Hacked by Godzilla --- rapport Hijack

Résolu
Boom -  
moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,
voilà depuis quelques temps déjà j'ai un problème avec mon ordi.Il affiche Hacked by Godzilla...J'ai fais un scan avec Hijack,voici le rapport:

Pouvez-vous m'aidé à m'en débarasser svp....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:49, on 08/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Shareaza Pro\Shareaza Pro.exe
C:\Users\Utilisateur\ynriw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
C:\Program Files\ZTE MF626\UIMain.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza Pro\RazaWebHook.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Shareaza Pro] "C:\Program Files\Shareaza Pro\Shareaza Pro.exe" -tray
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ynriw] C:\Users\Utilisateur\ynriw.exe
O4 - HKCU\..\Run: [Utilisateur] C:\Users\Utilisateur\Utilisateur.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza Pro\RazaWebHook.dll/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{720DE3CC-C351-44B0-BF2D-EC62B8F0C14C}: NameServer = 217.175.160.164 217.175.160.177
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Service Google Update (gupdate1c9e5c0968507c0) (gupdate1c9e5c0968507c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe

--
End of file - 14348 bytes
Configuration: Windows Vista Internet Explorer 7.0

18 réponses

  1. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    bonjour

    Note importante :
    Pour les ordinateurs équipés de Windows Vista et Windows 7, la désactivation du Contrôle des comptes utilisateurs est obligatoire
    sous peine de ne pas pouvoir faire fonctionner correctement l'outil.
    Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

    Téléchargez et enregistrez le fichier d installation sur le bureau
    http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

    Double cliquez sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.
    Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
    Au menu principal choisir
    Option L Lancer le nettoyage
    et tapez sur [entrée] .
    Laissez travailler l'outil et ne touchez à rien ...
    Postez le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    0
  2. boom
     
    J'ai bien désactivé le contrôle des comptes d'utilisateurs mais quand je clic sur le 2ème lien il y a une fenêtre qui s'ouvre et qui me dis:"internet explorer a cesser de fonctionner'' Il tente de réparer le problème mais ensuite,il y a une fenêtre qui s'ouvre et qui me dis que la mémoire ne peut pas être "written".....
    Que dois-je faire?
    0
  3. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    on va prendre un autre outil

    Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)

    ▶ Télécharge et installe List&Kill'em et enregistre le sur ton bureau
    http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe

    double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

    coche la case "creer une icone sur le bureau"

    une fois terminée , clic sur "terminer" et le programme se lancer seul

    choisis la langue puis choisis l'option 1 = Mode Recherche

    ▶ laisse travailler l'outil

    à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

    un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

    ▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

    tu peux supprimer le rapport catchme.log de ton bureau maintenant.

    0
  4. boom
     
    Toujours le même problème,je ne peux pas ouvrir la page...Je pense que c'est à cause de la prévention de l'éxecution de données non?Car il me dis que cette prévention a fermé IE pour me proteger.......
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    vois ceci

    https://www.commentcamarche.net/faq/3011-prevention-de-l-execution-des-donnees

    si avec ce lien tu résouds le problème d'excution des outils, je préfèrerai que tu fasses en premier lieu le post 1

    0
  7. boom
     
    J'ai ajouté IE dans les exeptions mais rien y fais....
    Je ne comprends pas pourquoi?
    Quand je clic sur le lien il me dis que IE a cessé de fonctionner,ensuite il me dis que pour protéger l'odri,la prévention de données....etc et à chaque fois à la fin il y a une fenêtre d'erreur qui s'ouvre du style "la mémoire ne peut pas être written",ou alors "HP health....." Enfin je ne comprends plus rien T_T
    0
  8. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    !!!!!!!!

    es tu bien sur la session administrateur du pc ?
    0
  9. boom
     
    Il n'y a qu'un seul compte (session) sur l'ordi,c'est donc en admi non?
    0
  10. boom
     
    ça serai pas windows defender qui me bloquerais?
    0
  11. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    peut être oui

    desactives le provisoirement

    sinon

    tu peux le faire aussi en mode sans echec avec reseau
    0
  12. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    as tu réussi ou faut il envisager autre chose ?
    0
  13. BOOM
     
