Pubs qui s'affichent trop souvent !

clemgym Messages postés 208 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

Alors voila, j'ai un souci, depuis quelque temps, alors que je suis sur Internet ou dans un jeu, des pubs s'affichent, du genre Poker, Rencontres etc....
J'aimerais savoir comment je pourrais les enlever ?

Merci pour les prochaines réponses.

88 réponses

Réponse 1 / 88
Utilisateur anonyme
 
Bonjour,

Pour voir cela:

Télécharge RSIT (de random/random) sur le bureau :

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur "Continue" dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l’analyse .

Les rapports sont dans le dossier ici C:\rsit
a+
0
Réponse 2 / 88
clemgym Messages postés 208 Statut Membre 27
 
Bonjour,
Déjà merci beaucoup pour cette réponse rapide. =)

Alors, voici ce qu'il m'affiche :
Logfile of random's system information tool 1.06 (written by random/random)
Run by CleEmGym at 2010-01-17 13:25:34
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 155 GB (65%) free of 238 GB
Total RAM: 3070 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:26:13, on 17/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Users\CleEmGym\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\CleEmGym\AppData\Local\Temp\cisvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\ServoApp.exe
C:\Program Files\MFP Server\App\Common\MFPAgent.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\CleEmGym\Program Files\DNA\btdna.exe
C:\bucks.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\CleEmGym\Desktop\RSIT.exe
C:\Program Files\trend micro\CleEmGym.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
F3 - REG:win.ini: load=C:\Users\CleEmGym\AppData\Local\Temp\cisvc.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\BigSeekPro Toolbar\tbcore3.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O3 - Toolbar: BigSeekPro Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\BigSeekPro Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\CleEmGym\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\CleEmGym\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Win32dll] C:\bucks.exe
O4 - HKCU\..\Run: [{ADF9B913-9AC8-9032-7400-095C6B2A74D2}] C:\Users\CleEmGym\AppData\Roaming\server.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
0
Réponse 3 / 88
clemgym Messages postés 208 Statut Membre 27
 
Désolé, j'ai oublié de mettre le fichier info.txt .
Le voici :

info.txt logfile of random's system information tool 1.06 2010-01-17 13:26:17

======Uninstall list======

-->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA}
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Ask.com Search Assistant 1.0.1-->C:\Program Files\Ask Search Assistant\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ASUS CopyProtect-->MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}
ASUS Data Security Manager-->C:\Program Files\InstallShield Installation Information\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUS FancyStart-->MsiExec.exe /I{DC905847-D537-427F-BF91-47CC7ACCDE58}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\SETUP.EXE" -l0x9
ASUS Power4Gear eXtreme-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BigSeekPro Toolbar-->C:\Program Files\BigSeekPro Toolbar\UninstallToolbar.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BUFFALO TurboUSB pour FLASH/HDD-->C:\Windows\UN070618.EXE /U
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Day of Defeat: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/300
Dealio Toolbar v4.0.1-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
Dolby Control Center-->MsiExec.exe /I{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}
eBay Icon-->C:\Users\CleEmGym\AppData\Roaming\Desktopicon\uninst.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}\SETUP.EXE" -l0x40c UNINST
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus SX200_SX400_TX200_TX400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_SX_TX\FRA\USE_G\DOCUNINS.EXE
EPSON Stylus SX400 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSEGE.EXE /R /APD /P:"EPSON Stylus SX400 Series"
Express Gate-->MsiExec.exe /X{1E3A9C30-6399-4293-AEAD-3C6A4D6F927C}
Fast AMR M4A AC3 WAV MP3 WMA Audio Converter 2.5-->"C:\Program Files\AVN Products\Fast Audio Converter\unins000.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GIMP 2.6.8-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Guitar Pro 5.0-->"C:\Program Files\Guitar Pro 5\unins000.exe"
Half-Life 2: Deathmatch-->"C:\Program Files\Steam\steam.exe" steam://uninstall/320
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014F0}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
JMCAssemblageGsm Ver 1.0.0.9-->"C:\Program Files\JMCAssemblageGsm\unins000.exe"
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LAME v3.98.2 for Audacity-->"C:\Program Files\Lame for Audacity\unins000.exe"
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {0A75DA12-55CB-4DE5-8B6A-74D97847204E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {C76C02F1-B07F-4974-876A-A18DEC9887C8}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Microsoft XNA Framework Redistributable 2.0-->MsiExec.exe /I{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Multimedia Card Reader-->C:\Program Files\InstallShield Installation Information\{DA41F9E9-B878-467F-95E7-27E4D1943533}\SETUP.EXE -runfromtemp -l0x0409
Nokia Connectivity Cable Driver-->MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7}
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_48f6f624\pccs_bluetooth.inf
Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
Samsung Mobile Modem Device Software-->C:\Windows\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
SAMSUNG SYMBIAN USB Download Driver-->C:\Program Files\SAMSUNG\SYMBIAN USB Download Driver\Uninstall.exe
SAMSUNG USB Mobile Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
Search Settings 1.2.2-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoftwareUpdate 1.0-->"C:\Users\CleEmGym\AppData\Roaming\eoRezo\SoftwareUpdate\unins000.exe"
Source Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/205
Source SDK Base-->"C:\Program Files\Steam\steam.exe" steam://uninstall/215
Source SDK-->"C:\Program Files\Steam\steam.exe" steam://uninstall/211
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
StealthClan NameConverter-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Project10\ST6UNST.LOG"
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TubeMaster++ 1.5-->"C:\Program Files\TubeMaster++\unins000.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931}
Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
VDownloader 1.12-->"C:\Program Files\VDOWNLOADER\unins000.exe"
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Zero Gear-->"C:\Program Files\Steam\steam.exe" steam://uninstall/18820

======Security center information======

AV: avast! antivirus 4.8.1169 [VPS 090821-0]
AS: Windows Defender
AS: avast! antivirus 4.8.1169 [VPS 090821-0]

======System event log======

Computer Name: PC-de-CleEmGym
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
Record Number: 62509
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016065302.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-CleEmGym
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
Record Number: 62506
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016065302.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-CleEmGym
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
Record Number: 62503
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016065302.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-CleEmGym
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
Record Number: 62487
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016065302.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-CleEmGym
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
Record Number: 62485
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016065302.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: PC-de-CleEmGym
Event Code: 3086
Message: Les paramètres régionaux du système ont changé. Les données existantes vont être supprimées et l'index doit être recréé.

Contexte : Application , Catalogue SystemIndex

Record Number: 526
Source Name: Microsoft-Windows-Search
Time Written: 20090822145602.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-CleEmGym
Event Code: 63
Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur.
Record Number: 515
Source Name: Microsoft-Windows-WMI
Time Written: 20090822145246.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-CleEmGym
Event Code: 63
Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur.
Record Number: 514
Source Name: Microsoft-Windows-WMI
Time Written: 20090822145246.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-CleEmGym
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 501
Source Name: Microsoft-Windows-WMI
Time Written: 20090823054933.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-CleEmGym
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.

Record Number: 497
Source Name: Microsoft-Windows-Search
Time Written: 20090823054931.000000-000
Event Type: Avertissement
User:

=====Security event log=====

Computer Name: PC-de-CleEmGym
Event Code: 4647
Message: Fermeture de session initiée par l’utilisateur :

Sujet :
ID de sécurité : S-1-5-21-4251025576-1577586405-655904607-1000
Nom du compte : CleEmGym
Domaine du compte : PC-de-CleEmGym
ID d’ouverture de session : 0x59c82

Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session.
Record Number: 14205
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091016065345.985528-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-CleEmGym
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-CLEEMGYM$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\ieencode.dll
ID du handle : 0xaa0

Informations sur le processus :
ID du processus : 0x54c
Nom du processus : C:\Windows\servicing\TrustedInstaller.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 14204
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091016065259.897528-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-CleEmGym
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-CLEEMGYM$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\ieapfltr.dll
ID du handle : 0x4608

Informations sur le processus :
ID du processus : 0x54c
Nom du processus : C:\Windows\servicing\TrustedInstaller.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 14203
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091016065259.851528-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-CleEmGym
Event Code: 4905
Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-CLEEMGYM$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Processus :
ID du processus : 0x158c
Nom du processus : C:\Windows\System32\VSSVC.exe

Source de l’événement :
Nom de la source : VSSAudit
ID de la source de l’événement : 0x29ec48
Record Number: 14202
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091016065256.703528-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-CleEmGym
Event Code: 4904
Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-CLEEMGYM$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Processus :
ID du processus : 0x158c
Nom du processus : C:\Windows\System32\VSSVC.exe

Source de l’événement :
Nom de la source : VSSAudit
ID de la source de l’événement : 0x29ec48
Record Number: 14201
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091016065256.703528-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Adobe\AGL
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 4 / 88
Utilisateur anonyme
 
Ok...

Plusieurs infections....--> il faudra passer plusieurs outils !

Impératif sous vista:

desactives tes comptes d'utilisateur:
https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

Télécharges AD-REMOVER
ou
AD-REMOVER

(de Cyrildu17 / C_XX) sur ton Bureau.

