Pubs qui s'affichent trop souvent !

clemgym Messages postés 208 Statut Membre -  
 archet9 -
Bonjour,

Alors voila, j'ai un souci, depuis quelque temps, alors que je suis sur Internet ou dans un jeu, des pubs s'affichent, du genre Poker, Rencontres etc....
J'aimerais savoir comment je pourrais les enlever ?

Merci pour les prochaines réponses.
Configuration: Windows Vista
Safari 532.0

88 réponses

  • 1
  • 2
  • 3
  • 4
  • 5
Résumé de la discussion

Des publicités intempestives apparaissent lors de la navigation ou du jeu, notamment des promos Poker ou Rencontres, et ce phénomène est généralement lié à un adware ou à des extensions indésirables. Plusieurs solutions consistent à utiliser des outils de nettoyage tels qu Ad-Remover et Malwarebytes’ Anti-Malware pour analyser le système, supprimer les éléments nuisibles et neutraliser les barres d’outils. D'autres utilitaires comme LopSD permettent un balayage complémentaire et la génération d'un rapport, puis la suppression des entrées suspectes dans les dossiers de démarrage et les paramètres du navigateur. Après nettoyage, il peut être utile de vérifier les pages de démarrage du navigateur et les extensions installées, puis d'analyser les alertes du pare-feu et de l'antivirus.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. archet9
     
    Bonjour,

    Pour voir cela:

    Télécharge RSIT (de random/random) sur le bureau :

    - Double clique sur RSIT.exe qui est sur le bureau
    - Clique sur "Continue" dans la fenêtre
    - RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
    - Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l’analyse .

    Les rapports sont dans le dossier ici C:\rsit
    a+
    0
  2. clemgym Messages postés 208 Statut Membre 27
     
    Bonjour,
    Déjà merci beaucoup pour cette réponse rapide. =)

    Alors, voici ce qu'il m'affiche :
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by CleEmGym at 2010-01-17 13:25:34
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 155 GB (65%) free of 238 GB
    Total RAM: 3070 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:26:13, on 17/01/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18865)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Users\CleEmGym\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
    C:\Users\CleEmGym\AppData\Local\Temp\cisvc.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ATK Hotkey\HControlUser.exe
    C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Windows\System32\ASUSTPE.exe
    C:\Windows\ASScrPro.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\ServoApp.exe
    C:\Program Files\MFP Server\App\Common\MFPAgent.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Users\CleEmGym\Program Files\DNA\btdna.exe
    C:\bucks.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\CleEmGym\Desktop\RSIT.exe
    C:\Program Files\trend micro\CleEmGym.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
    F3 - REG:win.ini: load=C:\Users\CleEmGym\AppData\Local\Temp\cisvc.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
    O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\BigSeekPro Toolbar\tbcore3.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
    O3 - Toolbar: BigSeekPro Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\BigSeekPro Toolbar\tbcore3.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
    O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
    O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\CleEmGym\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\CleEmGym\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Win32dll] C:\bucks.exe
    O4 - HKCU\..\Run: [{ADF9B913-9AC8-9032-7400-095C6B2A74D2}] C:\Users\CleEmGym\AppData\Roaming\server.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
    O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
    0
  3. clemgym Messages postés 208 Statut Membre 27
     
    Désolé, j'ai oublié de mettre le fichier info.txt .
    Le voici :

