d2e}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{7e45ed65-cf29-11dc-9331-001060d07d2e}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[05/01/2007 12:29|--a------|30] C:\batch.wtc
[19/01/2008 08:45|-rahs----|333203] C:\bootmgr
[01/07/2006 22:42|-ra-s----|8192] C:\BOOTSECT.BAK
[05/04/2008 20:34|--a------|74] C:\CMLoader.log
[18/09/2006 22:43|--a------|10] C:\config.sys
[03/01/2007 09:19|--a------|0] C:\DVD.TAG
[?|?|?] C:\hiberfil.sys
[10/02/2008 21:15|-rahs----|0] C:\IO.SYS
[31/12/2009 13:37|--a------|19684] C:\JavaRa.log
[10/02/2008 21:15|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[20/10/2007 17:58|--a------|9136] C:\Prodlog.txt
[31/12/2009 15:48|--a------|4119] C:\UsbFix.txt
[01/07/2006 14:08|--a------|475384] C:\vcredist_x86.log

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |


################## | Upload |

Veuillez envoyer le fichier : C:\Users\PoPo\Desktop\UsbFix_Upload_Me_PC-de-PoPo.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.068 ! |
0
Réponse 15 / 16
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
colle un scan en ligne de chez panda
https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
0
Réponse 16 / 16
Léa
 
Alors tout d'abord Bonne Année et sinon voici les résultats du scan

;***********************************************************************************************************************************************************************************
ANALYSIS: 2010-01-01 18:47:28
PROTECTIONS: 2
MALWARE: 23
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
avast! antivirus Yes Yes
Windows Defender Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@atdmt[1].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@tradedoubler[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@mediaplex[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@com[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@xiti[1].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@fe.lea.lycos[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@ad.yieldmanager[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@apmebf[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@bs.serving-sys[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@weborama[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@adtech[1].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@fl01.ct2.comclick[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@ads.pointroll[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@questionmarket[1].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@bravenet[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@go[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No c:\users\popo\appdata\roaming\microsoft\windows\cookies\popo@smartadserver[1].txt
01308377 Application/MSNContentPlus HackTools No 0 Yes No c:\usbfix\quarantine\c\windows\msnimport.exe.usbfix
01308377 Application/MSNContentPlus HackTools No 0 Yes No c:\users\popo\desktop\usbfix_upload_me_pc-de-popo.zip[usbfix_upload_me/msnimport.exe.usbfix]
05825509 Trj/Downloader.MDW Virus/Trojan No 1 Yes No c:\windows\system32\drivers\wnvgz.sys
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
No c:\usbfix\bypass.exe
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0

Discussions similaires

Checking media presence… media present
Jeanpierre67 -
SATS_fr -

2 réponses
affichage checking media
titi__5106 -
jfmimi -

5 réponses
Check media fail
PandaGracieux25 -
brucine -

5 réponses
CHECKING MEDIA PRESENCE... MEDIA PRESENT...START PXE overIPV4;
Michonchon -
Renardrougeetnoir -

7 réponses
Reseaux sociaux
ChiotCharmant90 -
MPMP10 -

1 réponse