    Le premier lien,avec AD-REMOVER,le scan ne marché pas donc je l'ai fais avec list'em voici le rapport:
    (c'était bien windows defender qui me bloqué =)

    List'em by g3n-h@ckm@n 1.1.8.0

    Thx to Chiquitine29.....& CCM team

    User : Utilisateur (Administrateurs) # PC-DE-UTILISATE
    Update on 09/12/2009 by g3n-h@ckm@n ::::: 12:20
    Start at: 18:49:06 | 09/01/2010
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
    Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18865
    Windows Firewall Status : Disabled

    C:\ -> Disque fixe local | 139,15 Go (38,45 Go free) | NTFS
    D:\ -> Disque fixe local | 9,9 Go (1,73 Go free) [RECOVERY] | NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque amovible

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
    C:\Program Files\LSI SoftModem\agrsmsvc.exe
    C:\Program Files\AGI\common\win32\PythonService.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Shareaza Pro\Shareaza Pro.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\SMINST\BLService.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\ZTE MF626\UIMain.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\List_Kill'em\List_Kill'em.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\cmd.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\Utilisateur\AppData\Local\Temp\EF3E.tmp\pv.exe

    ======================
    Keys "Run"
    ======================
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    LightScribe Control Panel REG_SZ C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    HPAdvisor REG_SZ C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
    Skype REG_SZ "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    Shareaza Pro REG_SZ "C:\Program Files\Shareaza Pro\Shareaza Pro.exe" -tray
    swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    Tok-Cirrhatus REG_SZ
    ynriw REG_SZ C:\Users\Utilisateur\ynriw.exe
    Utilisateur REG_SZ C:\Users\Utilisateur\Utilisateur.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    IgfxTray REG_SZ C:\Windows\system32\igfxtray.exe
    HotKeysCmds REG_SZ C:\Windows\system32\hkcmd.exe
    Persistence REG_SZ C:\Windows\system32\igfxpers.exe
    SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    QPService REG_SZ "C:\Program Files\HP\QuickPlay\QPService.exe"
    UpdateLBPShortCut REG_SZ "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    UpdatePSTShortCut REG_SZ "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    UCam_Menu REG_SZ "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
    Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    QlbCtrl.exe REG_SZ C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    UpdateP2GoShortCut REG_SZ "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    UpdatePDIRShortCut REG_SZ "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    HP Health Check Scheduler REG_SZ c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    WirelessAssistant REG_SZ C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
    KiweeHook REG_SZ "C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe"
    Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    Adobe ARM REG_SZ "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    SysTrayApp REG_EXPAND_SZ %ProgramFiles%\IDT\WDM\sttray.exe
    avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

    =====================
    Other Keys
    =====================
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    ConsentPromptBehaviorAdmin REG_DWORD 2 (0x2)
    ConsentPromptBehaviorUser REG_DWORD 1 (0x1)
    EnableInstallerDetection REG_DWORD 1 (0x1)
    EnableLUA REG_DWORD 0 (0x0)
    EnableSecureUIAPaths REG_DWORD 1 (0x1)
    EnableVirtualization REG_DWORD 1 (0x1)
    PromptOnSecureDesktop REG_DWORD 1 (0x1)
    ValidateAdminCodeSignatures REG_DWORD 0 (0x0)
    dontdisplaylastusername REG_DWORD 0 (0x0)
    legalnoticecaption REG_SZ
    legalnoticetext REG_SZ
    scforceoption REG_DWORD 0 (0x0)
    shutdownwithoutlogon REG_DWORD 1 (0x1)
    undockwithoutlogon REG_DWORD 1 (0x1)
    FilterAdministratorToken REG_DWORD 0 (0x0)
    EnableUIADesktopToggle REG_DWORD 0 (0x0)
    HideFastUserSwitching REG_DWORD 0 (0x0)

    ===============
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    NoLogoff REG_DWORD 0 (0x0)
    NoClose REG_DWORD 0 (0x0)

    ===============
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    BindDirectlyToPropertySetStorage REG_DWORD 0 (0x0)

