Sujet Précédent Sujet Suivant

Erreur de chargement My Web Search

Fermé
Rose23 - 8 janv. 2010 à 11:58
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 - 9 janv. 2010 à 21:57
Bonjour,

Lorsque j'allume mon pc, j'ai un encadré rectangulaire qui m'annonce "erreur de chargement de C:\PROGRA~1\MYWEBS~1/bar\1-bin\M3PLUGIN-DLL "

... Que faire pour m'en débarasser??

J'ai fais une analyse avec "hijackthis", la voici:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:48, on 08/01/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Users\mss\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\mss\AppData\Local\pqzblt.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Users\mss\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\mss\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Acer\Acer VCM\VC.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\McAfee Security Scan\1.0.150\McUICnt.exe
C:\Windows\system32\WerCon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=duxet&e=com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=duxet&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (file missing)
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Google Update] "C:\Users\mss\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [pqzblt] "c:\users\mss\appdata\local\pqzblt.exe" pqzblt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\mss\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=GRfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:

30 réponses

  • 1
  • 2
Réponse 1 / 30
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 12:02
Bonjour, tu es infecté par l'ad-aware My Web Search:



Pour les ordinateurs équipés de Windows Vista et Windows 7, la désactivation du Contrôle des comptes utilisateurs est obligatoire
sous peine de ne pas pouvoir faire fonctionner correctement l'outil.
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

>Ad-Remover<

>Telecharge Ad-Remover et enregistre-le sur ton bureau :

https://www.commentcamarche.net/telecharger/securite/2547-ad-remover/

>Désactive ton antivirus le temps de la manip
>Déconnecte-toi d'Internet et ferme toutes applications en cours
>Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
>Au menu principal, choisis l'option L ( Nettoyage )
>Poste le rapport généré (C:\Ad-Report-CLEAN.log).
>N'oublie pas de réactiver ton anti-virus
0
Réponse 2 / 30
Rose23
8 janv. 2010 à 12:31
Voici le rapport!

Par contre, je n'ai pas réussi a désactiver mon antivirus avant le nettoyage =S.



======= RAPPORT D'AD-REMOVER 1.1.4.6_G | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 05.01.2010 à 18:50
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 12:21:50, 08/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium v6.0.6000
Nom du PC: PC-DE-MSS | Utilisateur actuel: mss

.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: MyWebSearchService - ... [b]ERREUR SUPPRESSION !![/b]

C:\Users\mss\AppData\Roaming\Mozilla\FireFox\Profiles\wn4237sj.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\mss\AppData\Roaming\Mozilla\FireFox\Profiles\wn4237sj.default\searchplugins\mywebsearch.xml
C:\Users\mss\AppData\Roaming\Mozilla\FireFox\Profiles\wn4237sj.default\searchplugins\sweetim.xml
C:\Users\mss\AppData\Roaming\Mozilla\FireFox\Profiles\wn4237sj.default\SweetIMToolbarData
C:\Program Files\Mozilla FireFox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
C:\Program Files\Mozilla FireFox\extensions\search@searchsettings.com
C:\Windows\System32\f3PSSavr.scr
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Zango
C:\Program Files\FunWebProducts
C:\Program Files\GamesBar
C:\Program Files\pdfforge Toolbar
C:\Program Files\ShoppingReport
C:\Program Files\Zango
C:\Users\mss\AppData\Roaming\WeatherDPA
C:\Users\mss\AppData\Roaming\Zango
C:\Users\mss\AppData\LocalLow\FunWebProducts
C:\Users\mss\AppData\LocalLow\MyWebSearch
C:\Users\mss\AppData\LocalLow\pdfforge
C:\Users\mss\AppData\LocalLow\Search Settings
C:\Users\mss\AppData\LocalLow\ShoppingReport
C:\Users\mss\AppData\LocalLow\Zango
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\ProgramData\ZangoSA
C:\Windows\Installer\1ff0ab.msi
C:\Users\mss\AppData\Local\espgd.bat
C:\Users\mss\AppData\Local\ljntywai.bat
C:\Users\mss\AppData\Local\ocaciug.bat
C:\Users\mss\AppData\Local\pqzblt.dat
C:\Users\mss\AppData\Local\pqzblt.exe
C:\Users\mss\AppData\Local\pqzblt_nav.dat
C:\Users\mss\AppData\Local\pqzblt_navps.dat
C:\Users\mss\AppData\Local\tbhubq.bat