Déconnectes-toi et ferme toutes applications en cours
Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
Clic-droitl sur l'icône [AD-Remover située sur ton Bureau,et choisis :"Exécuter en tant qu'administrateur"
Au menu principal, choisis l'option L.
Postes le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

a+



















0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 88
clemgym Messages postés 208 Statut Membre 27
 
Bonjour,
Encore merci pour ce que vous faites =) !

Voici le rapport :

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_H | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 16.01.2010 à 22:13
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 14:25:26, 17/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6002
Nom du PC: PC-DE-CLEEMGYM | Utilisateur actuel: CleEmGym
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: ASKUpgrade

C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Users\CleEmGym\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Ask Search Assistant
C:\Program Files\Ask Search Assistant
C:\Program Files\AskBarDis
C:\Program Files\BigSeekPro Toolbar
C:\Program Files\Dealio Toolbar
C:\Program Files\Search Settings
C:\Users\CleEmGym\AppData\Roaming\Desktopicon
C:\Users\CleEmGym\AppData\Roaming\EoRezo
C:\Users\CleEmGym\AppData\LocalLow\Dealio
C:\Users\CleEmGym\AppData\LocalLow\Search Settings
C:\Users\CleEmGym\AppData\Roaming\MICROS~1\Windows\STARTM~1\Ebay.lnk
C:\Windows\Installer\27ef72.msi
C:\Windows\Installer\27ef79.msi

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\software\Dealio
HKCU\software\EoRezo
HKCU\software\fcn
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKLM\software\appdatalow\AskBarDis
HKLM\Software\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
HKLM\software\classes\ComObject.DeskbarEnabler
HKLM\software\classes\ComObject.DeskbarEnabler.1
HKLM\software\classes\installer\Features\A3BB3C491A65ED342A24B8144FE679FE
HKLM\software\classes\installer\Products\79CAA1B036589D14EA74856E2A220F1E
HKLM\software\classes\installer\Products\A3BB3C491A65ED342A24B8144FE679FE
HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
HKLM\software\classes\SearchSettings.BHO
HKLM\software\classes\SearchSettings.BHO.1
HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
HKLM\software\classes\URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\Dealio
HKLM\software\EoRezo
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0292226F570267D459357AF78015E534
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\03285961954D5824C85975D955031EE8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\23A03A6765D10864EB278629A2DF32C3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\3A4FCCE032CA50340A6975C92410AE30
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AC3985F4D64C2245A96D31569D1BF40
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6E00D9B24354FBA44AE2CA0FA86EF2E2
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7C13F41728A69EF41AA1A3372FB86FA6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\855847FA0E25FBA46B8516389DFDD4B3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\8ED411B7A244E0E4C82C46284CA65B81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\94E65EF7E080DDA4AA2F1DEDCE74AC5B
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9DC2844D0E3E8924C8973C3B3BAE1F58
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\AFEB575AA30ACB243B748619F62F0782
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B92A2929968AED344BD6B34AD60E6604
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\C7D9132F42224AC49BD8C06A0F8E39C4
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F461B8DD96FF5AA41A52D14E1D7B69C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\79CAA1B036589D14EA74856E2A220F1E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A3BB3C491A65ED342A24B8144FE679FE
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
HKLM\software\microsoft\windows\currentversion\uninstall\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
HKLM\software\microsoft\windows\currentversion\uninstall\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
HKLM\software\microsoft\windows\currentversion\uninstall\Ask.com Search Assistant
HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
HKLM\software\Search Settings
.
============== Scan additionnel ==============
.
.
* Internet Explorer Version 8.0.6001.18865 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\[PC ISO] Splinter Cell Pandora Tomorrow (All CDs + crackfix).rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\[PC] NBA 2K10-CRACK ONLY-[ESPACONSOLAS.com].rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Atomix.Virtual.DJ.Pro.v6.0.4.Cracked.HAPPY.9TH.BIRTHDAY-EAT.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Beijing.2008.CRACK.ONLY.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Burnout Paradise PC Keygen and Crack.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial.rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call of Duty - Modern Warfare 2 - Spec-Ops - LAN CRACK - nVidia840.rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call.of.Duty.5.World.at.War.Incl.Map.Packs.Patches.and.Cracks.[mattlb0619][h33t].torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call.Of.Duty.Modern.Warfare.2.multiplayer.crack.rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call.of.Duty.Modern.Warfare.2.Razor.Release.NO.STEAM.PATCH-ReUnion.1.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call.of.Duty.Modern.Warfare.2.Razor.Release.NO.STEAM.PATCH-ReUnion.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Crack.rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Daemon Tools Pro 4100218 + working crack-vibept.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\eJay.dj.Mix.Station.2.-.full.multilingual.version.+.Crack.-.by.pollopocket.ace.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Fraps - Version crack‚e - Cracked version By Narcys.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Fraps 2.9.4 Build 7037 + Crack.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Fraps 2.9.4 Build 7037 Crack.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Fraps v2.9.4 Full Retail +[Keygen].rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Games - Cracks & Keygen.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Guitar Pro 5.2 + Keygen + RSE_By TheBobtheBob_www.torrent411.com.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Magic.Movie.Edit.Pro.14 v7.5.2.14 + patch.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\MixVibes Pro v.5.02 + Crack.zip.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\PURE_Keygen.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SPORE (2008) Key Generator + Crack Easy.rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SPORE.Creature.Creator-ViTALiTY [Keygen & Crack Only] - only for keygen.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SPORE.Creature.Creator-ViTALiTY [Keygen & Crack Only].torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SporeCrack.1.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SporeCrack.2.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SporeCrack.3.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SporeCrack.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\The Matrix Path of Neo cracked.zip.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\The_Sims_3_Crackfix_Read_Nfo-Razor1911.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Tom Clancys H A W X Keygen Serial FIXED RELOADED HAWX.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRar v3.71+Crack.1.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRar v3.71+Crack.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [Fullfreedownloads.info].rar.1.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [Fullfreedownloads.info].rar.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [h33t] - CaZoR.1.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [h33t] - CaZoR.2.torrent
C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [h33t] - CaZoR.torrent
.
===================================
.
12351 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
73 Fichier(s) - C:\Users\CleEmGym\AppData\Local\Temp
38 Fichier(s) - C:\Windows\Temp
0 Fichier(s) - C:\Windows\Prefetch
.
19 Fichier(s) - C:\Ad-Remover\BACKUP
96 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 14:31:34 | 17/01/2010 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 6 / 88
Utilisateur anonyme
 
Re....

Pour ceci: 
Encore merci pour ce que vous faites =) !

==> Merci ça fait plaisir.......

Je pense déjà que ton problème de pubs intempestives est derrière toi !

---------------------

• Télécharge USBFIX
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe­



(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau .

• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

• Au second menu Choisis l'option " 2 " (suppression) et tape sur [entrée]

• Laisse travailler l'outil.

• Ensuite post le rapport UsbFix.txt qui apparaitra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.


a+
0
Réponse 7 / 88
clemgym Messages postés 208 Statut Membre 27
 
Bonjour,

Voici le résultat :


############################## | UsbFix V6.074 |

User : CleEmGym (Administrateurs) # PC-DE-CLEEMGYM
Update on 15/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 15:30:58 | 17/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1169 [VPS 090821-0] 4.8.1169 [ Enabled | Updated ]

C:\ -> Disque fixe local # 232,88 Go (151,27 Go free) [VistaOS] # NTFS
D:\ -> Disque fixe local # 221,16 Go (221,07 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque fixe local # 465,76 Go (324,54 Go free) [BUFFALO] # NTFS