    ===============
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    AppInit_DLLS REG_SZ

    ===============
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]

    ===============
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

    ===============
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ===============
    ActivX controls
    ===============
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}

    ===============
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11CF-96B8-444553540000}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}

    ==============
    BHO :
    ======
    [<NO NAME> REG_SZ ]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0EEDB912-C5FA-486F-8334-57288578C627}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{280b5d37-4a76-467a-b3d6-942fca90acde}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

    ================
    Internet Explorer :
    ================
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    Start Page REG_SZ https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    Start Page REG_SZ https://www.google.fr/?gws_rd=ssl

    ========
    Services
    ========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

    Ndisuio : 0x3
    EapHost : 0x3
    Wlansvc : 0x2
    SharedAccess : 0x4
    windefend : 0x2
    wuauserv : 0x2
    wscsvc : 0x2

    =========

    =======
    Drive :
    =======

    D‚fragmenteur de disque Windows
    Copyright (c) 2006 Microsoft Corp.

    Rapport d'analyse pour le volume C:

    Taille du volume = 139 Go
    Espace libre = 38.46 Go
    tendue d'espace libre la plus grande = 27.44 Go
    Pourcentage de fragmentation des fichiers = 0 %

    Remarqueÿ: sur les volumes NTFS, les fragments de fichiers de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.

    Il n'est pas n‚cessaire de d‚fragmenter ce volume.

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
    C:\ProgramData\Kiwee Toolbar
    C:\Program Files\AGI
    C:\Program Files\AskBarDis
    C:\Program Files\GamesBar
    C:\Program Files\Kiwee Toolbar
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\Program Files\P2P_Energy
    C:\Windows\System32\EZUPBH~1.DLL
    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    C:\Users\Utilisateur\LOCAL Settings\Temp\GoogleUpdate.exebbb618
    C:\Users\Utilisateur\LOCAL Settings\Temp\HPQSi.exe
    C:\Users\Utilisateur\LOCAL Settings\Temp\kiwee_setup.exe
    C:\Users\Utilisateur\LOCAL Settings\Temp\SearchWithGoogleUpdate.exe
    C:\Users\Utilisateur\LOCAL Settings\Temp\Toolbar.exe
    C:\Users\Utilisateur\LOCAL Settings\Temp\uttD238.tmp.exe

    ¤¤¤¤¤¤¤¤¤¤ Keys :

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Tok-Cirrhatus"
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar "{6F282B65-56BF-4BD1-A8B2-A4449A05863D}"
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoLogOff"
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"
    "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"
    "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
    "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239}"
    "HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}"
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb0d163c-e9f4-4236-9496-0597e24b23a5}"
    HKCR\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKCR\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKCR\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCR\CLSID\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
    HKCR\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
    HKCR\CLSID\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}
    HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
    HKCR\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKCR\CLSID\{cb0d163c-e9f4-4236-9496-0597e24b23a5}
    HKCR\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
    HKCR\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
    HKCR\ezUPBHook.ShellObj
    HKCR\ezUPBHook.ShellObj.1
    HKCR\interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
    HKCR\Interface\{daa37aad-f156-4c2c-ac48-3c22ef92ae2f}
    HKCR\KiweeIEToolbar.KiweeToolbar
    HKCR\KiweeIEToolbar.KiweeToolbar.1
    HKCR\KiweeIEToolbar.ToolbarInfo
    HKCR\KiweeIEToolbar.ToolbarInfo.1
    HKCR\oberontb.band
    HKCR\oberontb.band.1
    HKCR\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
    HKCR\TypeLib\{478CAB91-9E28-11D4-97FF-0050047D51FB}
    HKCR\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467}
    HKCR\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
    HKCU\Software\AGI
    HKCU\Software\AppDataLow\AskBarDis
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cb0d163c-e9f4-4236-9496-0597e24b23a5}
    HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKLM\Software\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
    HKLM\Software\Classes\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
    HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
    HKLM\Software\Classes\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
    HKLM\Software\Classes\Interface\{01009AEC-AFAA-4982-9F2B-6411C5C27E77}
    HKLM\Software\Classes\Interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
    HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar
    HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar.1
    HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo
    HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1
    HKLM\Software\Classes\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
    HKLM\Software\Classes\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
    HKU\.DEFAULT\Software\AGI