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\appdatalow\software\Fun Web Products
HKCU\software\appdatalow\software\MyWebSearch
HKCU\software\appdatalow\software\pdfforge
HKCU\software\appdatalow\software\ShoppingReport
HKCU\software\appdatalow\software\Zango
HKCU\software\fcn
HKCU\software\FunWebProducts
HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\Registry\User\S-1-5-21-3129188988-1346450921-2992892770-1000\Software\Sweetim
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\pqzblt
HKCU\software\MyWebSearch
HKCU\software\Search Settings
HKCU\software\ShoppingReport
HKCU\software\SweetIM
HKCU\software\zangosa
HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\Software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}
HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}
HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
HKLM\Software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
HKLM\software\classes\CntntCntr.CntntDic
HKLM\software\classes\CntntCntr.CntntDic.1
HKLM\software\classes\CntntCntr.CntntDisp
HKLM\software\classes\CntntCntr.CntntDisp.1
HKLM\software\classes\CoreSrv.CoreServices
HKLM\software\classes\CoreSrv.CoreServices.1
HKLM\software\classes\CoreSrv.LfgAx
HKLM\software\classes\CoreSrv.LfgAx.1
HKLM\software\classes\FunWebProducts.DataControl
HKLM\software\classes\FunWebProducts.DataControl.1
HKLM\software\classes\FunWebProducts.HistoryKillerScheduler
HKLM\software\classes\FunWebProducts.HistoryKillerScheduler.1
HKLM\software\classes\FunWebProducts.HistorySwatterControlBar
HKLM\software\classes\FunWebProducts.HistorySwatterControlBar.1
HKLM\software\classes\FunWebProducts.HTMLMenu
HKLM\software\classes\FunWebProducts.HTMLMenu.1
HKLM\software\classes\FunWebProducts.HTMLMenu.2
HKLM\software\classes\FunWebProducts.IECookiesManager
HKLM\software\classes\FunWebProducts.IECookiesManager.1
HKLM\software\classes\FunWebProducts.KillerObjManager
HKLM\software\classes\FunWebProducts.KillerObjManager.1
HKLM\software\classes\FunWebProducts.PopSwatterBarButton
HKLM\software\classes\FunWebProducts.PopSwatterBarButton.1
HKLM\software\classes\FunWebProducts.PopSwatterSettingsControl
HKLM\software\classes\FunWebProducts.PopSwatterSettingsControl.1
HKLM\software\classes\HbCoreSrv.DynamicProp
HKLM\software\classes\HbCoreSrv.DynamicProp.1
HKLM\software\classes\HBMain.CommBand
HKLM\software\classes\HBMain.CommBand.1
HKLM\software\classes\hbr.HbMain
HKLM\software\classes\hbr.HbMain.1
HKLM\software\classes\HostIE.Bho
HKLM\software\classes\HostIE.Bho.1
HKLM\software\classes\HostOL.MailAnim
HKLM\software\classes\HostOL.MailAnim.1
HKLM\software\classes\HostOL.WebmailSend
HKLM\software\classes\HostOL.WebmailSend.1
HKLM\software\classes\installer\Products\A6EB8FE4C9986914497E92C7F5A702E3
HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKLM\software\classes\MyWebSearch.ChatSessionPlugin
HKLM\software\classes\MyWebSearch.ChatSessionPlugin.1
HKLM\software\classes\MyWebSearch.HTMLPanel
HKLM\software\classes\MyWebSearch.HTMLPanel.1
HKLM\software\classes\MyWebSearch.OutlookAddin
HKLM\software\classes\MyWebSearch.OutlookAddin.1
HKLM\software\classes\MyWebSearch.PseudoTransparentPlugin
HKLM\software\classes\MyWebSearch.PseudoTransparentPlugin.1
HKLM\software\classes\MyWebSearchToolBar.SettingsPlugin
HKLM\software\classes\MyWebSearchToolBar.SettingsPlugin.1
HKLM\software\classes\MyWebSearchToolBar.ToolbarPlugin
HKLM\software\classes\MyWebSearchToolBar.ToolbarPlugin.1
HKLM\software\classes\ScreenSaverControl.ScreenSaverInstaller
HKLM\software\classes\ScreenSaverControl.ScreenSaverInstaller.1
HKLM\software\classes\ShoppingReport.HbAx
HKLM\software\classes\ShoppingReport.HbAx.1
HKLM\software\classes\ShoppingReport.HbInfoBand
HKLM\software\classes\ShoppingReport.HbInfoBand.1
HKLM\software\classes\ShoppingReport.IEButton
HKLM\software\classes\ShoppingReport.IEButton.1
HKLM\software\classes\ShoppingReport.IEButtonA
HKLM\software\classes\ShoppingReport.IEButtonA.1
HKLM\software\classes\ShoppingReport.RprtCtrl
HKLM\software\classes\ShoppingReport.RprtCtrl.1
HKLM\software\classes\Srv.CoreServices
HKLM\software\classes\Srv.CoreServices.1
HKLM\software\classes\Toolbar.HtmlMenuUI
HKLM\software\classes\Toolbar.HtmlMenuUI.1
HKLM\software\classes\Toolbar.ToolbarCtl
HKLM\software\classes\Toolbar.ToolbarCtl.1
HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
HKLM\Software\Classes\TypeLib\{89085678-632D-4DEB-BDA0-CD912C63203E}
HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
HKLM\Software\Classes\TypeLib\{ABEC1835-3181-4ABD-8DDE-875AEC4DF6D2}
HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
HKLM\software\classes\Wallpaper.WallpaperManager
HKLM\software\classes\Wallpaper.WallpaperManager.1
HKLM\software\FocusInteractive
HKLM\software\Fun Web Products
HKLM\software\GamesBarSetup
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
HKLM\software\microsoft\internet explorer\searchscopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources\\F3PopularScreenSavers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\377026901A2D8744A8423A983B50E0D1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\76DA9915C36F3D742951F63351CF5C97
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\8A01D85165E7CD5448C71263ADB6A2E2
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9B0B0584E80456A4FB98DA3973B1EB3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A89F1E0FE544529429C8BF82FE74CE39
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B278DBFACA5AB424DA79915F3A109F9A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B3B348F18694F1949B4D6BD9507F2886
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\C9667115F6A9CE340B31B63B680FF26F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E48E3A6D380B2EC4ABCEB3BA048D767F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EFB70E89C3D6D354596520DE424F89D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F49A213B5069AC348994D03F81B56C19
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F715D253BF28D554C9C0F60ABA8585CF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A6EB8FE4C9986914497E92C7F5A702E3
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform\\FunWebProducts
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Plugin
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
HKLM\software\microsoft\windows\currentversion\uninstall\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}
HKLM\software\microsoft\windows\currentversion\uninstall\MyWebSearch bar Uninstall