############################## | Processus actifs |

C:\Windows\System32\smss.exe 432
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\wininit.exe 616
C:\Windows\system32\csrss.exe 628
C:\Windows\system32\services.exe 664
C:\Windows\system32\lsass.exe 680
C:\Windows\system32\lsm.exe 696
C:\Windows\system32\svchost.exe 840
C:\Windows\system32\winlogon.exe 860
C:\Windows\system32\nvvsvc.exe 928
C:\Windows\system32\svchost.exe 956
C:\Windows\System32\svchost.exe 992
C:\Windows\System32\svchost.exe 1112
C:\Windows\System32\svchost.exe 1160
C:\Windows\system32\svchost.exe 1172
C:\Windows\system32\svchost.exe 1280
C:\Windows\system32\SLsvc.exe 1304
C:\Windows\system32\svchost.exe 1376
C:\Windows\system32\rundll32.exe 1520
C:\Program Files\ASUS\SmartLogon\smartlogon.exe 1532
C:\Windows\system32\svchost.exe 1588
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe 1728
C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1740
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1768
C:\Program Files\ATKGFNEX\GFNEXSrv.exe 1788
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1808
C:\Windows\system32\WLANExt.exe 1820
C:\Windows\system32\taskeng.exe 656
C:\Windows\System32\spoolsv.exe 832
C:\Windows\system32\svchost.exe 1188
C:\Windows\system32\Dwm.exe 2068
C:\Windows\system32\taskeng.exe 2092
C:\Windows\Explorer.EXE 2136
C:\Program Files\ASUS\ASUS Live Update\ALU.exe 2200
C:\Windows\system32\runonce.exe 2216
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe 2232
C:\Windows\system32\conime.exe 2380
C:\Program Files\ATK Hotkey\Hcontrol.exe 2656
C:\Program Files\ATK Hotkey\MsgTranAgt.exe 2664
C:\Program Files\Wireless Console 2\wcourier.exe 2672
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe 2680
C:\Program Files\P4G\BatteryLife.exe 2688
C:\Program Files\ASUS\Splendid\ACMON.exe 2696
C:\Windows\System32\ACEngSvr.exe 2756
C:\Program Files\ATK Hotkey\ATKOSD.exe 2976
C:\Program Files\ATK Hotkey\KBFiltr.exe 3004
C:\Program Files\ATK Hotkey\WDC.exe 3012
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 3048
C:\Program Files\Bonjour\mDNSResponder.exe 3064
C:\Windows\system32\FsUsbExService.Exe 3100
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 3264
C:\Windows\system32\PnkBstrA.exe 3320
C:\Windows\system32\rpcnet.exe 3376
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3476
C:\Windows\system32\svchost.exe 3508
C:\Windows\System32\TUProgSt.exe 3544
C:\Windows\System32\svchost.exe 3576
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 3728
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3760
C:\Windows\servicing\TrustedInstaller.exe 3796
C:\Windows\system32\wbem\wmiprvse.exe 4024
C:\Windows\system32\PresentationSettings.exe 2804

################## | Elements infectieux |

Supprimé ! C:\Users\CleEmGym\AppData\Roaming\addon.dat
Supprimé ! C:\$Recycle.Bin\S-1-5-18
Supprimé ! C:\$Recycle.Bin\S-1-5-20
Supprimé ! C:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-501
Supprimé ! D:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-501
G:\autorun.inf -> fichier appelé : "G:\ MobileLaunch.exe" ( Absent ! )
Supprimé ! G:\autorun.inf
Supprimé ! G:\$Recycle.Bin\S-1-5-20
Supprimé ! G:\$Recycle.Bin\S-1-5-21-1765232804-4017979392-2551784716-1000
Supprimé ! G:\$Recycle.Bin\S-1-5-21-2582927616-315698800-1973798182-1000
Supprimé ! G:\$Recycle.Bin\S-1-5-21-3723252284-1309184517-3248953833-1000
Supprimé ! G:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-1000

################## | Registre |

Supprimé ! [HKCU\SOFTWARE\Bifrost]
Supprimé ! [HKLM\SOFTWARE\Bifrost]

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{aad66640-8f3d-11de-a45c-0026182b050b}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{e6e84b51-b64f-11de-a75e-806e6f6e6963}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[18/12/2009 11:08|--a------|97] C:\662.vmt
[11/10/2009 14:04|--a------|126] C:\a52514afa3df35fdc9ebf6f20dbd5037.vmt
[17/01/2010 14:31|--a------|12695] C:\Ad-Report-CLEAN[1].log
[12/03/2009 03:11|--a------|23] C:\app3.LOG
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[16/04/2008 12:27|-ra-s----|8192] C:\BOOTSECT.BAK
[17/11/2009 18:07|---------|18944] C:\bucks.exe
[04/04/2007 20:01|--a------|19] C:\CA21.txt
[18/09/2006 22:43|--a------|10] C:\config.sys
[05/06/2009 03:48|--a------|13681] C:\devlist.txt
[16/02/2009 03:31|--a------|25] C:\Driver.10
[05/02/2009 01:54|-rah-----|1048576] C:\F50SVAS.BIN
[05/06/2009 03:44|--a------|9] C:\Finish.log
[?|?|?] C:\hiberfil.sys
[05/06/2009 02:29|--a------|481] C:\igoogle_log.txt
[05/06/2009 02:58|--a------|21430272] C:\inject.log
[05/06/2009 02:58|--a------|19018070] C:\inject.log.txt
[15/10/2009 10:10|-rahs----|0] C:\IO.SYS
[15/10/2009 10:10|-rahs----|0] C:\MSDOS.SYS
[08/08/2008 08:22|--a------|30] C:\NERO.LOG
[07/01/2009 10:16|--a------|30] C:\NIS2009.TXT
[04/09/2008 01:11|--a------|54600] C:\npbittorrent.dll
[16/03/2007 00:18|--a------|25] C:\OFFICE2007_A.TXT
[?|?|?] C:\pagefile.sys
[04/06/2009 15:00|--a------|146] C:\Pass.txt
[22/04/2009 10:11|--a------|3343] C:\Patch.LOG
[15/01/2009 09:13|--a------|17] C:\READER_A.TXT
[26/12/2008 06:57|--a------|22] C:\RECOVERY.DAT
[05/06/2009 03:04|--a------|560] C:\RHDSetup.log
[16/05/2006 01:22|--a------|5] C:\store.log
[05/06/2009 02:06|--a------|166] C:\SumHidd.txt
[05/06/2009 02:05|--a------|98] C:\SumOS.txt
[17/01/2010 15:35|--a------|6677] C:\UsbFix.txt
[12/02/2009 19:24|--a------|25] C:\V554.txt
[09/02/2009 06:30|--a------|41] C:\WindowsLive_A.TXT
[07/11/2007 08:00|--a------|17734] D:\eula.1028.txt
[07/11/2007 08:00|--a------|17734] D:\eula.1031.txt
[07/11/2007 08:00|--a------|10134] D:\eula.1033.txt
[07/11/2007 08:00|--a------|17734] D:\eula.1036.txt
[07/11/2007 08:00|--a------|17734] D:\eula.1040.txt
[07/11/2007 08:00|--a------|118] D:\eula.1041.txt
[07/11/2007 08:00|--a------|17734] D:\eula.1042.txt
[07/11/2007 08:00|--a------|17734] D:\eula.2052.txt
[07/11/2007 08:00|--a------|17734] D:\eula.3082.txt
[07/11/2007 08:00|--a------|1110] D:\globdata.ini
[07/11/2007 08:03|--a------|562688] D:\install.exe
[07/11/2007 08:00|--a------|843] D:\install.ini
[07/11/2007 08:03|--a------|76304] D:\install.res.1028.dll
[07/11/2007 08:03|--a------|96272] D:\install.res.1031.dll
[07/11/2007 08:03|--a------|91152] D:\install.res.1033.dll
[07/11/2007 08:03|--a------|97296] D:\install.res.1036.dll
[07/11/2007 08:03|--a------|95248] D:\install.res.1040.dll
[07/11/2007 08:03|--a------|81424] D:\install.res.1041.dll
[07/11/2007 08:03|--a------|79888] D:\install.res.1042.dll
[07/11/2007 08:03|--a------|75792] D:\install.res.2052.dll
[07/11/2007 08:03|--a------|96272] D:\install.res.3082.dll
[16/10/2009 12:24|--a------|16995] D:\setup.log
[07/11/2007 08:00|--a------|5686] D:\vcredist.bmp
[07/11/2007 08:09|--a------|1442522] D:\VC_RED.cab
[07/11/2007 08:12|--a------|232960] D:\VC_RED.MSI
[10/11/2008 17:58|--a------|218416] G:\MobileLaunch.exe
[10/10/2009 17:21|--a------|92] G:\MobileLaunch.ini
[17/11/2009 20:55|--a------|28160] G:\Pseudo css.doc

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# G:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |

"G:\Crack\Fraps_3.0.1.exe"
13/11/2009 15:19 |Size 2551040 |Crc32 893156c9 |Md5 7c2bbe16f1c077ec8fc26c8d4da7eaff

"G:\Crack\Game.CD.Key.Telechargementaz.tk.exe"
20/10/2009 10:25 |Size 1187840 |Crc32 a58967e1 |Md5 feaf72cc5c668cd121e91a5c991aacae

"G:\Crack\Burnout Paradise The Ultimate Box\KEYGEN.exe"
03/02/2009 19:03 |Size 8192 |Crc32 10355f99 |Md5 3ea967d5a1535f3aa821944473a20bb7

"G:\Crack\SporeCrack\rld-spor.exe"
15/10/2009 18:15 |Size 8192 |Crc32 eb2d0aa8 |Md5 302eef532707c32b2d6dccf06006a5fd

"G:\Crack\SporeCrack\SporeApp.exe"
15/10/2009 18:15 |Size 40633800 |Crc32 33986432 |Md5 f26ed9d6063f176c6f8b944eb0b7d0eb

"G:\Crack\WinRar v3.71+Crack\Crack.exe"
14/10/2009 18:22 |Size 23919 |Crc32 f68d6cf5 |Md5 06a36fb7b0451cbc89a0d15358ddf8e2

"G:\Installer\Atomix Virtual Dj 5.0 + Keygen + Effects + Skins + Samplers.zip"
-> Contain : virtualdj 5.0 + Keygen\install_virtualdj_v5.0.exe