    ================
    Other infections
    ================

    catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-01-09 19:01:18
    Windows 6.0.6002 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    user & kernel MBR OK

    ==========
    Programs
    ==========

    Activation Assistant for the 2007 Microsoft Office suites
    Ad-Remover
    Adobe
    AGI
    Alwil Software
    AnmSMP
    AOL
    AskBarDis
    Atheros
    Avira
    BoontyGames
    Common Files
    Conduit
    CyberLink
    desktop.ini
    Electronic Arts
    Fichiers communs
    Free Video Converter
    Gamenext
    GamesBar
    Google
    Hewlett-Packard
    Hewlett-Packard Company
    HP
    HP Games
    IDT
    InstallShield Installation Information
    Intel
    Internet Explorer
    Java
    JRE
    K-Lite Codec Pack
    Kiwee Toolbar
    Lavalys
    List_Kill'em
    LSI SoftModem
    Microsoft
    Microsoft Games
    Microsoft Office
    Microsoft Silverlight
    Microsoft SQL Server Compact Edition
    Microsoft Sync Framework
    Microsoft Works
    Microsoft.NET
    Movie Maker
    Mozilla Firefox
    MSBuild
    MSXML 4.0
    muvee Technologies
    Nobilis
    Oberon Media
    OpenOffice.org 3
    P2P_Energy
    PhotoFiltre
    PhotoFiltre Studio
    Realtek
    Red Storm Entertainment
    Reference Assemblies
    Shareaza Pro
    Shareware.Pro-FR
    Skype
    SMINST
    Synaptics
    TeraCopy
    THQ
    Trend Micro
    Uninstall Information
    uTorrent
    VideoLAN
    Windows Calendar
    Windows Collaboration
    Windows Defender
    Windows Live
    Windows Live SkyDrive
    Windows Mail
    Windows Media Player
    Windows NT
    Windows Photo Gallery
    Windows Portable Devices
    Windows Sidebar
    ZTE MF626

    ============
    Lecteur C:
    ============

    $RECYCLE.BIN
    autoexec.bat
    Boonty
    boot
    bootmgr
    Config.Msi
    config.sys
    debug.txt
    Documents and Settings
    hiberfil.sys
    HP
    Kill'em
    List'em.txt
    MicroGaming
    MSOCache
    pagefile.sys
    PerfLogs
    Program Files
    ProgramData
    SwSetup
    System Volume Information
    System.sav
    Temp
    Users
    Windows

    ¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

    C:\MicroGaming\Casino\CasinoClassic\global\gameregistry\crackerjack1.inf
    C:\Program Files\HP Games\Polar Pool\levels\ice_cave\scene\crack.jpg
    C:\Program Files\HP Games\Polar Pool\levels\ice_cave\scene\crack_alpha.jpg
    C:\Program Files\Red Storm Entertainment\Ghost Recon\Mods\Origmiss\Textures\cracked_glass.rsb
    C:\ProgramData\NortonInstaller\Logs\06-06-2009-08h39m24s\Patch-06-06-2009-08h39m24s.log
    C:\ProgramData\NortonInstaller\Logs\06-06-2009-08h39m24s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-06-2009-08h39m27s\Patch-06-06-2009-08h39m27s.log
    C:\ProgramData\NortonInstaller\Logs\06-06-2009-08h39m27s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-06-2009-08h39m29s\Patch-06-06-2009-08h39m29s.log
    C:\ProgramData\NortonInstaller\Logs\06-06-2009-08h39m29s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-06-2009-08h39m30s\Patch-06-06-2009-08h39m30s.log
    C:\ProgramData\NortonInstaller\Logs\06-06-2009-08h39m30s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m43s\Patch-06-08-2009-08h20m43s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m43s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m46s\Patch-06-08-2009-08h20m46s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m46s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m50s\Patch-06-08-2009-08h20m50s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m50s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m55s\Patch-06-08-2009-08h20m55s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m55s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m59s\Patch-06-08-2009-08h20m59s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h20m59s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m02s\Patch-06-08-2009-08h21m02s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m02s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m06s\Patch-06-08-2009-08h21m06s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m06s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m10s\Patch-06-08-2009-08h21m10s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m10s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m13s\Patch-06-08-2009-08h21m13s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m13s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m16s\Patch-06-08-2009-08h21m16s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m16s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m19s\Patch-06-08-2009-08h21m19s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m19s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m22s\Patch-06-08-2009-08h21m22s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m22s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m25s\Patch-06-08-2009-08h21m25s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m25s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m29s\Patch-06-08-2009-08h21m29s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m29s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m33s\Patch-06-08-2009-08h21m33s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m33s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m36s\Patch-06-08-2009-08h21m36s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m36s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m39s\Patch-06-08-2009-08h21m39s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m39s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m42s\Patch-06-08-2009-08h21m42s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-08h21m42s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-12h22m11s\Patch-06-08-2009-12h22m11s.log
    C:\ProgramData\NortonInstaller\Logs\06-08-2009-12h22m11s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m03s\Patch-09-15-2009-08h07m03s.log
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m03s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m05s\Patch-09-15-2009-08h07m05s.log
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m05s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m07s\Patch-09-15-2009-08h07m07s.log
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m07s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m08s\Patch-09-15-2009-08h07m08s.log
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m08s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m09s\Patch-09-15-2009-08h07m09s.log
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m09s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m12s\Patch-09-15-2009-08h07m12s.log
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m12s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m13s\Patch-09-15-2009-08h07m13s.log
    C:\ProgramData\NortonInstaller\Logs\09-15-2009-08h07m13s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m42s\Patch-09-17-2009-11h50m42s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m42s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m43s\Patch-09-17-2009-11h50m43s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m43s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m45s\Patch-09-17-2009-11h50m45s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m45s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m46s\Patch-09-17-2009-11h50m46s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m46s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m48s\Patch-09-17-2009-11h50m48s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m48s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m51s\Patch-09-17-2009-11h50m51s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m51s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m53s\Patch-09-17-2009-11h50m53s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m53s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m55s\Patch-09-17-2009-11h50m55s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m55s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m57s\Patch-09-17-2009-11h50m57s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m57s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m58s\Patch-09-17-2009-11h50m58s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m58s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m59s\Patch-09-17-2009-11h50m59s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h50m59s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h51m02s\Patch-09-17-2009-11h51m02s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h51m02s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h51m03s\Patch-09-17-2009-11h51m03s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h51m03s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h51m05s\Patch-09-17-2009-11h51m05s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h51m05s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h51m06s\Patch-09-17-2009-11h51m06s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-11h51m06s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-13h30m35s\Patch-09-17-2009-13h30m35s.log
    C:\ProgramData\NortonInstaller\Logs\09-17-2009-13h30m35s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-06-2009-08h39m24s\Patch-06-06-2009-08h39m24s.log
    C:\Users\All Users\NortonInstaller\Logs\06-06-2009-08h39m24s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-06-2009-08h39m27s\Patch-06-06-2009-08h39m27s.log
    C:\Users\All Users\NortonInstaller\Logs\06-06-2009-08h39m27s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-06-2009-08h39m29s\Patch-06-06-2009-08h39m29s.log
    C:\Users\All Users\NortonInstaller\Logs\06-06-2009-08h39m29s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-06-2009-08h39m30s\Patch-06-06-2009-08h39m30s.log