HKLM\software\microsoft\windows\currentversion\uninstall\pqzblt
HKLM\software\microsoft\windows\currentversion\uninstall\ShoppingReport
HKLM\software\MyWebSearch
HKLM\software\pdfforge
HKLM\software\Search Settings
HKLM\software\ShoppingReport
HKLM\software\SweetIM
HKLM\software\Zango
HKU\S-1-5-21-3129188988-1346450921-2992892770-1000\Software\Microsoft\Internet Explorer\Searchscopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.7 [fr] *
.
Nom du profil: wn4237sj.default (mss)
.
(mss, prefs.js) Browser.download.dir, C:\Users\mss\Downloads
(mss, prefs.js) Browser.download.lastDir, F:
(mss, prefs.js) Browser.search.defaultenginename, Yahoo
(mss, prefs.js) Browser.search.defaulturl, hxxp://search.sweetim.com/search.asp?src=2&q=
(mss, prefs.js) Browser.search.selectedEngine, Google
(mss, prefs.js) Browser.startup.homepage, hxxp://www.msn.fr
(mss, prefs.js) Extensions.enabledItems, {53724739-8c9b-4b6d-904d-de60ae2a431c}:1.0.71,{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{20a82645-c095-46ed-80e3-08825760534b}:1.1,search@searchsettings.com:1.2.2,{EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8,Zango@Zango.com:10.3.85.0,{B922D405-6D13-4A2B-AE89-08A030DA4402}:1.1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
(mss, prefs.js) Keyword.URL, hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=knLRkopPNzU9wDOBSzZ_8w&url=hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
(mss, prefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Chercher Malin
(mss, prefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Google
(mss, prefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://fr.msn.com/
(mss, prefs.js) Sweetim.toolbar.previous.keyword.URL, hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=knLRkopPNzU9wDOBSzZ_8w&url=hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
.
(mss, prefs.js) EFFACE - Browser.search.defaulturl, hxxp://search.sweetim.com/search.asp?src=2&q=
(mss, prefs.js) EFFACE - Extensions.mywebsearch.openSearchURL, hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=GRfox000&ptb=knLRkopPNzU9wDOBSzZ_8w
(mss, prefs.js) EFFACE - Extensions.mywebsearch.prevKwdEnabled, true
(mss, prefs.js) EFFACE - Extensions.mywebsearch.prevKwdURL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(mss, prefs.js) EFFACE - Keyword.URL, hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=knLRkopPNzU9wDOBSzZ_8w&url=hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
(mss, prefs.js) EFFACE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(mss, prefs.js) EFFACE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(mss, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(mss, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(mss, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(mss, prefs.js) EFFACE - Sweetim.toolbar.mode.debug, false
(mss, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaultenginename, Chercher Malin
(mss, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.selectedEngine, Google
(mss, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://fr.msn.com/
(mss, prefs.js) EFFACE - Sweetim.toolbar.previous.keyword.URL, hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0&ptb=knLRkopPNzU9wDOBSzZ_8w&url=hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
(mss, prefs.js) EFFACE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(mss, prefs.js) EFFACE - Sweetim.toolbar.search.history.capacity, 10
(mss, prefs.js) EFFACE - Sweetim.toolbar.simapp_id, {92F40426-D61B-4475-8726-85C6B51A9611}
(mss, prefs.js) EFFACE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(mss, prefs.js) EFFACE - Sweetim.toolbar.version, 1.0.0.8
.
.
* Internet Explorer Version 7.0.6000.16945 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1 (0x1)
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Use Search Asst:
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
SearchAssistant:
Enable Browser Extensions: yes
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
25978 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
0 Fichier(s) - C:\Users\mss\AppData\Local\Temp
0 Fichier(s) - C:\Windows\Temp
0 Fichier(s) - C:\Windows\Prefetch
.
19 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
545 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 12:28:39 | 08/01/2010 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 3 / 30
Rose23
8 janv. 2010 à 12:57
Le virus est-il parti?
0
Réponse 4 / 30
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 13:53
Et bien, c'est bien infecté ^^



La suite :


Pour ceux qui on vista ou windows 7,desactivez l'UAC :
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac


>Toolbar S&D<


>Telecharge Toolbar S&D ici

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

>Enregistrer le logiciel sur le bureau
>Double-clique sur l'icone "l'icône ToolBarSD.exe"
>Accepte l'installation


>Une fois l'installation terminée, Double-clique sur la nouvelle icone avec écrit Toolbar S&D noir sur ton bureau
>Appuie sur "F" pour choisir la langue francais
>Choisi l'option 1 "recherche" le menu Démarrer et les icônes vont disparaitrent, c'est normal.
>Laisse l'outil faire, ne touche à rien
>Une fois l'analyse terminé, le rapport de recherche s'ouve sur le Bloc-Note. (Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\TB.txt)

>Poste le rapport
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 30
Rose23
8 janv. 2010 à 14:55
Voici le nouveau rapport:


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : ZD1 v1.3813 3H11
USER : mss ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:74 Go)
D:\ (Local Disk) - NTFS - Total:138 Go (Free:138 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 08/01/2010|14:54 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="http://www.bing.com/spresults.aspx"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 08/01/2010|14:54 - Option : [1]

-----------\\ Fin du rapport a 14:54:25,72

Merci de m'aider :-)
0
Réponse 6 / 30
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 15:51
Ok, fait ceci :


>Telecharge RSIT ici et enregistre-le sur ton bureau :

http://images.malwareremoval.com/random/RSIT.exe

>Double-clique sur RSIT.exe qui se trouve sur le bureau

>Le programme se lance, choisi "1month" et clique sur "continue"

>Laisse faire l'outil et poste le rapport qui s'affiche.


>Voici un tuto d'aide :

https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
0
Réponse 7 / 30
Rose23
8 janv. 2010 à 16:18
Voici le rapport :)
Merci d'avance!