"G:\Crack\Call.Of.Duty.Modern.Warfare.2.MULTIPLAYER.CRACK.WORKS.rar"
-> contain : Call.Of.Duty.Modern.Warfare.2.MULTIPLAYER.CRACK.WORKS\iw4mp.exe

"G:\Crack\ppt-moha.rar"
-> contain : MOHA.exe

"G:\Crack\yanliz-kurt-B.Paradise.CRACK-PATCH-KEYGEN_.rar"
-> contain : Burnout Paradise The Ultimate Box\BurnoutParadise Patch.exe

"G:\Crack\yanliz-kurt-B.Paradise.CRACK-PATCH-KEYGEN_.rar"
-> contain : Burnout Paradise The Ultimate Box\BurnoutParadise.exe

"G:\Crack\yanliz-kurt-B.Paradise.CRACK-PATCH-KEYGEN_.rar"
-> contain : Burnout Paradise The Ultimate Box\KEYGEN.exe

"G:\Crack\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial.rar"
-> contain : 01 MW2 MP CRACK\iw4mp.exe

"G:\Crack\Pure.iso\Crack For Pure.rar"
-> contain : Pure.exe

"G:\Crack\Tom Clancys H A W X Keygen Serial FIXED RELOADED HAWX\TCHAWXFixed.rar"
-> contain : *TCHawx.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe DNG Converter\Adobe DNG Converter.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe Reader 7.0\AdbeRdr70_fra_full.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\instmsia.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\instmsiw.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\setup.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Goodies\Infos fichier personnel\Infos fichier d'exemple\CustomPanel_allWidgets.txt

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Goodies\Infos fichier personnel\Infos fichier d'exemple\Description.txt

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Goodies\Infos fichier personnel\Infos fichier d'exemple

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Goodies\Modules externes facultatifs\Seiko Epson\PIM II Installer.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Setup.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Adobe Photoshop CS2 (9.0) Fr\Setup.exe.manifest

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe

"G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
-> contain : Crack et Keygen\Keygen Photoshop CS2 Fr.exe

"G:\Installer\Atomix Virtual DJ 5.7 (2008) +crack +38 skins +109 effects +123 samples.rar"
-> contain : Atomix Virtual DJ 5.7+ crack+ 38 skins+ 109 effects +123 samples\Atomix Virtual DJ 5.7 + crack + 38 skins + 109 effects + 123 samples\virtualdj.exe

"G:\Installer\Atomix.Virtual.DJ.Professional.V5.0.R6.Multilangages.Incl-Serial.[emule-island.com].rar"
-> contain : install_virtualdj_v5.0.rev6.exe

"G:\Installer\Xilisoft Video Converter v3.1.7.0630B Multilangages Incl Keygen.rar"
-> contain : x-video-converter.exe

"G:\Installer\Xilisoft Video Converter v3.1.7.0630B Multilangages Incl Keygen.rar"
-> contain : Keygen\KeyGen.exe


################## | Upload |

Veuillez envoyer le fichier : C:\Users\CleEmGym\Desktop\UsbFix_Upload_Me_PC-de-CleEmGym.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.074 ! |
0
Réponse 8 / 88
Utilisateur anonyme
 
Pour améliorer l'outil que tu viens d'utiliser, merci de faire ceci:

Veuillez envoyer le fichier : C:\Users\CleEmGym\Desktop\UsbFix_Upload_Me_PC-de-CleEmGym.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

*******************
Ceci maintenant :

Fais un scan avec cet antispyware :
Malwarebytes + tutoriel

Tu l´installes; mets le a jour...(onglet mise a jour)
Click maintenant sur l´onglet recherche et coche la case :
"Executer un examen rapide".
Puis click sur "rechercher".
Laisses le scanner le pc...
A la fin du scan, clique sur Afficher les résultats
Si des elements on ete trouvés :
> click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "oui".
A la fin un rapport va s´ouvrir;
sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
Copies et colles le rapport stp.

*********************

A la suite de cela, afin de faire le point:

==> Relances RSIT : tu n'auras qu'un rapport cette fois, c'est normal !

a+



0
Réponse 9 / 88
clemgym Messages postés 208 Statut Membre 27
 
Re-bonjour,

Voici le rapport :

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3583
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

17/01/2010 16:52:31
mbam-log-2010-01-17 (16-52-31).txt

Type de recherche: Examen rapide
Eléments examinés: 109104
Temps écoulé: 5 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 10

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmdxpeixig (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmxtsbmpre (Rootkit.TDSS) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{adf9b913-9ac8-9032-7400-095c6b2a74d2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\logman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstinit (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\winlogon\server.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Users\CleEmGym\AppData\Roaming\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\CleEmGym\AppData\Roaming\Microsoft\mstinit.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\CleEmGym\AppData\Roaming\server.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\kbiwkmbyifsmvo.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\kbiwkmypswcyyn.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\System32\kbiwkmcjitecly.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\System32\kbiwkmocplbbxq.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\System32\kbiwkmqenqaowl.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\CleEmGym\Local Settings\Application Data\logman.exe (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 10 / 88
clemgym Messages postés 208 Statut Membre 27
 
Alors, j'ai relance RSIT, et voila le rapport :

Logfile of random's system information tool 1.06 (written by random/random)
Run by CleEmGym at 2010-01-17 16:57:46
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 155 GB (65%) free of 238 GB
Total RAM: 3070 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:28, on 17/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\dllhst3g.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\ServoApp.exe
C:\Program Files\MFP Server\App\Common\MFPAgent.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\DNA\btdna.exe
C:\bucks.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\CleEmGym\Desktop\RSIT.exe
C:\Program Files\trend micro\CleEmGym.exe
C:\Program Files\Steam\Steam.exe
C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\dllhst3g.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Win32dll] C:\bucks.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [Cisvc] C:\Users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [MstInit] C:\Windows\System32\drivers\mstinit.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [MstInit] C:\Users\CleEmGym\AppData\Roaming\MICROS~1\mstinit.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [MstInit] C:\Users\CleEmGym\AppData\Roaming\MICROS~1\mstinit.exe /waitservice (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
0
Réponse 11 / 88
Utilisateur anonyme
 
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt


a+
0
Réponse 12 / 88
Sofiane_150 Messages postés 194 Statut Membre 29
 
bonjour a tous moi c'est des sites de jeux qui s'affiche a chaque fois comment supprimer leurs apparétions sur la page , je suis aller sur (outils - options internet-sit a bloquer mais toujour pas d'exécution comment faire pour bloquer les sites de pub et autres , vous remercie bien.
0
Réponse 13 / 88
clemgym Messages postés 208 Statut Membre 27
 
Archet9

Voici le rapport :

ComboFix 10-01-16.04 - CleEmGym 17/01/2010 17:45:01.1.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3070.1777 [GMT 1:00]
Lancé depuis: c:\users\CleEmGym\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1169 [VPS 090821-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1169 [VPS 090821-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\CleEmGym\AppData\Local\Microsoft\dllhst3g.exe
c:\users\CleEmGym\AppData\Local\mstinit.exe
c:\users\CleEmGym\AppData\Roaming\Microsoft\mstinit.exe
c:\windows\system32\drivers\mstinit.exe
D:\install.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-17 au 2010-01-17 ))))))))))))))))))))))))))))))))))))
.