    C:\Users\All Users\NortonInstaller\Logs\06-06-2009-08h39m30s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m43s\Patch-06-08-2009-08h20m43s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m43s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m46s\Patch-06-08-2009-08h20m46s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m46s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m50s\Patch-06-08-2009-08h20m50s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m50s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m55s\Patch-06-08-2009-08h20m55s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m55s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m59s\Patch-06-08-2009-08h20m59s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h20m59s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m02s\Patch-06-08-2009-08h21m02s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m02s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m06s\Patch-06-08-2009-08h21m06s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m06s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m10s\Patch-06-08-2009-08h21m10s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m10s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m13s\Patch-06-08-2009-08h21m13s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m13s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m16s\Patch-06-08-2009-08h21m16s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m16s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m19s\Patch-06-08-2009-08h21m19s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m19s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m22s\Patch-06-08-2009-08h21m22s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m22s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m25s\Patch-06-08-2009-08h21m25s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m25s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m29s\Patch-06-08-2009-08h21m29s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m29s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m33s\Patch-06-08-2009-08h21m33s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m33s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m36s\Patch-06-08-2009-08h21m36s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m36s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m39s\Patch-06-08-2009-08h21m39s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m39s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m42s\Patch-06-08-2009-08h21m42s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-08h21m42s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-12h22m11s\Patch-06-08-2009-12h22m11s.log
    C:\Users\All Users\NortonInstaller\Logs\06-08-2009-12h22m11s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m03s\Patch-09-15-2009-08h07m03s.log
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m03s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m05s\Patch-09-15-2009-08h07m05s.log
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m05s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m07s\Patch-09-15-2009-08h07m07s.log
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m07s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m08s\Patch-09-15-2009-08h07m08s.log
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m08s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m09s\Patch-09-15-2009-08h07m09s.log
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m09s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m12s\Patch-09-15-2009-08h07m12s.log
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m12s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m13s\Patch-09-15-2009-08h07m13s.log
    C:\Users\All Users\NortonInstaller\Logs\09-15-2009-08h07m13s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m42s\Patch-09-17-2009-11h50m42s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m42s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m43s\Patch-09-17-2009-11h50m43s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m43s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m45s\Patch-09-17-2009-11h50m45s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m45s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m46s\Patch-09-17-2009-11h50m46s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m46s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m48s\Patch-09-17-2009-11h50m48s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m48s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m51s\Patch-09-17-2009-11h50m51s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m51s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m53s\Patch-09-17-2009-11h50m53s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m53s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m55s\Patch-09-17-2009-11h50m55s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m55s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m57s\Patch-09-17-2009-11h50m57s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m57s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m58s\Patch-09-17-2009-11h50m58s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m58s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m59s\Patch-09-17-2009-11h50m59s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h50m59s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h51m02s\Patch-09-17-2009-11h51m02s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h51m02s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h51m03s\Patch-09-17-2009-11h51m03s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h51m03s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h51m05s\Patch-09-17-2009-11h51m05s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h51m05s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h51m06s\Patch-09-17-2009-11h51m06s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-11h51m06s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-13h30m35s\Patch-09-17-2009-13h30m35s.log
    C:\Users\All Users\NortonInstaller\Logs\09-17-2009-13h30m35s\Patch.1.mft.7z
    C:\Program Files\Microsoft Works\Install.exe
    C:\SwSetup\MSWorks\Install.exe
    C:\SwSetup\MSWorks\PFiles\MSWorks\Install.exe
    C:\Windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  14. Utilisateur anonyme
     
    Bonjours ,

    Pour suivre le sujet merci .
    0
  15. Utilisateur anonyme
     
    Hello ,

    J ai posté ce message pour suivre la discussion , mais si tu veux je peux t aider en attendant le retour de moment de grace .
    0
  16. Utilisateur anonyme
     
    Commence par ceci alors :

    Télécharge UsbFix sur ton Bureau :

    (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectées sans les ouvrir

    • Double clic sur UsbFix.exe présent sur ton Bureau .

    • Choisis l' option 2 ( Suppression )

    • le pc redémarrera .

    • Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

    • Ensuite poste le rapport UsbFix.txt qui apparaitra.

    • Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
    0
  17. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    me revoilà

    je salue El desaparecido en passant

    boom,

    histoire de ne pas me perdre finnissons l'outil precedent

    ▶ Relance List&Kill'em avec le raccourci sur ton bureau ,

    mais cette fois-ci :

    ▶ choisis l'option 2 = Mode Suppression

    laisse travailler l'outil.

    en fin de scan un rapport s'ouvre

    ▶ colle le contenu dans ta reponse

    ensuite

    enchaine

    avec usbfix comme indiqué au post 17

    0