Run by mss at 2010-01-08 16:18:01
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 77 GB (52%) free of 148 GB
Total RAM: 3070 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:18:03, on 08/01/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Users\mss\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Acer VCM\VC.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Users\mss\Downloads\RSIT(2).exe
C:\Program Files\Trend Micro\HijackThis\mss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Google Update] "C:\Users\mss\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\mss\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 8 / 30
Rose23
8 janv. 2010 à 16:20
et voici le rapport noté "info"
info.txt logfile of random's system information tool 1.06 2010-01-08 16:08:28

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\Setup.exe" -uninst
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer Crystal Eye Webcam Video Class Camera -->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly -u
Acer Crystal Eye Webcam-->C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe -runfromtemp -l0x040c -removeonly
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eAudio Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.EXE" -uninstall
Acer eDataSecurity Management-->MsiExec.exe /X{AEEAE013-92F1-4515-B278-139F1A692A36}
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x40c -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe"
Advanced PDF to HTML converter 1.9.9.16-->"C:\Program Files\Advanced PDF to HTML converter\unins000.exe"
aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Batch PPTX to PPT Converter 2009-->"C:\Users\mss\AppData\Local\Batchwork\Ppt-2-Ppt\unins000.exe"
Bejeweled 2 Deluxe-->C:\Program Files\PopCap Games\Bejeweled 2 Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Bejeweled 2 Deluxe\Install.log"
Catalyst Control Center - Branding-->MsiExec.exe /I{01C08A7D-4CCD-41F8-B020-4B4BB8C08C68}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cisco Systems VPN Client 5.0.05.0290-->MsiExec.exe /X{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}
Cooking Dash Diner Town Studios-->"C:\Program Files\orange\jeux\Cooking Dash Diner Town Studios\Uninstall.exe" "C:\Program Files\orange\jeux\Cooking Dash Diner Town Studios\install.log"
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}
Free Video Dub version 1.4-->"C:\Program Files\DVDVideoSoft\Free Video Dub\unins000.exe"
Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe
GIMP 2.6.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Gourmania-->"C:\Program Files\orange\jeux\Gourmania\Uninstall.exe" "C:\Program Files\orange\jeux\Gourmania\install.log"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -Ic:\Release\Foxconn\51338\AcrZUn32z.inf
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
McAfee Security Scan-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -l0x40c anything
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Sunshine Acres-->"C:\Program Files\orange\jeux\Sunshine Acres\Uninstall.exe" "C:\Program Files\orange\jeux\Sunshine Acres\install.log"
SuperTux 0.1.3-->"C:\Program Files\SuperTux\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.4900-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-37001CCBBA5D}
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\common\unyt.exe
Zango-->"C:\Program Files\Zango\bin\10.3.85.0\ZangoUninstaller.exe" Web

Securitycenter WMI appears to be broken

======System event log======

Computer Name: PC-de-mss
Event Code: 7000
Message: Le service avast! Antivirus n'a pas pu démarrer en raison de l'erreur :
Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
Record Number: 119306
Source Name: Service Control Manager
Time Written: 20100108111621.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mss
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 119317
Source Name: Service Control Manager
Time Written: 20100108111621.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mss
Event Code: 7000
Message: Le service My Web Search Service n'a pas pu démarrer en raison de l'erreur :
Le chemin d'accès spécifié est introuvable.
Record Number: 119333
Source Name: Service Control Manager
Time Written: 20100108111621.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mss
Event Code: 4
Message: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.
Record Number: 119439
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20100108113625.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-mss
Event Code: 4
Message: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.
Record Number: 119440
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20100108113625.000000-000
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: PC-de-mss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Zango\bin\10385~1.0\Toolbar.dll un code suspect avec la désignation 'ADSPY/AdSpy.Gen'!
Record Number: 32094
Source Name: Avira AntiVir
Time Written: 20100108112419.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Zango\bin\10.3.85.0\WeSkin.VIR un code suspect avec la désignation 'ADSPY/AdSpy.Gen'!
Record Number: 32095
Source Name: Avira AntiVir
Time Written: 20100108112424.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Zango\bin\10385~1.0\Wallpaper.dll un code suspect avec la désignation 'ADSPY/AdSpy.Gen'!
Record Number: 32096
Source Name: Avira AntiVir
Time Written: 20100108112424.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Zango\bin\10.3.85.0\ZangoSADF.exe un code suspect avec la désignation 'ADSPY/AdSpy.Gen'!
Record Number: 32097
Source Name: Avira AntiVir
Time Written: 20100108112435.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mss
Event Code: 3
Message: Le service Centre de sécurité de Windows n’a pas pu établir de requêtes d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion et le pare-feu tiers.
Record Number: 32098
Source Name: SecurityCenter
Time Written: 20100108112449.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-mss
Event Code: 1100
Message: Le service d’enregistrement des événements a été arrêté.
Record Number: 24378
Source Name: Microsoft-Windows-Eventlog
Time Written: 20091103085730.966000-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mss
Event Code: 4616
Message: L’heure du système a été modifiée.

Sujet :
ID de sécurité : S-1-5-19
Nom du compte : SERVICE LOCAL
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e5

Informations sur le processus :
ID du processus : 0x588
Nom : C:\Windows\System32\svchost.exe

Heure précédente : 09:57:30 03/11/2009
Nouvelle heure : 09:57:30 03/11/2009

Cet événement est généré lorsque l’heure du système est modifiée. Le changement régulier de l’heure du système est une opération normale de la part du service de temps Windows qui s’exécute avec des privilèges système. Mais, d’autres modifications de l’heure du système peuvent indiquer des tentatives de falsification de l’ordinateur.
Record Number: 24379
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091103085730.690000-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mss
Event Code: 4634
Message: Fermeture de session d’un compte.

Sujet :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID du compte : 0x3a689

Type d’ouverture de session : 3

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
Record Number: 24380
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091103085730.977000-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mss
Event Code: 4608
Message: Windows démarre.

Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé.
Record Number: 24381
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091103105808.706910-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mss
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0

Type d’ouverture de session : 0

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x4
Nom du processus :

Informations sur le réseau :
Nom de la station de travail : -
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : -
Package d’authentification : -
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 24382
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091103105808.722510-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
Réponse 9 / 30
Rose23
8 janv. 2010 à 16:21
et voici le rapport noté "info"
info.txt logfile of random's system information tool 1.06 2010-01-08 16:08:28

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\Setup.exe" -uninst
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer Crystal Eye Webcam Video Class Camera -->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly -u
Acer Crystal Eye Webcam-->C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe -runfromtemp -l0x040c -removeonly
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eAudio Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.EXE" -uninstall
Acer eDataSecurity Management-->MsiExec.exe /X{AEEAE013-92F1-4515-B278-139F1A692A36}
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x40c -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe"
Advanced PDF to HTML converter 1.9.9.16-->"C:\Program Files\Advanced PDF to HTML converter\unins000.exe"
aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Batch PPTX to PPT Converter 2009-->"C:\Users\mss\AppData\Local\Batchwork\Ppt-2-Ppt\unins000.exe"
Bejeweled 2 Deluxe-->C:\Program Files\PopCap Games\Bejeweled 2 Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Bejeweled 2 Deluxe\Install.log"
Catalyst Control Center - Branding-->MsiExec.exe /I{01C08A7D-4CCD-41F8-B020-4B4BB8C08C68}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cisco Systems VPN Client 5.0.05.0290-->MsiExec.exe /X{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}
Cooking Dash Diner Town Studios-->"C:\Program Files\orange\jeux\Cooking Dash Diner Town Studios\Uninstall.exe" "C:\Program Files\orange\jeux\Cooking Dash Diner Town Studios\install.log"
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}
Free Video Dub version 1.4-->"C:\Program Files\DVDVideoSoft\Free Video Dub\unins000.exe"
Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe
GIMP 2.6.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Gourmania-->"C:\Program Files\orange\jeux\Gourmania\Uninstall.exe" "C:\Program Files\orange\jeux\Gourmania\install.log"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -Ic:\Release\Foxconn\51338\AcrZUn32z.inf
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
McAfee Security Scan-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -l0x40c anything
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Sunshine Acres-->"C:\Program Files\orange\jeux\Sunshine Acres\Uninstall.exe" "C:\Program Files\orange\jeux\Sunshine Acres\install.log"
SuperTux 0.1.3-->"C:\Program Files\SuperTux\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.4900-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-37001CCBBA5D}
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\common\unyt.exe
Zango-->"C:\Program Files\Zango\bin\10.3.85.0\ZangoUninstaller.exe" Web

Securitycenter WMI appears to be broken

======System event log======

Computer Name: PC-de-mss
Event Code: 7000
Message: Le service avast! Antivirus n'a pas pu démarrer en raison de l'erreur :
Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
Record Number: 119306
Source Name: Service Control Manager
Time Written: 20100108111621.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mss
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 119317
Source Name: Service Control Manager
Time Written: 20100108111621.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mss
Event Code: 7000
Message: Le service My Web Search Service n'a pas pu démarrer en raison de l'erreur :
Le chemin d'accès spécifié est introuvable.
Record Number: 119333
Source Name: Service Control Manager
Time Written: 20100108111621.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mss
Event Code: 4
Message: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.
Record Number: 119439
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20100108113625.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-mss
Event Code: 4
Message: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.
Record Number: 119440
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20100108113625.000000-000
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: PC-de-mss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Zango\bin\10385~1.0\Toolbar.dll un code suspect avec la désignation 'ADSPY/AdSpy.Gen'!
Record Number: 32094
Source Name: Avira AntiVir
Time Written: 20100108112419.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Zango\bin\10.3.85.0\WeSkin.VIR un code suspect avec la désignation 'ADSPY/AdSpy.Gen'!
Record Number: 32095
Source Name: Avira AntiVir
Time Written: 20100108112424.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Zango\bin\10385~1.0\Wallpaper.dll un code suspect avec la désignation 'ADSPY/AdSpy.Gen'!
Record Number: 32096
Source Name: Avira AntiVir
Time Written: 20100108112424.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Zango\bin\10.3.85.0\ZangoSADF.exe un code suspect avec la désignation 'ADSPY/AdSpy.Gen'!
Record Number: 32097
Source Name: Avira AntiVir
Time Written: 20100108112435.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mss
Event Code: 3
Message: Le service Centre de sécurité de Windows n’a pas pu établir de requêtes d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion et le pare-feu tiers.
Record Number: 32098
Source Name: SecurityCenter
Time Written: 20100108112449.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-mss
Event Code: 1100
Message: Le service d’enregistrement des événements a été arrêté.
Record Number: 24378
Source Name: Microsoft-Windows-Eventlog
Time Written: 20091103085730.966000-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mss
Event Code: 4616
Message: L’heure du système a été modifiée.