2010-01-17 16:57 . 2009-11-13 09:44 95232 ----a-w- c:\windows\system32\drivers\logman.exe
2010-01-17 16:57 . 2009-11-13 09:44 95232 ----a-w- c:\windows\cmstp.exe
2010-01-17 15:46 . 2010-01-17 15:46 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Malwarebytes
2010-01-17 15:45 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-17 15:45 . 2010-01-17 15:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-17 15:45 . 2010-01-17 15:45 -------- d-----w- c:\programdata\Malwarebytes
2010-01-17 15:45 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-17 14:27 . 2010-01-17 14:39 -------- d-----w- C:\UsbFix
2010-01-17 13:23 . 2010-01-17 13:31 -------- d-----w- C:\Ad-Remover
2010-01-17 12:59 . 2010-01-17 12:59 -------- d--h--w- c:\program files\winlogon
2010-01-17 12:25 . 2010-01-17 15:57 -------- d-----w- c:\program files\trend micro
2010-01-17 12:25 . 2010-01-17 12:26 -------- d-----w- C:\rsit
2010-01-13 07:09 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 07:09 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-12 14:15 . 2010-01-12 14:15 -------- d-----w- C:\Games
2010-01-11 08:39 . 2008-05-30 13:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2010-01-11 08:39 . 2008-05-30 13:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2010-01-11 08:39 . 2008-05-30 13:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2010-01-11 08:39 . 2008-05-30 13:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2010-01-11 08:39 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2010-01-11 08:39 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2010-01-11 08:39 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2010-01-11 08:39 . 2008-03-05 15:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2010-01-11 08:39 . 2008-03-05 15:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2010-01-11 08:39 . 2008-03-05 15:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2010-01-11 08:39 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-01-11 08:39 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-01-11 08:39 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-01-07 13:14 . 2010-01-07 13:14 -------- d-----w- c:\program files\Project10
2010-01-07 12:12 . 2010-01-07 13:14 286720 ------w- c:\windows\Setup1.exe
2010-01-07 12:11 . 2010-01-07 13:14 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-01-03 19:46 . 2010-01-03 19:46 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-03 15:13 . 2010-01-03 15:13 -------- d-----w- c:\users\CleEmGym\.thumbnails
2010-01-03 10:25 . 2010-01-17 13:50 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\gtk-2.0
2010-01-03 10:17 . 2010-01-17 13:52 -------- d-----w- c:\users\CleEmGym\.gimp-2.6
2010-01-03 10:16 . 2010-01-03 10:16 -------- d-----w- c:\program files\GIMP-2.0
2009-12-29 16:14 . 2009-12-29 16:15 -------- d-----w- c:\users\Invité
2009-12-27 09:52 . 2009-12-27 09:52 -------- d-----w- c:\programdata\UDL
2009-12-27 09:45 . 2008-05-06 16:39 382240 ------w- c:\windows\system32\UninstMFP.exe
2009-12-27 09:45 . 2007-05-20 19:45 417792 ------w- c:\windows\system32\ServoApp.exe
2009-12-27 09:45 . 2006-09-21 20:35 151552 ------w- c:\windows\system32\ddschk.dll
2009-12-27 09:45 . 2007-05-06 20:44 34944 ----a-w- c:\windows\system32\drivers\mfpec.sys
2009-12-27 09:45 . 2007-01-09 22:36 10880 ----a-w- c:\windows\system32\drivers\mfpcomp.sys
2009-12-27 09:45 . 2006-10-20 01:57 10240 ----a-w- c:\windows\system32\drivers\mfpvbus.sys
2009-12-27 09:45 . 2006-09-21 23:13 200704 ----a-w- c:\windows\system32\mfpcoins.dll
2009-12-27 09:45 . 2009-12-27 09:45 -------- d-----w- c:\program files\MFP Server
2009-12-27 09:43 . 2007-04-10 01:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-12-27 09:43 . 2007-12-07 02:08 86528 ----a-w- c:\windows\system32\E_FLBEGE.DLL
2009-12-27 09:43 . 2007-12-07 02:01 78848 ----a-w- c:\windows\system32\E_FD4BEGE.DLL
2009-12-27 09:43 . 2009-12-27 09:44 -------- d-----w- c:\programdata\EPSON
2009-12-27 09:42 . 2007-07-12 23:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2009-12-27 09:42 . 2009-12-27 09:50 -------- d-----w- c:\program files\epson
2009-12-25 10:09 . 2009-12-29 16:17 -------- d-----w- c:\program files\Common Files\Steam
2009-12-25 09:56 . 2010-01-17 16:21 -------- d-----w- c:\program files\Steam
2009-12-20 13:28 . 2009-12-20 13:28 -------- d-----w- c:\program files\Guitar Pro 5

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-17 16:57 . 2009-08-22 16:05 32156 ----a-w- c:\programdata\nvModes.dat
2010-01-17 16:57 . 2009-09-14 08:26 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\DNA
2010-01-17 16:57 . 2009-09-14 08:26 -------- d-----w- c:\program files\DNA
2010-01-17 16:57 . 2009-06-05 01:00 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2010-01-17 16:57 . 2009-08-22 15:31 56680 ----a-w- c:\windows\system32\rpcnet.dll
2010-01-17 16:57 . 2009-08-22 14:56 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-01-17 14:36 . 2008-04-16 11:16 672322 ----a-w- c:\windows\system32\perfh00C.dat
2010-01-17 14:36 . 2008-04-16 11:16 124434 ----a-w- c:\windows\system32\perfc00C.dat
2010-01-16 19:35 . 2009-08-22 17:04 -------- d-----w- c:\programdata\Messenger Plus!
2010-01-16 19:10 . 2009-08-22 16:36 -------- d-----w- c:\program files\Messenger Plus! Live
2010-01-15 13:05 . 2009-09-14 08:26 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\BitTorrent
2010-01-15 12:23 . 2009-08-23 20:12 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\vlc
2010-01-15 10:36 . 2009-08-22 14:57 153608 ----a-w- c:\users\CleEmGym\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-13 09:22 . 2010-01-11 08:40 -------- d-----w- c:\program files\OpenAL
2010-01-13 07:28 . 2009-08-22 14:58 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-13 07:13 . 2009-06-05 01:11 -------- d-----w- c:\programdata\Microsoft Help
2010-01-13 07:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-11 08:40 . 2010-01-11 08:40 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-01-11 08:40 . 2010-01-11 08:40 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-01-03 19:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2010-01-03 18:00 . 2009-08-22 15:01 -------- d-----w- c:\program files\Microsoft
2009-12-27 09:50 . 2009-06-05 01:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 19:29 . 2009-06-05 01:29 -------- d-----w- c:\program files\Google
2009-12-26 15:49 . 2009-08-26 11:25 680 ----a-w- c:\users\CleEmGym\AppData\Local\d3d9caps.dat
2009-12-24 17:47 . 2009-12-24 17:47 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-18 10:41 . 2009-12-04 14:14 -------- d-----w- c:\program files\Ubisoft
2009-12-18 09:19 . 2009-08-31 16:46 -------- d-----w- c:\program files\TubeMaster++
2009-12-17 13:48 . 2009-12-17 13:48 -------- d-----w- c:\program files\GamersFirst
2009-12-14 07:11 . 2009-12-14 07:11 -------- d-----w- c:\program files\Netscape
2009-12-13 16:32 . 2009-12-13 16:32 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb31C1.tmp.exe
2009-12-10 08:15 . 2009-11-30 19:25 8192 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
2009-12-10 08:15 . 2009-11-30 19:25 61440 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-10 08:15 . 2009-11-30 19:25 10240 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
2009-12-09 08:34 . 2009-08-23 10:26 -------- d-----w- c:\programdata\eMule
2009-12-09 08:34 . 2009-12-09 08:34 -------- d-----w- c:\program files\eMule
2009-12-07 20:12 . 2009-12-07 20:12 -------- d-----w- c:\program files\JMCAssemblageGsm
2009-12-07 13:10 . 2009-12-07 13:10 53248 ----a-w- c:\windows\fados.exe
2009-12-07 13:03 . 2009-12-07 13:03 -------- d-----w- c:\program files\Common Files\Atlence
2009-12-06 16:50 . 2009-12-06 16:46 -------- d-----w- c:\program files\Samsung
2009-12-06 16:49 . 2009-11-30 19:27 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-06 16:47 . 2009-12-06 16:47 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Samsung
2009-12-06 16:46 . 2009-12-06 16:46 -------- d-----w- c:\program files\MarkAny
2009-12-06 10:35 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus 2
2009-12-06 10:27 . 2009-12-06 10:27 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2009-12-04 14:40 . 2009-12-04 14:40 -------- d-----w- c:\programdata\Ubisoft
2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\app
2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2009-12-03 07:44 . 2009-09-05 13:29 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\dvdcss
2009-12-02 18:21 . 2009-12-02 18:21 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-12-02 18:21 . 2009-12-02 18:21 38208 ----a-w- c:\users\CleEmGym\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-12-02 18:21 . 2009-12-02 18:21 38208 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-12-02 13:25 . 2009-12-02 13:25 859 ----a-w- c:\users\CleEmGym\AppData\Roaming\datawin.dat
2009-12-02 10:07 . 2009-08-26 10:25 -------- d-----w- c:\program files\Counter-Strike Source
2009-12-01 09:31 . 2009-12-01 09:31 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Diplodock
2009-12-01 09:31 . 2009-12-01 09:31 -------- d-----w- c:\program files\Diplodock Company
2009-11-30 19:34 . 2009-11-30 19:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2009-11-30 19:34 . 2009-11-30 19:32 -------- d-----w- c:\programdata\PC Suite
2009-11-30 19:32 . 2009-11-30 19:27 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\PC Suite
2009-11-30 19:32 . 2009-11-30 19:29 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Nokia
2009-11-30 19:28 . 2009-11-30 19:28 -------- d-----w- c:\program files\DIFX
2009-11-30 19:24 . 2009-11-30 19:24 -------- d-----w- c:\programdata\Installations
2009-11-30 19:15 . 2009-11-30 19:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-11-29 11:53 . 2009-11-29 11:53 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-11-29 11:52 . 2009-11-29 11:52 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-11-29 11:52 . 2009-11-29 11:51 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-11-29 11:51 . 2009-11-29 11:51 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\TuneUp Software
2009-11-29 11:51 . 2009-11-29 11:51 -------- d-----w- c:\programdata\TuneUp Software
2009-11-29 11:50 . 2009-11-29 11:50 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-11-28 19:12 . 2009-10-31 17:49 -------- d-----w- c:\program files\Patch MsnCreative
2009-11-28 18:09 . 2009-11-28 18:09 -------- d-----w- c:\program files\Circle Develoement
2009-11-24 23:54 . 2009-08-22 17:15 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-08-22 17:15 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-08-22 17:15 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-08-22 17:15 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-08-22 17:15 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-08-22 17:15 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-08-22 17:15 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 18:13 . 2009-11-23 18:13 -------- d-----w- c:\programdata\WindowsSearch
2009-11-23 10:03 . 2009-09-26 19:39 -------- d-----w- c:\program files\VDOWNLOADER
2009-11-21 06:40 . 2009-12-09 07:29 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 07:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 06:34 . 2009-12-09 07:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 04:59 . 2009-12-09 07:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-20 10:29 . 2009-08-23 08:00 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Skype
2009-11-20 10:22 . 2009-08-23 08:01 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\skypePM
2009-11-20 08:30 . 2009-10-07 09:48 -------- d-----w- c:\program files\Electronic Arts
2009-11-20 08:29 . 2009-11-13 10:53 -------- d-----w- c:\program files\Game Cam V2
2009-11-17 17:07 . 2009-12-01 10:08 18944 ------w- C:\bucks.exe
2009-11-16 11:25 . 2009-11-29 11:52 17224 ----a-w- c:\windows\system32\authuitu.dll
2009-11-16 11:25 . 2009-11-29 11:52 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-11-13 09:44 . 2010-01-17 16:57 95232 ----a-w- c:\windows\system32\drivers\mstinit.exe
2009-11-13 09:44 . 2010-01-17 16:57 95232 ----a-w- c:\users\CleEmGym\AppData\Roaming\Microsoft\mstinit.exe
2009-11-09 12:31 . 2009-12-09 07:35 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-09 07:35 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-09 07:35 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-07 22:49 . 2009-11-07 22:49 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-03 08:21 . 2009-11-03 08:21 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-02 19:42 . 2009-10-03 06:03 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 07:13 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-05 01:23 . 2009-06-05 01:23 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-05 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2010-01-17 323392]
"Win32dll"="C:\bucks.exe" [2009-11-17 18944]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-16 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-16 92704]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-16 6253088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-25 159744]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-06-05 47672]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-06-05 33136]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Server Application"="c:\windows\system32\ServoApp.exe" [2007-05-20 417792]
"GDI Manager"="c:\program files\MFP Server\App\Common\MFPAgent.exe" [2008-05-06 741376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Cisvc"="c:\users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe" [2009-11-13 95232]