    info.txt logfile of random's system information tool 1.06 2010-01-17 13:26:17

    ======Uninstall list======

    -->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA}
    2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
    Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
    Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
    Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Ask.com Search Assistant 1.0.1-->C:\Program Files\Ask Search Assistant\uninst.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ASUS CopyProtect-->MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}
    ASUS Data Security Manager-->C:\Program Files\InstallShield Installation Information\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ASUS FancyStart-->MsiExec.exe /I{DC905847-D537-427F-BF91-47CC7ACCDE58}
    ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
    ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
    ASUS MultiFrame-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\SETUP.EXE" -l0x9
    ASUS Power4Gear eXtreme-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
    ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
    ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
    ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
    ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
    Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
    Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
    ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
    ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    BigSeekPro Toolbar-->C:\Program Files\BigSeekPro Toolbar\UninstallToolbar.exe
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    BUFFALO TurboUSB pour FLASH/HDD-->C:\Windows\UN070618.EXE /U
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
    Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
    Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
    Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
    Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
    CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
    CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
    CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
    Day of Defeat: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/300
    Dealio Toolbar v4.0.1-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
    Dolby Control Center-->MsiExec.exe /I{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}
    eBay Icon-->C:\Users\CleEmGym\AppData\Roaming\Desktopicon\uninst.exe
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}\SETUP.EXE" -l0x40c UNINST
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    EPSON Stylus SX200_SX400_TX200_TX400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_SX_TX\FRA\USE_G\DOCUNINS.EXE
    EPSON Stylus SX400 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSEGE.EXE /R /APD /P:"EPSON Stylus SX400 Series"
    Express Gate-->MsiExec.exe /X{1E3A9C30-6399-4293-AEAD-3C6A4D6F927C}
    Fast AMR M4A AC3 WAV MP3 WMA Audio Converter 2.5-->"C:\Program Files\AVN Products\Fast Audio Converter\unins000.exe"
    Fraps (remove only)-->"C:\Fraps\uninstall.exe"
    Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
    GIMP 2.6.8-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Guitar Pro 5.0-->"C:\Program Files\Guitar Pro 5\unins000.exe"
    Half-Life 2: Deathmatch-->"C:\Program Files\Steam\steam.exe" steam://uninstall/320
    Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
    Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014F0}
    Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
    JMCAssemblageGsm Ver 1.0.0.9-->"C:\Program Files\JMCAssemblageGsm\unins000.exe"
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    LAME v3.98.2 for Audacity-->"C:\Program Files\Lame for Audacity\unins000.exe"
    LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {0A75DA12-55CB-4DE5-8B6A-74D97847204E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
    Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
    Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}
    Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}
    Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
    Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {C76C02F1-B07F-4974-876A-A18DEC9887C8}
    Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
    Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
    Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Word 2007 Help - Aggiornamento (KB963665)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}
    Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
    Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Microsoft XNA Framework Redistributable 2.0-->MsiExec.exe /I{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Multimedia Card Reader-->C:\Program Files\InstallShield Installation Information\{DA41F9E9-B878-467F-95E7-27E4D1943533}\SETUP.EXE -runfromtemp -l0x0409
    Nokia Connectivity Cable Driver-->MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7}
    Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA}
    OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
    OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_48f6f624\pccs_bluetooth.inf
    Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
    PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
    QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
    RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
    SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
    Samsung Mobile Modem Device Software-->C:\Windows\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
    SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
    SAMSUNG SYMBIAN USB Download Driver-->C:\Program Files\SAMSUNG\SYMBIAN USB Download Driver\Uninstall.exe
    SAMSUNG USB Mobile Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
    SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
    Search Settings 1.2.2-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
    Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    SoftwareUpdate 1.0-->"C:\Users\CleEmGym\AppData\Roaming\eoRezo\SoftwareUpdate\unins000.exe"
    Source Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/205
    Source SDK Base-->"C:\Program Files\Steam\steam.exe" steam://uninstall/215
    Source SDK-->"C:\Program Files\Steam\steam.exe" steam://uninstall/211
    Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    StealthClan NameConverter-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Project10\ST6UNST.LOG"
    Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    TubeMaster++ 1.5-->"C:\Program Files\TubeMaster++\unins000.exe"
    TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
    Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
    Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
    Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
    Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
    Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
    Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
    Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
    Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
    Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
    Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
    Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931}
    Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931}
    Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
    Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
    Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
    Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
    Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
    Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
    USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
    VDownloader 1.12-->"C:\Program Files\VDOWNLOADER\unins000.exe"
    VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
    WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    Zero Gear-->"C:\Program Files\Steam\steam.exe" steam://uninstall/18820