Sujet :
ID de sécurité : S-1-5-19
Nom du compte : SERVICE LOCAL
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e5

Informations sur le processus :
ID du processus : 0x588
Nom : C:\Windows\System32\svchost.exe

Heure précédente : 09:57:30 03/11/2009
Nouvelle heure : 09:57:30 03/11/2009

Cet événement est généré lorsque l’heure du système est modifiée. Le changement régulier de l’heure du système est une opération normale de la part du service de temps Windows qui s’exécute avec des privilèges système. Mais, d’autres modifications de l’heure du système peuvent indiquer des tentatives de falsification de l’ordinateur.
Record Number: 24379
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091103085730.690000-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mss
Event Code: 4634
Message: Fermeture de session d’un compte.

Sujet :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID du compte : 0x3a689

Type d’ouverture de session : 3

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
Record Number: 24380
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091103085730.977000-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mss
Event Code: 4608
Message: Windows démarre.

Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé.
Record Number: 24381
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091103105808.706910-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mss
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0

Type d’ouverture de session : 0

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x4
Nom du processus :

Informations sur le réseau :
Nom de la station de travail : -
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : -
Package d’authentification : -
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 24382
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091103105808.722510-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
Réponse 10 / 30
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 16:53
Fait ceci :


/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs(uac)

https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

Téléchargez Lop S&D.exe sur le Bureau



https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Certaines infections bloquent les telechargements d' outils de desinfection utilisez ce lien alternatif:
http://ww38.toofiles.com/fr/oip/documents/exe/yop4.html

* Double-cliquez dessus pour lancer l'installation

* Puis double-cliquez sur le raccourci Lop S&D présent sur le Bureau

* Séléctionnez la langue souhaitée, puis choisir l'option 1 (Recherche)

* Patientez jusqu'à la fin du scan

* Postez le rapport généré sur un forum(C:\lopR.txt)


Tutorial (aide) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956­.htm
0
Réponse 11 / 30
Rose23
8 janv. 2010 à 17:28
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : ZD1 v1.3813 3H11
USER : mss ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:74 Go)
D:\ (Local Disk) - NTFS - Total:138 Go (Free:138 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 08/01/2010|17:24 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[03/07/2009|17:25] C:\Users\mss\AppData\Local\Acer Arcade Deluxe
[15/05/2009|08:18] C:\Users\mss\AppData\Local\acer eNM
[05/11/2009|16:18] C:\Users\mss\AppData\Local\Adobe
[02/07/2009|10:57] C:\Users\mss\AppData\Local\Apple
[10/08/2009|11:43] C:\Users\mss\AppData\Local\Apple Computer
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Application Data
[15/05/2009|09:14] C:\Users\mss\AppData\Local\ATI
[12/11/2009|14:22] C:\Users\mss\AppData\Local\Batchwork
[15/05/2009|09:00] C:\Users\mss\AppData\Local\d3d9caps.dat
[07/01/2010|20:54] C:\Users\mss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08/11/2009|11:37] C:\Users\mss\AppData\Local\GDIPFONTCACHEV1.DAT
[06/01/2010|17:10] C:\Users\mss\AppData\Local\Google
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Historique
[08/01/2010|12:20] C:\Users\mss\AppData\Local\IconCache.db
[13/07/2009|14:48] C:\Users\mss\AppData\Local\Microsoft
[13/07/2009|15:51] C:\Users\mss\AppData\Local\Microsoft Games
[10/11/2009|10:10] C:\Users\mss\AppData\Local\Microsoft Help
[22/06/2009|15:11] C:\Users\mss\AppData\Local\Mozilla
[15/05/2009|08:40] C:\Users\mss\AppData\Local\PlayMovie
[03/07/2009|17:25] C:\Users\mss\AppData\Local\PowerCinema
[08/01/2010|17:23] C:\Users\mss\AppData\Local\Temp
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Temporary Internet Files
[12/07/2009|15:49] C:\Users\mss\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/01/2010 16:50][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3129188988-1346450921-2992892770-1000UA.job
[06/01/2010 09:50][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3129188988-1346450921-2992892770-1000Core.job
[08/01/2010 15:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{D5AD2CD1-332D-4327-A51F-265208FD6B1A}.job
[08/01/2010 12:22][--ah-----] C:\Windows\tasks\SA.DAT
[08/01/2010 12:20][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[11/05/2007|03:11] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[05/11/2009|16:22] C:\ProgramData\Adobe
[02/07/2009|10:57] C:\ProgramData\Apple
[02/07/2009|10:57] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[15/05/2009|09:14] C:\ProgramData\ATI
[04/12/2009|19:48] C:\ProgramData\Avira
[15/05/2009|08:13] C:\ProgramData\Bureau
[11/07/2009|20:53] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[15/05/2009|08:13] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[06/08/2009|14:13] C:\ProgramData\Gogii
[03/01/2010|13:48] C:\ProgramData\Google
[26/06/2009|17:05] C:\ProgramData\InstallShield
[02/10/2009|08:12] C:\ProgramData\LUUnInstall.LiveUpdate
[07/11/2009|16:14] C:\ProgramData\McAfee
[05/11/2009|16:14] C:\ProgramData\McAfee Security Scan
[15/05/2009|08:13] C:\ProgramData\Menu D‚marrer
[10/09/2009|18:33] C:\ProgramData\Microsoft
[11/12/2009|21:42] C:\ProgramData\Microsoft Help
[15/05/2009|08:13] C:\ProgramData\ModŠles
[07/11/2009|16:30] C:\ProgramData\PlayFirst
[08/01/2010|13:10] C:\ProgramData\PopCap Games
[02/11/2006|14:02] C:\ProgramData\Start Menu
[02/10/2009|08:12] C:\ProgramData\Symantec
[31/12/2009|14:09] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[25/06/2009|22:41] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[15/05/2009|08:34] C:\Program Files\Acer
[15/05/2009|08:19] C:\Program Files\Acer Arcade Deluxe
[15/05/2009|08:04] C:\Program Files\ACER Crystal Eye webcam
[15/05/2009|08:40] C:\Program Files\Acer Inc
[11/05/2007|03:11] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/11/2009|16:18] C:\Program Files\Adobe
[08/01/2010|12:28] C:\Program Files\Ad-Remover
[05/11/2009|22:16] C:\Program Files\Advanced PDF to HTML converter
[21/09/2009|20:40] C:\Program Files\Alwil Software
[18/09/2009|15:41] C:\Program Files\aMSN
[02/07/2009|10:57] C:\Program Files\Apple Software Update
[15/05/2009|09:10] C:\Program Files\ATI
[15/05/2009|09:11] C:\Program Files\ATI Technologies
[25/08/2009|21:11] C:\Program Files\Audacity
[04/12/2009|19:48] C:\Program Files\Avira
[02/10/2009|08:02] C:\Program Files\CCleaner
[21/09/2009|12:47] C:\Program Files\Cisco Systems
[05/11/2009|16:18] C:\Program Files\Common Files
[11/05/2007|01:59] C:\Program Files\CONEXANT
[11/05/2007|02:55] C:\Program Files\CyberLink
[23/08/2009|18:47] C:\Program Files\DVDVideoSoft
[15/05/2009|08:13] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/09/2009|11:05] C:\Program Files\Gadwin Systems
[19/11/2009|16:59] C:\Program Files\GIMP-2.0
[03/01/2010|13:48] C:\Program Files\Google
[17/10/2009|17:44] C:\Program Files\InstallShield Installation Information
[15/05/2009|08:15] C:\Program Files\Intel
[13/12/2009|15:14] C:\Program Files\Internet Explorer
[16/10/2009|16:36] C:\Program Files\Java
[16/10/2009|16:37] C:\Program Files\JRE
[15/05/2009|08:18] C:\Program Files\Launch Manager
[05/11/2009|16:14] C:\Program Files\McAfee Security Scan
[16/09/2009|11:25] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[11/05/2007|03:11] C:\Program Files\Microsoft Office
[04/10/2009|13:27] C:\Program Files\Microsoft Silverlight
[08/11/2009|09:57] C:\Program Files\Microsoft Works
[11/05/2007|03:09] C:\Program Files\Microsoft.NET
[02/11/2006|13:42] C:\Program Files\Movie Maker
[08/01/2010|12:29] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[18/09/2009|14:09] C:\Program Files\MSECACHE
[02/11/2006|13:37] C:\Program Files\MSN
[23/06/2009|10:39] C:\Program Files\MSXML 4.0
[11/05/2007|02:47] C:\Program Files\NewTech Infosystems
[07/11/2009|16:23] C:\Program Files\Oberon Media
[16/10/2009|16:37] C:\Program Files\OpenOffice.org 3
[06/08/2009|14:13] C:\Program Files\orange
[12/11/2009|14:37] C:\Program Files\PDFCreator
[06/07/2009|19:15] C:\Program Files\PhotoFiltre
[08/01/2010|13:10] C:\Program Files\PopCap Games
[02/07/2009|10:58] C:\Program Files\QuickTime
[15/05/2009|08:29] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[22/11/2009|17:30] C:\Program Files\SuperTux
[15/05/2009|08:04] C:\Program Files\SUYIN
[02/10/2009|08:12] C:\Program Files\Symantec
[11/05/2007|02:00] C:\Program Files\Synaptics
[08/01/2010|11:49] C:\Program Files\Trend Micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[24/10/2009|12:11] C:\Program Files\UseNeXT
[10/08/2009|11:51] C:\Program Files\VideoLAN
[15/05/2009|08:32] C:\Program Files\WIDCOMM
[11/05/2007|02:31] C:\Program Files\Winbond Electronics
[23/06/2009|11:16] C:\Program Files\Windows Calendar
[02/11/2006|13:42] C:\Program Files\Windows Collaboration
[23/06/2009|11:16] C:\Program Files\Windows Defender
[18/09/2009|14:09] C:\Program Files\Windows Installer Clean Up
[02/11/2006|13:42] C:\Program Files\Windows Journal
[18/09/2009|14:18] C:\Program Files\Windows Live
[18/09/2009|14:18] C:\Program Files\Windows Live SkyDrive
[13/12/2009|15:14] C:\Program Files\Windows Mail
[31/10/2009|14:05] C:\Program Files\Windows Media Player
[15/05/2009|08:13] C:\Program Files\Windows NT
[02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
[23/06/2009|11:16] C:\Program Files\Windows Sidebar
[15/05/2009|08:15] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[05/11/2009|16:18] C:\Program Files\Common Files\Adobe
[11/05/2007|03:09] C:\Program Files\Common Files\DESIGNER
[21/09/2009|12:47] C:\Program Files\Common Files\Deterministic Networks
[23/08/2009|18:47] C:\Program Files\Common Files\DVDVideoSoft
[26/06/2009|17:05] C:\Program Files\Common Files\InstallShield
[11/05/2007|02:47] C:\Program Files\Common Files\LightScribe
[08/11/2009|09:58] C:\Program Files\Common Files\microsoft shared
[11/05/2007|02:47] C:\Program Files\Common Files\muvee Technologies
[11/05/2007|02:47] C:\Program Files\Common Files\NewTech Infosystems
[06/08/2009|14:13] C:\Program Files\Common Files\Oberon Media
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[17/10/2009|17:44] C:\Program Files\Common Files\snp2uvc
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[02/10/2009|08:17] C:\Program Files\Common Files\Symantec Shared
[23/06/2009|11:16] C:\Program Files\Common Files\System
[22/06/2009|15:09] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 76 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 17:24:47
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:9][D:64]-> C:\Users\mss\AppData\Local\Temp
[F:15][D:1]-> C:\Users\mss\AppData\Roaming\MICROS~1\Windows\Cookies
[F:67][D:26]-> C:\Users\mss\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:2]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 08/01/2010|17:26 - Option : [1]