[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"MstInit"="c:\windows\System32\drivers\mstinit.exe" [2009-11-13 95232]

[HKEY_USERS\.DEFAULT\software\microsoft\windows\Currentversion\policies\explorer\Run]
"MstInit"="c:\users\CleEmGym\AppData\Roaming\MICROS~1\mstinit.exe" [2009-11-13 95232]

c:\users\CleEmGym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{DC905847-D537-427F-BF91-47CC7ACCDE58}\_DF3A81D17C478A2A6C60A5.exe [2009-6-5 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"load"=c:\windows\System32\drivers\logman.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-16 08:41 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"Google Update"="c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):ab,f1,ea,33,1a,3d,ca,01

R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [05/06/2009 03:22 15416]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [22/08/2009 18:15 114768]
R2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\System32\drivers\mfpec.sys [27/12/2009 10:45 34944]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22/08/2009 18:15 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22/08/2009 18:15 53328]
R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [06/12/2009 17:47 233472]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [06/12/2009 17:47 36608]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [09/09/2008 04:15 48128]
R3 WUSBVBus;MFP Server Detector;c:\windows\System32\drivers\mfpvbus.sys [27/12/2009 10:45 10240]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [18/09/2009 15:19 133104]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 AliWGP;Composite Device;c:\windows\System32\drivers\mfpcomp.sys [27/12/2009 10:45 10880]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\System32\drivers\bfturboh.sys [10/10/2009 17:19 17280]
S3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [07/04/2008 07:00 6656]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe --> c:\program files\MAGIX\Common\Database\bin\fbserver.exe [?]
S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/01/2008 03:23 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [22/08/2009 17:29 54632]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21:48 704864]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 21:22 34064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 14:19]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 14:19]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251025576-1577586405-655904607-1000Core.job
- c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-10 07:24]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251025576-1577586405-655904607-1000UA.job
- c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-10 07:24]

2010-01-17 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 16:04]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-PCSuiteTrayApplication - c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
ActiveSetup-{ADF9B913-9AC8-9032-7400-095C6B2A74D2} - c:\program files\winlogon\server.exe
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-BigSeekPro Toolbar - c:\program files\BigSeekPro Toolbar\UninstallToolbar.exe
AddRemove-eBay Icon - c:\users\CleEmGym\AppData\Roaming\Desktopicon\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-17 17:57
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


C:\ADSM_PData_0150

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8552B1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x8a7acd24
\Driver\ACPI -> acpi.sys @ 0x807c2d68
\Driver\atapi -> 0x8552b1f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK
copy of MBR has been found in sector 61 !
copy of MBR has been found in sector 62 !

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-4251025576-1577586405-655904607-1000\Software\SecuROM\License information*]
"datasecu"=hex:e9,c7,4f,ee,5e,c2,81,8a,ad,bb,36,9c,f1,31,ea,5c,2c,f0,e3,89,21,
3b,0e,78,fc,3f,1b,41,6b,54,c4,3f,9c,fa,f8,15,27,42,21,6b,24,0a,a3,a6,6c,8a,\
"rkeysecu"=hex:eb,ed,78,56,b0,73,a7,c6,a8,f5,22,8f,dd,e4,e7,c8

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(5088)
c:\program files\RocketDock\RocketDock.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\system32\conime.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\ATK Hotkey\WDC.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\rpcnet.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\TUProgSt.exe
c:\users\CleEmGym\Local Settings\APPLIC~1\MICROS~1\cisvc.exe
c:\windows\System32\rundll32.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\RtHDVCpl.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
.
**************************************************************************
.
Heure de fin: 2010-01-17 18:06:43 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-17 17:06

Avant-CF: 162 196 926 464 octets libres
Après-CF: 161 925 128 192 octets libres

- - End Of File - - 6EB7F0EF7C8204B58034258B4CAE7B84
0
Réponse 14 / 88
Utilisateur anonyme
 
> Avec Combofix :


- Crée un nouveau document texte : clic droit de souris sur le bureau => Nouveau => Document Texte, et copie/colle dedans les lignes en gras:




File::
c:\windows\system32\drivers\logman.exe
c:\windows\cmstp.exe
c:\windows\fados.exe
c:\windows\System32\drivers\mstinit.exe


Reg::
[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]


- Enregistre ce fichier sous le nom CFScript (Type du fichier : tous les fichiers)
- Ferme tous tes navigateurs web (donc copie ou imprime les instructions suivantes avant si besoin est).
- Désactive ton antivirus et tes autres protections résidentes (ex : Spybot) si tu en as (c'est important).
- Fait un glisser/déposer de ce fichier CFScript sur le programme ComboFix.exe comme sur cette image :


[img]http://img517.imageshack.us/img517/8662/cfscript10uc2.gif[/img]


(Explications du glisser/coller : Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relâche alors le bouton de la souris).

- Combofix va démarrer puis une fenêtre bleue va apparaître. Au message qui s'affiche (Type 1 to continue, or 2 to abort) : tape 1 puis valide.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal !
- Ne touche à rien tant que le scan n'est pas terminé sinon le PC peut planter !
- Une fois le scan achevé, un rapport va s'afficher: poste le stp.
PS : Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt


> ENSUITE:

Un nouveau RSIT STP....


a+

0
Réponse 15 / 88
clemgym Messages postés 208 Statut Membre 27
 
Bonsoir,

Voici le rapport de ComboFix :

ComboFix 10-01-16.04 - CleEmGym 17/01/2010 19:12:16.2.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3070.2218 [GMT 1:00]
Lancé depuis: c:\users\CleEmGym\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\CleEmGym\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1169 [VPS 090821-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1169 [VPS 090821-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\windows\cmstp.exe"
"c:\windows\fados.exe"
"c:\windows\system32\drivers\logman.exe"
"c:\windows\System32\drivers\mstinit.exe"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\CleEmGym\AppData\Roaming\Microsoft\mstinit.exe
c:\windows\cmstp.exe
c:\windows\fados.exe
c:\windows\system32\drivers\comrepl.exe
c:\windows\system32\drivers\logman.exe
c:\windows\system32\drivers\mstinit.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-17 au 2010-01-17 ))))))))))))))))))))))))))))))))))))
.