--------------------\\ Fin du rapport a 17:26:17
[ UAC => 1 ]

Voila.
0
Réponse 12 / 30
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 17:30
Ok, tu as bien désactivé l'UAC comme indiqué ?


/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs(uac)

https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

T
* Puis double-cliquez sur le raccourci Lop S&D présent sur le Bureau

* Séléctionnez la langue souhaitée, puis choisir l'option 2 (Suppression)

* Patientez jusqu'à la fin du scan

* Postez le rapport généré sur un forum(C:\lopR.txt)


Tutorial (aide) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956­.htm
0
Réponse 13 / 30
Rose23
8 janv. 2010 à 17:38
A non, milles excuses =S.

Voila le rapport en ayant désactivé l'UAC:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : ZD1 v1.3813 3H11
USER : mss ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:74 Go)
D:\ (Local Disk) - NTFS - Total:138 Go (Free:138 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 08/01/2010|17:35 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[03/07/2009|17:25] C:\Users\mss\AppData\Local\Acer Arcade Deluxe
[15/05/2009|08:18] C:\Users\mss\AppData\Local\acer eNM
[05/11/2009|16:18] C:\Users\mss\AppData\Local\Adobe
[02/07/2009|10:57] C:\Users\mss\AppData\Local\Apple
[10/08/2009|11:43] C:\Users\mss\AppData\Local\Apple Computer
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Application Data
[15/05/2009|09:14] C:\Users\mss\AppData\Local\ATI
[12/11/2009|14:22] C:\Users\mss\AppData\Local\Batchwork
[15/05/2009|09:00] C:\Users\mss\AppData\Local\d3d9caps.dat
[07/01/2010|20:54] C:\Users\mss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08/11/2009|11:37] C:\Users\mss\AppData\Local\GDIPFONTCACHEV1.DAT
[06/01/2010|17:10] C:\Users\mss\AppData\Local\Google
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Historique
[08/01/2010|17:31] C:\Users\mss\AppData\Local\IconCache.db
[13/07/2009|14:48] C:\Users\mss\AppData\Local\Microsoft
[13/07/2009|15:51] C:\Users\mss\AppData\Local\Microsoft Games
[10/11/2009|10:10] C:\Users\mss\AppData\Local\Microsoft Help
[22/06/2009|15:11] C:\Users\mss\AppData\Local\Mozilla
[15/05/2009|08:40] C:\Users\mss\AppData\Local\PlayMovie
[03/07/2009|17:25] C:\Users\mss\AppData\Local\PowerCinema
[08/01/2010|17:34] C:\Users\mss\AppData\Local\Temp
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Temporary Internet Files
[12/07/2009|15:49] C:\Users\mss\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/01/2010 16:50][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3129188988-1346450921-2992892770-1000UA.job
[06/01/2010 09:50][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3129188988-1346450921-2992892770-1000Core.job
[08/01/2010 15:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{D5AD2CD1-332D-4327-A51F-265208FD6B1A}.job
[08/01/2010 17:32][--ah-----] C:\Windows\tasks\SA.DAT
[08/01/2010 17:31][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[11/05/2007|03:11] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[05/11/2009|16:22] C:\ProgramData\Adobe
[02/07/2009|10:57] C:\ProgramData\Apple
[02/07/2009|10:57] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[15/05/2009|09:14] C:\ProgramData\ATI
[04/12/2009|19:48] C:\ProgramData\Avira
[15/05/2009|08:13] C:\ProgramData\Bureau
[11/07/2009|20:53] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[15/05/2009|08:13] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[06/08/2009|14:13] C:\ProgramData\Gogii
[03/01/2010|13:48] C:\ProgramData\Google
[26/06/2009|17:05] C:\ProgramData\InstallShield
[02/10/2009|08:12] C:\ProgramData\LUUnInstall.LiveUpdate
[07/11/2009|16:14] C:\ProgramData\McAfee
[05/11/2009|16:14] C:\ProgramData\McAfee Security Scan
[15/05/2009|08:13] C:\ProgramData\Menu D‚marrer
[10/09/2009|18:33] C:\ProgramData\Microsoft
[11/12/2009|21:42] C:\ProgramData\Microsoft Help
[15/05/2009|08:13] C:\ProgramData\ModŠles
[07/11/2009|16:30] C:\ProgramData\PlayFirst
[08/01/2010|13:10] C:\ProgramData\PopCap Games
[02/11/2006|14:02] C:\ProgramData\Start Menu
[02/10/2009|08:12] C:\ProgramData\Symantec
[31/12/2009|14:09] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[25/06/2009|22:41] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[15/05/2009|08:34] C:\Program Files\Acer
[15/05/2009|08:19] C:\Program Files\Acer Arcade Deluxe
[15/05/2009|08:04] C:\Program Files\ACER Crystal Eye webcam
[15/05/2009|08:40] C:\Program Files\Acer Inc
[11/05/2007|03:11] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/11/2009|16:18] C:\Program Files\Adobe
[08/01/2010|12:28] C:\Program Files\Ad-Remover
[05/11/2009|22:16] C:\Program Files\Advanced PDF to HTML converter
[21/09/2009|20:40] C:\Program Files\Alwil Software
[18/09/2009|15:41] C:\Program Files\aMSN
[02/07/2009|10:57] C:\Program Files\Apple Software Update
[15/05/2009|09:10] C:\Program Files\ATI
[15/05/2009|09:11] C:\Program Files\ATI Technologies
[25/08/2009|21:11] C:\Program Files\Audacity
[04/12/2009|19:48] C:\Program Files\Avira
[02/10/2009|08:02] C:\Program Files\CCleaner
[21/09/2009|12:47] C:\Program Files\Cisco Systems
[05/11/2009|16:18] C:\Program Files\Common Files
[11/05/2007|01:59] C:\Program Files\CONEXANT
[11/05/2007|02:55] C:\Program Files\CyberLink
[23/08/2009|18:47] C:\Program Files\DVDVideoSoft
[15/05/2009|08:13] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/09/2009|11:05] C:\Program Files\Gadwin Systems
[19/11/2009|16:59] C:\Program Files\GIMP-2.0
[03/01/2010|13:48] C:\Program Files\Google
[17/10/2009|17:44] C:\Program Files\InstallShield Installation Information
[15/05/2009|08:15] C:\Program Files\Intel
[13/12/2009|15:14] C:\Program Files\Internet Explorer
[16/10/2009|16:36] C:\Program Files\Java
[16/10/2009|16:37] C:\Program Files\JRE
[15/05/2009|08:18] C:\Program Files\Launch Manager
[05/11/2009|16:14] C:\Program Files\McAfee Security Scan
[16/09/2009|11:25] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[11/05/2007|03:11] C:\Program Files\Microsoft Office
[04/10/2009|13:27] C:\Program Files\Microsoft Silverlight
[08/11/2009|09:57] C:\Program Files\Microsoft Works
[11/05/2007|03:09] C:\Program Files\Microsoft.NET
[02/11/2006|13:42] C:\Program Files\Movie Maker
[08/01/2010|17:34] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[18/09/2009|14:09] C:\Program Files\MSECACHE
[02/11/2006|13:37] C:\Program Files\MSN
[23/06/2009|10:39] C:\Program Files\MSXML 4.0
[11/05/2007|02:47] C:\Program Files\NewTech Infosystems
[07/11/2009|16:23] C:\Program Files\Oberon Media
[16/10/2009|16:37] C:\Program Files\OpenOffice.org 3
[06/08/2009|14:13] C:\Program Files\orange
[12/11/2009|14:37] C:\Program Files\PDFCreator
[06/07/2009|19:15] C:\Program Files\PhotoFiltre
[08/01/2010|13:10] C:\Program Files\PopCap Games
[02/07/2009|10:58] C:\Program Files\QuickTime
[15/05/2009|08:29] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[22/11/2009|17:30] C:\Program Files\SuperTux
[15/05/2009|08:04] C:\Program Files\SUYIN
[02/10/2009|08:12] C:\Program Files\Symantec
[11/05/2007|02:00] C:\Program Files\Synaptics
[08/01/2010|11:49] C:\Program Files\Trend Micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[24/10/2009|12:11] C:\Program Files\UseNeXT
[10/08/2009|11:51] C:\Program Files\VideoLAN
[15/05/2009|08:32] C:\Program Files\WIDCOMM
[11/05/2007|02:31] C:\Program Files\Winbond Electronics
[23/06/2009|11:16] C:\Program Files\Windows Calendar
[02/11/2006|13:42] C:\Program Files\Windows Collaboration
[23/06/2009|11:16] C:\Program Files\Windows Defender
[18/09/2009|14:09] C:\Program Files\Windows Installer Clean Up
[02/11/2006|13:42] C:\Program Files\Windows Journal
[18/09/2009|14:18] C:\Program Files\Windows Live
[18/09/2009|14:18] C:\Program Files\Windows Live SkyDrive
[13/12/2009|15:14] C:\Program Files\Windows Mail
[31/10/2009|14:05] C:\Program Files\Windows Media Player
[15/05/2009|08:13] C:\Program Files\Windows NT
[02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
[23/06/2009|11:16] C:\Program Files\Windows Sidebar
[15/05/2009|08:15] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[05/11/2009|16:18] C:\Program Files\Common Files\Adobe
[11/05/2007|03:09] C:\Program Files\Common Files\DESIGNER
[21/09/2009|12:47] C:\Program Files\Common Files\Deterministic Networks
[23/08/2009|18:47] C:\Program Files\Common Files\DVDVideoSoft
[26/06/2009|17:05] C:\Program Files\Common Files\InstallShield
[11/05/2007|02:47] C:\Program Files\Common Files\LightScribe
[08/11/2009|09:58] C:\Program Files\Common Files\microsoft shared
[11/05/2007|02:47] C:\Program Files\Common Files\muvee Technologies
[11/05/2007|02:47] C:\Program Files\Common Files\NewTech Infosystems
[06/08/2009|14:13] C:\Program Files\Common Files\Oberon Media
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[17/10/2009|17:44] C:\Program Files\Common Files\snp2uvc
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[02/10/2009|08:17] C:\Program Files\Common Files\Symantec Shared
[23/06/2009|11:16] C:\Program Files\Common Files\System
[22/06/2009|15:09] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 92 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 17:35:23
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:11][D:65]-> C:\Users\mss\AppData\Local\Temp
[F:15][D:1]-> C:\Users\mss\AppData\Roaming\MICROS~1\Windows\Cookies
[F:70][D:26]-> C:\Users\mss\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:2]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 08/01/2010|17:26 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/01/2010|17:37 - Option : [1]

--------------------\\ Fin du rapport a 17:37:07
[ UAC => 1 ]
0
Réponse 14 / 30
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 17:39
Ok, lances l'option 2 suppression comme indiqué plus haut.
0
Réponse 15 / 30
Rose23
8 janv. 2010 à 17:45
Daccord :)