2010-01-17 18:20 . 2010-01-17 18:20 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-17 18:20 . 2010-01-17 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-17 18:20 . 2010-01-17 18:20 -------- d-----w- c:\users\CleEmGym\AppData\Local\temp
2010-01-17 15:46 . 2010-01-17 15:46 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Malwarebytes
2010-01-17 15:45 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-17 15:45 . 2010-01-17 15:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-17 15:45 . 2010-01-17 15:45 -------- d-----w- c:\programdata\Malwarebytes
2010-01-17 15:45 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-17 14:27 . 2010-01-17 14:39 -------- d-----w- C:\UsbFix
2010-01-17 13:23 . 2010-01-17 13:31 -------- d-----w- C:\Ad-Remover
2010-01-17 12:59 . 2010-01-17 12:59 -------- d--h--w- c:\program files\winlogon
2010-01-17 12:25 . 2010-01-17 15:57 -------- d-----w- c:\program files\trend micro
2010-01-17 12:25 . 2010-01-17 12:26 -------- d-----w- C:\rsit
2010-01-15 21:13 . 2008-02-05 07:03 39936 ----a-w- c:\programdata\EPSON\EPSON Stylus SX400 Series\Language\040c.E_DIX0RE.DLL
2010-01-13 07:09 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 07:09 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-12 14:15 . 2010-01-12 14:15 -------- d-----w- C:\Games
2010-01-11 08:39 . 2008-05-30 13:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2010-01-11 08:39 . 2008-05-30 13:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2010-01-11 08:39 . 2008-05-30 13:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2010-01-11 08:39 . 2008-05-30 13:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2010-01-11 08:39 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2010-01-11 08:39 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2010-01-11 08:39 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2010-01-11 08:39 . 2008-03-05 15:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2010-01-11 08:39 . 2008-03-05 15:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2010-01-11 08:39 . 2008-03-05 15:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2010-01-11 08:39 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-01-11 08:39 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-01-11 08:39 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-01-07 13:14 . 2010-01-07 13:14 -------- d-----w- c:\program files\Project10
2010-01-07 12:12 . 2010-01-07 13:14 286720 ------w- c:\windows\Setup1.exe
2010-01-07 12:11 . 2010-01-07 13:14 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-01-03 19:46 . 2010-01-03 19:46 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-03 15:13 . 2010-01-03 15:13 -------- d-----w- c:\users\CleEmGym\.thumbnails
2010-01-03 10:25 . 2010-01-17 13:50 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\gtk-2.0
2010-01-03 10:17 . 2010-01-17 13:52 -------- d-----w- c:\users\CleEmGym\.gimp-2.6
2010-01-03 10:16 . 2010-01-03 10:16 -------- d-----w- c:\program files\GIMP-2.0
2009-12-29 16:14 . 2009-12-29 16:15 -------- d-----w- c:\users\Invité
2009-12-27 09:52 . 2009-12-27 09:52 -------- d-----w- c:\programdata\UDL
2009-12-27 09:45 . 2008-05-06 16:39 382240 ------w- c:\windows\system32\UninstMFP.exe
2009-12-27 09:45 . 2007-05-20 19:45 417792 ------w- c:\windows\system32\ServoApp.exe
2009-12-27 09:45 . 2006-09-21 20:35 151552 ------w- c:\windows\system32\ddschk.dll
2009-12-27 09:45 . 2007-05-06 20:44 34944 ----a-w- c:\windows\system32\drivers\mfpec.sys
2009-12-27 09:45 . 2007-01-09 22:36 10880 ----a-w- c:\windows\system32\drivers\mfpcomp.sys
2009-12-27 09:45 . 2006-10-20 01:57 10240 ----a-w- c:\windows\system32\drivers\mfpvbus.sys
2009-12-27 09:45 . 2006-09-21 23:13 200704 ----a-w- c:\windows\system32\mfpcoins.dll
2009-12-27 09:45 . 2009-12-27 09:45 -------- d-----w- c:\program files\MFP Server
2009-12-27 09:44 . 2008-02-07 05:03 56320 ----a-w- c:\programdata\EPSON\EPSON Stylus SX400 Series\Language\040c.E_S9E0G7.DLL
2009-12-27 09:44 . 2007-12-17 04:00 143872 ----a-w- c:\programdata\EPSON\EPW!3 SSRP\E_S40ST7.EXE
2009-12-27 09:44 . 2007-01-11 04:02 113664 ----a-w- c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
2009-12-27 09:44 . 2008-05-26 07:03 212480 ----a-w- c:\programdata\EPSON\EPSON Stylus SX400 Series\Language\040c.E_DI0EEE.DLL
2009-12-27 09:43 . 2007-04-10 01:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-12-27 09:43 . 2007-12-07 02:08 86528 ----a-w- c:\windows\system32\E_FLBEGE.DLL
2009-12-27 09:43 . 2007-12-07 02:01 78848 ----a-w- c:\windows\system32\E_FD4BEGE.DLL
2009-12-27 09:43 . 2009-12-27 09:44 -------- d-----w- c:\programdata\EPSON
2009-12-27 09:42 . 2007-07-12 23:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2009-12-27 09:42 . 2009-12-27 09:50 -------- d-----w- c:\program files\epson
2009-12-25 10:09 . 2009-12-29 16:17 -------- d-----w- c:\program files\Common Files\Steam
2009-12-25 09:56 . 2010-01-17 17:28 -------- d-----w- c:\program files\Steam
2009-12-24 17:47 . 2009-12-24 17:47 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-20 13:28 . 2009-12-20 13:28 -------- d-----w- c:\program files\Guitar Pro 5

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-17 18:08 . 2009-08-22 16:05 32156 ----a-w- c:\programdata\nvModes.dat
2010-01-17 18:07 . 2009-08-22 14:56 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-01-17 18:07 . 2009-06-05 01:00 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2010-01-17 18:07 . 2009-08-22 15:31 56680 ----a-w- c:\windows\system32\rpcnet.dll
2010-01-17 18:06 . 2009-09-14 08:26 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\DNA
2010-01-17 17:09 . 2009-09-14 08:26 -------- d-----w- c:\program files\DNA
2010-01-17 14:36 . 2008-04-16 11:16 672322 ----a-w- c:\windows\system32\perfh00C.dat
2010-01-17 14:36 . 2008-04-16 11:16 124434 ----a-w- c:\windows\system32\perfc00C.dat
2010-01-16 19:35 . 2009-08-22 17:04 -------- d-----w- c:\programdata\Messenger Plus!
2010-01-16 19:10 . 2009-08-22 16:36 -------- d-----w- c:\program files\Messenger Plus! Live
2010-01-15 13:05 . 2009-09-14 08:26 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\BitTorrent
2010-01-15 12:23 . 2009-08-23 20:12 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\vlc
2010-01-15 10:36 . 2009-08-22 14:57 153608 ----a-w- c:\users\CleEmGym\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-13 09:22 . 2010-01-11 08:40 -------- d-----w- c:\program files\OpenAL
2010-01-13 07:28 . 2009-08-22 14:58 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-13 07:13 . 2009-06-05 01:11 -------- d-----w- c:\programdata\Microsoft Help
2010-01-13 07:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-11 08:40 . 2010-01-11 08:40 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-01-11 08:40 . 2010-01-11 08:40 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-01-03 19:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2010-01-03 18:00 . 2009-08-22 15:01 -------- d-----w- c:\program files\Microsoft
2009-12-27 09:50 . 2009-06-05 01:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 19:29 . 2009-06-05 01:29 -------- d-----w- c:\program files\Google
2009-12-26 15:49 . 2009-08-26 11:25 680 ----a-w- c:\users\CleEmGym\AppData\Local\d3d9caps.dat
2009-12-18 10:41 . 2009-12-04 14:14 -------- d-----w- c:\program files\Ubisoft
2009-12-18 09:19 . 2009-08-31 16:46 -------- d-----w- c:\program files\TubeMaster++
2009-12-17 13:48 . 2009-12-17 13:48 -------- d-----w- c:\program files\GamersFirst
2009-12-14 07:11 . 2009-12-14 07:11 -------- d-----w- c:\program files\Netscape
2009-12-13 16:32 . 2009-12-13 16:32 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb31C1.tmp.exe
2009-12-10 08:15 . 2009-11-30 19:25 8192 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
2009-12-10 08:15 . 2009-11-30 19:25 61440 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-10 08:15 . 2009-11-30 19:25 10240 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
2009-12-09 08:34 . 2009-08-23 10:26 -------- d-----w- c:\programdata\eMule
2009-12-09 08:34 . 2009-12-09 08:34 -------- d-----w- c:\program files\eMule
2009-12-07 20:12 . 2009-12-07 20:12 -------- d-----w- c:\program files\JMCAssemblageGsm
2009-12-07 13:03 . 2009-12-07 13:03 -------- d-----w- c:\program files\Common Files\Atlence
2009-12-06 16:50 . 2009-12-06 16:46 -------- d-----w- c:\program files\Samsung
2009-12-06 16:49 . 2009-11-30 19:27 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-06 16:47 . 2009-12-06 16:47 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Samsung
2009-12-06 16:46 . 2009-12-06 16:46 -------- d-----w- c:\program files\MarkAny
2009-12-06 10:35 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus 2
2009-12-06 10:27 . 2009-12-06 10:27 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2009-12-04 14:40 . 2009-12-04 14:40 -------- d-----w- c:\programdata\Ubisoft
2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\app
2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2009-12-03 07:44 . 2009-09-05 13:29 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\dvdcss
2009-12-02 18:21 . 2009-12-02 18:21 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-12-02 18:21 . 2009-12-02 18:21 38208 ----a-w- c:\users\CleEmGym\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-12-02 18:21 . 2009-12-02 18:21 38208 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-12-02 13:25 . 2009-12-02 13:25 859 ----a-w- c:\users\CleEmGym\AppData\Roaming\datawin.dat
2009-12-02 10:07 . 2009-08-26 10:25 -------- d-----w- c:\program files\Counter-Strike Source
2009-12-01 09:31 . 2009-12-01 09:31 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Diplodock
2009-12-01 09:31 . 2009-12-01 09:31 -------- d-----w- c:\program files\Diplodock Company
2009-11-30 19:34 . 2009-11-30 19:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2009-11-30 19:34 . 2009-11-30 19:32 -------- d-----w- c:\programdata\PC Suite
2009-11-30 19:32 . 2009-11-30 19:27 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\PC Suite
2009-11-30 19:32 . 2009-11-30 19:29 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Nokia
2009-11-30 19:28 . 2009-11-30 19:28 -------- d-----w- c:\program files\DIFX
2009-11-30 19:24 . 2009-11-30 19:24 -------- d-----w- c:\programdata\Installations
2009-11-30 19:15 . 2009-11-30 19:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-11-29 11:53 . 2009-11-29 11:53 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-11-29 11:52 . 2009-11-29 11:52 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-11-29 11:52 . 2009-11-29 11:51 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-11-29 11:51 . 2009-11-29 11:51 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\TuneUp Software
2009-11-29 11:51 . 2009-11-29 11:51 -------- d-----w- c:\programdata\TuneUp Software
2009-11-29 11:50 . 2009-11-29 11:50 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-11-28 19:12 . 2009-10-31 17:49 -------- d-----w- c:\program files\Patch MsnCreative
2009-11-28 18:09 . 2009-11-28 18:09 -------- d-----w- c:\program files\Circle Develoement
2009-11-24 23:54 . 2009-08-22 17:15 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-08-22 17:15 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-08-22 17:15 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-08-22 17:15 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-08-22 17:15 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-08-22 17:15 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-08-22 17:15 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 18:13 . 2009-11-23 18:13 -------- d-----w- c:\programdata\WindowsSearch
2009-11-23 10:03 . 2009-09-26 19:39 -------- d-----w- c:\program files\VDOWNLOADER
2009-11-21 06:40 . 2009-12-09 07:29 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 07:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 06:34 . 2009-12-09 07:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 04:59 . 2009-12-09 07:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-20 10:29 . 2009-08-23 08:00 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Skype
2009-11-20 10:22 . 2009-08-23 08:01 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\skypePM
2009-11-20 08:30 . 2009-10-07 09:48 -------- d-----w- c:\program files\Electronic Arts
2009-11-20 08:29 . 2009-11-13 10:53 -------- d-----w- c:\program files\Game Cam V2
2009-11-17 17:07 . 2009-12-01 10:08 18944 ------w- C:\bucks.exe
2009-11-16 11:25 . 2009-11-29 11:52 17224 ----a-w- c:\windows\system32\authuitu.dll
2009-11-16 11:25 . 2009-11-29 11:52 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-11-09 12:31 . 2009-12-09 07:35 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-09 07:35 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-09 07:35 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-07 22:49 . 2009-11-07 22:49 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-03 08:21 . 2009-11-03 08:21 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-02 19:42 . 2009-10-03 06:03 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 07:13 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-29 09:17 . 2009-11-25 08:50 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-21 16:45 . 2009-12-06 17:24 33792 ----a-w- c:\windows\system32\identprv.dll
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
2008-05-22 16:35 . 2008-05-22 16:35 51962 ----a-w- c:\program files\Common Files\banner.jpg
2009-06-05 01:23 . 2009-06-05 01:23 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-05 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2010-01-17 323392]
"Win32dll"="C:\bucks.exe" [2009-11-17 18944]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-16 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-16 92704]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-16 6253088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-25 159744]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-06-05 47672]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-06-05 33136]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Server Application"="c:\windows\system32\ServoApp.exe" [2007-05-20 417792]
"GDI Manager"="c:\program files\MFP Server\App\Common\MFPAgent.exe" [2008-05-06 741376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Cisvc"="c:\users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe" [2009-11-13 95232]

c:\users\CleEmGym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{DC905847-D537-427F-BF91-47CC7ACCDE58}\_DF3A81D17C478A2A6C60A5.exe [2009-6-5 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-16 08:41 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"Google Update"="c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):ab,f1,ea,33,1a,3d,ca,01

R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [05/06/2009 03:22 15416]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [22/08/2009 18:15 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22/08/2009 18:15 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22/08/2009 18:15 53328]
R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [06/12/2009 17:47 233472]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [06/12/2009 17:47 36608]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [09/09/2008 04:15 48128]
R3 WUSBVBus;MFP Server Detector;c:\windows\System32\drivers\mfpvbus.sys [27/12/2009 10:45 10240]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [26/08/2009 12:03 721904]
S2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\System32\drivers\mfpec.sys [27/12/2009 10:45 34944]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [18/09/2009 15:19 133104]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 AliWGP;Composite Device;c:\windows\System32\drivers\mfpcomp.sys [27/12/2009 10:45 10880]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\System32\drivers\bfturboh.sys [10/10/2009 17:19 17280]
S3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [07/04/2008 07:00 6656]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe --> c:\program files\MAGIX\Common\Database\bin\fbserver.exe [?]
S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/01/2008 03:23 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [22/08/2009 17:29 54632]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21:48 704864]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 21:22 34064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 14:19]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 14:19]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251025576-1577586405-655904607-1000Core.job
- c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-10 07:24]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251025576-1577586405-655904607-1000UA.job
- c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-10 07:24]

2010-01-17 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 16:04]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Explorer_Run-MstInit - c:\windows\System32\drivers\mstinit.exe
HKU-Default-Explorer_Run-MstInit - c:\users\CleEmGym\AppData\Roaming\MICROS~1\mstinit.exe



**************************************************************************
Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-4251025576-1577586405-655904607-1000\Software\SecuROM\License information*]
"datasecu"=hex:e9,c7,4f,ee,5e,c2,81,8a,ad,bb,36,9c,f1,31,ea,5c,2c,f0,e3,89,21,
3b,0e,78,fc,3f,1b,41,6b,54,c4,3f,9c,fa,f8,15,27,42,21,6b,24,0a,a3,a6,6c,8a,\
"rkeysecu"=hex:eb,ed,78,56,b0,73,a7,c6,a8,f5,22,8f,dd,e4,e7,c8

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
Heure de fin: 2010-01-17 19:24:06
ComboFix-quarantined-files.txt 2010-01-17 18:24
ComboFix2.txt 2010-01-17 17:06

Avant-CF: 161 819 570 176 octets libres
Après-CF: 161 797 705 728 octets libres

- - End Of File - - 215B4437CAF25CF8DA0D9B196EE5FC32
0
Réponse 16 / 88
clemgym Messages postés 208 Statut Membre 27
 
Et voici le RSIT que tu m'a demandé :

Logfile of random's system information tool 1.06 (written by random/random)
Run by CleEmGym at 2010-01-17 19:28:54
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 154 GB (65%) free of 238 GB
Total RAM: 3070 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:57, on 17/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\CleEmGym\Desktop\RSIT.exe
C:\Program Files\trend micro\CleEmGym.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Win32dll] C:\bucks.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [Cisvc] C:\Users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe /waitservice
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
0
Réponse 17 / 88
Utilisateur anonyme
 
Donnes des nouvelles du pc stp

a+
0
Réponse 18 / 88
clemgym Messages postés 208 Statut Membre 27
 
Déjà, Je me doit de te remercier pour tout ce que tu as fait, c'est gentil !
Je donnerai des nouvelles si j'ai encore des pubs !

Merci =)
0
Réponse 19 / 88
clemgym Messages postés 208 Statut Membre 27
 
Bonsoir,

Désolé de te décevoir mais j'ai encore reçus des pubs =(

Voila !

Au revoir
0
Réponse 20 / 88
Utilisateur anonyme
 
Télécharge LopSD.exe sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Clique sur le raccourci LopSD présent sur le Bureau pour lancer LopSD.

Choisis la langue F pour Français puis valide par Entrée.

Choisis l'option Recherche en saisissant 1 puis valide par Entrée
.
* Patiente jusqu'à la fin du scan
* Poste le rapport généré qui se trouve ici => (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

a+
0

Discussions similaires

Mes smiley de s'affiches pas
Macha -
Framboise -

6 réponses
Galaxy : points d'interrogations à la place des smiley
titidu33 -
Maycolmon -

7 réponses
Problème d'affichage des Smiley
Claclakpop -
bugs buny -

5 réponses
Sous titres activé mais ne s'affichent pas
Galerienne34 -
Andy31200 -

5 réponses
apparation intempestives de pub type site de rencontre et photo dans le même ton
Crokino -
Crokino -

6 réponses