Voici le nouveau rapport:
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : ZD1 v1.3813 3H11
USER : mss ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:74 Go)
D:\ (Local Disk) - NTFS - Total:138 Go (Free:138 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 08/01/2010|17:42 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[03/07/2009|17:25] C:\Users\mss\AppData\Local\Acer Arcade Deluxe
[15/05/2009|08:18] C:\Users\mss\AppData\Local\acer eNM
[05/11/2009|16:18] C:\Users\mss\AppData\Local\Adobe
[02/07/2009|10:57] C:\Users\mss\AppData\Local\Apple
[10/08/2009|11:43] C:\Users\mss\AppData\Local\Apple Computer
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Application Data
[15/05/2009|09:14] C:\Users\mss\AppData\Local\ATI
[12/11/2009|14:22] C:\Users\mss\AppData\Local\Batchwork
[15/05/2009|09:00] C:\Users\mss\AppData\Local\d3d9caps.dat
[07/01/2010|20:54] C:\Users\mss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08/11/2009|11:37] C:\Users\mss\AppData\Local\GDIPFONTCACHEV1.DAT
[06/01/2010|17:10] C:\Users\mss\AppData\Local\Google
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Historique
[08/01/2010|17:31] C:\Users\mss\AppData\Local\IconCache.db
[13/07/2009|14:48] C:\Users\mss\AppData\Local\Microsoft
[13/07/2009|15:51] C:\Users\mss\AppData\Local\Microsoft Games
[10/11/2009|10:10] C:\Users\mss\AppData\Local\Microsoft Help
[22/06/2009|15:11] C:\Users\mss\AppData\Local\Mozilla
[15/05/2009|08:40] C:\Users\mss\AppData\Local\PlayMovie
[03/07/2009|17:25] C:\Users\mss\AppData\Local\PowerCinema
[08/01/2010|17:42] C:\Users\mss\AppData\Local\Temp
[15/05/2009|08:15] C:\Users\mss\AppData\Local\Temporary Internet Files
[12/07/2009|15:49] C:\Users\mss\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/01/2010 16:50][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3129188988-1346450921-2992892770-1000UA.job
[06/01/2010 09:50][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3129188988-1346450921-2992892770-1000Core.job
[08/01/2010 15:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{D5AD2CD1-332D-4327-A51F-265208FD6B1A}.job
[08/01/2010 17:32][--ah-----] C:\Windows\tasks\SA.DAT
[08/01/2010 17:31][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[11/05/2007|03:11] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[05/11/2009|16:22] C:\ProgramData\Adobe
[02/07/2009|10:57] C:\ProgramData\Apple
[02/07/2009|10:57] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[15/05/2009|09:14] C:\ProgramData\ATI
[04/12/2009|19:48] C:\ProgramData\Avira
[15/05/2009|08:13] C:\ProgramData\Bureau
[11/07/2009|20:53] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[15/05/2009|08:13] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[06/08/2009|14:13] C:\ProgramData\Gogii
[03/01/2010|13:48] C:\ProgramData\Google
[26/06/2009|17:05] C:\ProgramData\InstallShield
[02/10/2009|08:12] C:\ProgramData\LUUnInstall.LiveUpdate
[07/11/2009|16:14] C:\ProgramData\McAfee
[05/11/2009|16:14] C:\ProgramData\McAfee Security Scan
[15/05/2009|08:13] C:\ProgramData\Menu D‚marrer
[10/09/2009|18:33] C:\ProgramData\Microsoft
[11/12/2009|21:42] C:\ProgramData\Microsoft Help
[15/05/2009|08:13] C:\ProgramData\ModŠles
[07/11/2009|16:30] C:\ProgramData\PlayFirst
[08/01/2010|13:10] C:\ProgramData\PopCap Games
[02/11/2006|14:02] C:\ProgramData\Start Menu
[02/10/2009|08:12] C:\ProgramData\Symantec
[31/12/2009|14:09] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[25/06/2009|22:41] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[15/05/2009|08:34] C:\Program Files\Acer
[15/05/2009|08:19] C:\Program Files\Acer Arcade Deluxe
[15/05/2009|08:04] C:\Program Files\ACER Crystal Eye webcam
[15/05/2009|08:40] C:\Program Files\Acer Inc
[11/05/2007|03:11] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[05/11/2009|16:18] C:\Program Files\Adobe
[08/01/2010|12:28] C:\Program Files\Ad-Remover
[05/11/2009|22:16] C:\Program Files\Advanced PDF to HTML converter
[21/09/2009|20:40] C:\Program Files\Alwil Software
[18/09/2009|15:41] C:\Program Files\aMSN
[02/07/2009|10:57] C:\Program Files\Apple Software Update
[15/05/2009|09:10] C:\Program Files\ATI
[15/05/2009|09:11] C:\Program Files\ATI Technologies
[25/08/2009|21:11] C:\Program Files\Audacity
[04/12/2009|19:48] C:\Program Files\Avira
[02/10/2009|08:02] C:\Program Files\CCleaner
[21/09/2009|12:47] C:\Program Files\Cisco Systems
[05/11/2009|16:18] C:\Program Files\Common Files
[11/05/2007|01:59] C:\Program Files\CONEXANT
[11/05/2007|02:55] C:\Program Files\CyberLink
[23/08/2009|18:47] C:\Program Files\DVDVideoSoft
[15/05/2009|08:13] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/09/2009|11:05] C:\Program Files\Gadwin Systems
[19/11/2009|16:59] C:\Program Files\GIMP-2.0
[03/01/2010|13:48] C:\Program Files\Google
[17/10/2009|17:44] C:\Program Files\InstallShield Installation Information
[15/05/2009|08:15] C:\Program Files\Intel
[13/12/2009|15:14] C:\Program Files\Internet Explorer
[16/10/2009|16:36] C:\Program Files\Java
[16/10/2009|16:37] C:\Program Files\JRE
[15/05/2009|08:18] C:\Program Files\Launch Manager
[05/11/2009|16:14] C:\Program Files\McAfee Security Scan
[16/09/2009|11:25] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[11/05/2007|03:11] C:\Program Files\Microsoft Office
[04/10/2009|13:27] C:\Program Files\Microsoft Silverlight
[08/11/2009|09:57] C:\Program Files\Microsoft Works
[11/05/2007|03:09] C:\Program Files\Microsoft.NET
[02/11/2006|13:42] C:\Program Files\Movie Maker
[08/01/2010|17:34] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[18/09/2009|14:09] C:\Program Files\MSECACHE
[02/11/2006|13:37] C:\Program Files\MSN
[23/06/2009|10:39] C:\Program Files\MSXML 4.0
[11/05/2007|02:47] C:\Program Files\NewTech Infosystems
[07/11/2009|16:23] C:\Program Files\Oberon Media
[16/10/2009|16:37] C:\Program Files\OpenOffice.org 3
[06/08/2009|14:13] C:\Program Files\orange
[12/11/2009|14:37] C:\Program Files\PDFCreator
[06/07/2009|19:15] C:\Program Files\PhotoFiltre
[08/01/2010|13:10] C:\Program Files\PopCap Games
[02/07/2009|10:58] C:\Program Files\QuickTime
[15/05/2009|08:29] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[22/11/2009|17:30] C:\Program Files\SuperTux
[15/05/2009|08:04] C:\Program Files\SUYIN
[02/10/2009|08:12] C:\Program Files\Symantec
[11/05/2007|02:00] C:\Program Files\Synaptics
[08/01/2010|11:49] C:\Program Files\Trend Micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[24/10/2009|12:11] C:\Program Files\UseNeXT
[10/08/2009|11:51] C:\Program Files\VideoLAN
[15/05/2009|08:32] C:\Program Files\WIDCOMM
[11/05/2007|02:31] C:\Program Files\Winbond Electronics
[23/06/2009|11:16] C:\Program Files\Windows Calendar
[02/11/2006|13:42] C:\Program Files\Windows Collaboration
[23/06/2009|11:16] C:\Program Files\Windows Defender
[18/09/2009|14:09] C:\Program Files\Windows Installer Clean Up
[02/11/2006|13:42] C:\Program Files\Windows Journal
[18/09/2009|14:18] C:\Program Files\Windows Live
[18/09/2009|14:18] C:\Program Files\Windows Live SkyDrive
[13/12/2009|15:14] C:\Program Files\Windows Mail
[31/10/2009|14:05] C:\Program Files\Windows Media Player
[15/05/2009|08:13] C:\Program Files\Windows NT
[02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
[23/06/2009|11:16] C:\Program Files\Windows Sidebar
[15/05/2009|08:15] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[05/11/2009|16:18] C:\Program Files\Common Files\Adobe
[11/05/2007|03:09] C:\Program Files\Common Files\DESIGNER
[21/09/2009|12:47] C:\Program Files\Common Files\Deterministic Networks
[23/08/2009|18:47] C:\Program Files\Common Files\DVDVideoSoft
[26/06/2009|17:05] C:\Program Files\Common Files\InstallShield
[11/05/2007|02:47] C:\Program Files\Common Files\LightScribe
[08/11/2009|09:58] C:\Program Files\Common Files\microsoft shared
[11/05/2007|02:47] C:\Program Files\Common Files\muvee Technologies
[11/05/2007|02:47] C:\Program Files\Common Files\NewTech Infosystems
[06/08/2009|14:13] C:\Program Files\Common Files\Oberon Media
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[17/10/2009|17:44] C:\Program Files\Common Files\snp2uvc
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[02/10/2009|08:17] C:\Program Files\Common Files\Symantec Shared
[23/06/2009|11:16] C:\Program Files\Common Files\System
[22/06/2009|15:09] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 94 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 17:42:46
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:14][D:65]-> C:\Users\mss\AppData\Local\Temp
[F:16][D:1]-> C:\Users\mss\AppData\Roaming\MICROS~1\Windows\Cookies
[F:70][D:26]-> C:\Users\mss\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:2]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 08/01/2010|17:26 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/01/2010|17:37 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 08/01/2010|17:44 - Option : [2]

--------------------\\ Fin du rapport a 17:44:24
0
Réponse 16 / 30
Rose23
8 janv. 2010 à 18:13
up
0
Réponse 17 / 30
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 19:13
>Telecharge Combofix ici et enregistre le sur ton bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


# Ferme toutes les fenêtres de programme ouvertes, y compris celle-ci.

# Ferme ou désactivez tous les programmes Antivirus, Antispyware, ainsi que tout pare-feu en cours d'exécution car ils pourraient perturber le fonctionnement de ComboFix.

#Double clic sur l'icône de ComboFix située sur le Bureau. Note bien que, une fois que tu as lancé ComboFix, tu ne dois pas cliquer dans la fenêtre de ComboFix car cela pourrait entraîner un plantage du programme. En fait, lorsque ComboFix tourne, ne touche plus du tout à ton pc. L'analyse peut prendre un certain temps, donc soit patient.

#Une fenêtre présentant les différents sites autorisés de téléchargement de ComboFix s'affiche. Dans cette fenêtre, clique sur le bouton OK.

#Après la fin de la sauvegarde du Registre Windows, ComboFix va essayer de savoir si la Console de récupération est installée. Si tu ne l'a pas déja fait accepte.

#Ceci peut durer un certain temps, donc surtout soit patient. Si tu vois ton Bureau Windows disparaître, ne t'inquiete pas. C'est normal, et ComboFix restaurera votre Bureau avant de se terminer. Finalement, tu verras un nouvel affichage déclarant que le programme a presque fini et vous annonçant que le fichier rapport, ou log, se trouvera dans C:\ComboFix.txt.

#Poste ce rapport.
0
Réponse 18 / 30
Rose23
8 janv. 2010 à 19:20
daccord mais... pourquoi tous ces rapports?
0
Réponse 19 / 30
flo-91 Messages postés 5646 Date d'inscription mardi 19 mai 2009 Statut Contributeur sécurité Dernière intervention 31 octobre 2019 1 118
8 janv. 2010 à 19:24
Les outils suppriment les infections, les rapports me permettent de voir ce qui à été fait et de voir comment on avance :)
0
Réponse 20 / 30
Rose23
8 janv. 2010 à 20:11
daccord :)

Voici le rapport:
ComboFix 10-01-04.01 - mss 08/01/2010 19:54:46.1.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.3070.2078 [GMT 1:00]
Lancé depuis: c:\users\mss\Downloads\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera \Uninstall.lnk

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-08 au 2010-01-08 ))))))))))))))))))))))))))))))))))))
.

2010-01-08 19:03 . 2010-01-08 19:03 -------- d-----w- c:\users\mss\AppData\Local\temp
2010-01-08 19:03 . 2010-01-08 19:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-08 18:47 . 2010-01-08 18:47 3015992 ---h--w- c:\programdata\PopCap Games\Bejeweled2\popcapgame1.exe
2010-01-08 16:24 . 2010-01-08 16:44 -------- d-----w- C:\Lop SD
2010-01-08 15:08 . 2010-01-08 15:08 -------- d-----w- C:\rsit
2010-01-08 13:53 . 2010-01-08 13:54 -------- d-----w- C:\ToolBar SD
2010-01-08 12:10 . 2010-01-08 12:10 -------- d-----w- c:\programdata\PopCap Games
2010-01-08 12:10 . 2010-01-08 12:10 -------- d-----w- c:\program files\PopCap Games
2010-01-08 10:49 . 2010-01-08 10:49 -------- d-----w- c:\program files\Trend Micro
2010-01-08 10:42 . 2010-01-08 11:28 -------- d-----w- c:\program files\Ad-Remover
2010-01-06 21:13 . 2010-01-06 21:13 1230960 ----a-w- c:\programdata\Google\Google Toolbar\Component\GoogleCld_3F6C343113693CD9.dll
2010-01-06 08:38 . 2010-01-06 08:38 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE3FA.tmp.exe
2010-01-03 12:48 . 2010-01-03 12:48 -------- d-----w- c:\program files\Google
2010-01-03 12:48 . 2010-01-03 12:48 -------- d-----w- c:\windows\system32\Adobe
2009-12-18 10:43 . 2007-10-23 09:56 200704 ----a-w- c:\windows\PLFSetI.exe
2009-12-13 14:20 . 2009-11-09 13:34 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-13 14:20 . 2009-11-09 11:17 396800 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-13 14:19 . 2009-11-09 13:30 31232 ----a-w- c:\windows\system32\httpapi.dll
2009-12-10 17:16 . 2009-10-07 12:47 232960 ----a-w- c:\windows\system32\rastls.dll
2009-12-10 17:16 . 2009-10-07 12:47 274432 ----a-w- c:\windows\system32\raschap.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-08 18:57 . 2006-11-02 15:48 690832 ----a-w- c:\windows\system32\perfh00C.dat
2010-01-08 18:57 . 2006-11-02 15:48 117572 ----a-w- c:\windows\system32\perfc00C.dat
2010-01-07 22:05 . 2009-08-10 10:56 -------- d-----w- c:\users\mss\AppData\Roaming\vlc
2010-01-07 19:53 . 2009-08-27 20:08 -------- d-----w- c:\users\mss\AppData\Roaming\dvdcss
2009-12-13 14:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-11 20:42 . 2007-05-11 02:07 -------- d-----w- c:\programdata\Microsoft Help
2009-12-10 17:05 . 2009-12-04 18:48 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-09 10:29 . 2009-11-19 16:34 -------- d-----w- c:\users\mss\AppData\Roaming\gtk-2.0
2009-12-04 18:48 . 2009-12-04 18:48 -------- d-----w- c:\programdata\Avira
2009-12-04 18:48 . 2009-12-04 18:48 -------- d-----w- c:\program files\Avira
2009-11-24 20:58 . 2009-06-23 18:40 1586 ----a-w- c:\users\mss\AppData\Roaming\wklnhst.dat
2009-11-22 16:30 . 2009-11-22 16:30 -------- d-----w- c:\program files\SuperTux
2009-11-22 16:26 . 2009-07-29 21:06 1 ----a-w- c:\users\mss\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-19 15:59 . 2009-11-19 15:59 -------- d-----w- c:\program files\GIMP-2.0
2009-11-12 13:37 . 2009-11-12 13:35 -------- d-----w- c:\program files\PDFCreator
2009-11-08 10:37 . 2009-05-15 07:18 74280 ----a-w- c:\users\mss\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-02 19:42 . 2009-10-04 10:23 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 07:59 . 2009-11-26 10:08 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-27 15:05 . 2009-12-10 17:19 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-27 15:01 . 2009-12-10 17:19 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-10-27 15:01 . 2009-12-10 17:19 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-27 15:01 . 2009-12-10 17:19 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll
2009-10-27 14:59 . 2009-12-10 17:19 72704 ----a-w- c:\windows\system32\admparse.dll
2009-10-27 12:27 . 2009-12-10 17:19 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-27 10:56 . 2009-12-10 17:19 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-10-16 15:36 . 2009-07-29 21:03 411368 ----a-w- c:\windows\system32\deploytk.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-06-23 1232896]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 2159104]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 495616]
"Google Update"="c:\users\mss\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-11-23 135664]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-03 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-06-23 1006264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-09 865840]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 4468736]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-04 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-04 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-04 81920]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-04-26 1286144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2007-05-04 502544]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-03 206952]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"PLFSetL"="c:\windows\\PLFSetL.exe" [2007-07-05 94208]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-16 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]

c:\users\mss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Notification de cadeaux MSN.lnk - c:\users\mss\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-9-19 135680]
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-5-15 1208320]
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-5-11 535336]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
VPN Client.lnk - c:\windows\Installer\{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}\Icon3E5562ED7.ico [2009-9-21 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\eNetHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [21/09/2009 20:41 114768]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [15/05/2009 08:19 13560]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [04/12/2009 19:48 108289]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [21/09/2009 20:41 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [21/09/2009 20:40 53328]
R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [11/05/2007 10:48 43008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [11/05/2007 10:48 179712]
.
Contenu du dossier 'Tâches planifiées'

2010-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3129188988-1346450921-2992892770-1000Core.job
- c:\users\mss\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-23 08:45]

2010-01-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3129188988-1346450921-2992892770-1000UA.job
- c:\users\mss\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-23 08:45]

2010-01-08 c:\windows\Tasks\User_Feed_Synchronization-{D5AD2CD1-332D-4327-A51F-265208FD6B1A}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\users\mss\AppData\Roaming\Mozilla\Firefox\Profiles\wn4237sj.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.fr
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\mss\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Acer Tour Reminder - (no file)
HKLM-Run-Acer Tour - (no file)
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
HKLM-Run-eRecoveryService - (no file)



**************************************************************************
Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(2944)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
c:\windows\system32\btmmhook.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
c:\windows\system32\eDStoolbar.dll
c:\windows\system32\ActiveToolBand.dll
c:\program files\Acer Arcade Deluxe\VideoMagician\Kernel\EditMovie\MDTLM1Splter.ax
c:\program files\Acer Arcade Deluxe\VideoMagician\Kernel\EditMovie\MDTLM2Splter.ax
c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLWMFDemux.ax
c:\program files\Acer Arcade Deluxe\VideoMagician\Kernel\Movie\CLDemuxer.ax
.
Heure de fin: 2010-01-08 20:05:40
ComboFix-quarantined-files.txt 2010-01-08 19:05

Avant-CF: 80 065 343 488 octets libres
Après-CF: 80 008 036 352 octets libres

- - End Of File - - A7F99BC7ECBCE587FBCA53A258568DD2
0

Discussions similaires

problème myreadingmanga (message erreur)
Asako -
oblixx -

1 réponse
my.canalbox.africa changer le mot de passe
Thierry973 -
baladur13 -

16 réponses
Erreur de lecture des tv film et series sur mon appli iptv smarters pro
Constantenzostanley -
glandu -

1 réponse