    ======Security center information======

    AV: avast! antivirus 4.8.1169 [VPS 090821-0]
    AS: Windows Defender
    AS: avast! antivirus 4.8.1169 [VPS 090821-0]

    ======System event log======

    Computer Name: PC-de-CleEmGym
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
    Record Number: 62509
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091016065302.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-CleEmGym
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
    Record Number: 62506
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091016065302.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-CleEmGym
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
    Record Number: 62503
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091016065302.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-CleEmGym
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
    Record Number: 62487
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091016065302.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-CleEmGym
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB974455(Security Update) à l’état Installation demandée(Install Requested)
    Record Number: 62485
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091016065302.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: PC-de-CleEmGym
    Event Code: 3086
    Message: Les paramètres régionaux du système ont changé. Les données existantes vont être supprimées et l'index doit être recréé.

    Contexte : Application , Catalogue SystemIndex

    Record Number: 526
    Source Name: Microsoft-Windows-Search
    Time Written: 20090822145602.000000-000
    Event Type: Avertissement
    User:

    Computer Name: PC-de-CleEmGym
    Event Code: 63
    Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur.
    Record Number: 515
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090822145246.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-CleEmGym
    Event Code: 63
    Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur.
    Record Number: 514
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090822145246.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-CleEmGym
    Event Code: 10
    Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
    Record Number: 501
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090823054933.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-CleEmGym
    Event Code: 1008
    Message: Le service Windows Search tente de supprimer l’ancien catalogue.

    Record Number: 497
    Source Name: Microsoft-Windows-Search
    Time Written: 20090823054931.000000-000
    Event Type: Avertissement
    User:

    =====Security event log=====

    Computer Name: PC-de-CleEmGym
    Event Code: 4647
    Message: Fermeture de session initiée par l’utilisateur :

    Sujet :
    ID de sécurité : S-1-5-21-4251025576-1577586405-655904607-1000
    Nom du compte : CleEmGym
    Domaine du compte : PC-de-CleEmGym
    ID d’ouverture de session : 0x59c82

    Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session.
    Record Number: 14205
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091016065345.985528-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-CleEmGym
    Event Code: 4907
    Message: Les paramètres d’audit sur l’objet ont changé.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PC-DE-CLEEMGYM$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Objet :
    Serveur de l’objet : Security
    Type d’objet : File
    Nom de l’objet : C:\Windows\System32\ieencode.dll
    ID du handle : 0xaa0

    Informations sur le processus :
    ID du processus : 0x54c
    Nom du processus : C:\Windows\servicing\TrustedInstaller.exe

    Paramètres d’audit :
    Descripteur de sécurité d’origine :
    Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
    Record Number: 14204
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091016065259.897528-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-CleEmGym
    Event Code: 4907
    Message: Les paramètres d’audit sur l’objet ont changé.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PC-DE-CLEEMGYM$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Objet :
    Serveur de l’objet : Security
    Type d’objet : File
    Nom de l’objet : C:\Windows\System32\ieapfltr.dll
    ID du handle : 0x4608

    Informations sur le processus :
    ID du processus : 0x54c
    Nom du processus : C:\Windows\servicing\TrustedInstaller.exe

    Paramètres d’audit :
    Descripteur de sécurité d’origine :
    Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
    Record Number: 14203
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091016065259.851528-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-CleEmGym
    Event Code: 4905
    Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PC-DE-CLEEMGYM$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Processus :
    ID du processus : 0x158c
    Nom du processus : C:\Windows\System32\VSSVC.exe

    Source de l’événement :
    Nom de la source : VSSAudit
    ID de la source de l’événement : 0x29ec48
    Record Number: 14202
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091016065256.703528-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-CleEmGym
    Event Code: 4904
    Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PC-DE-CLEEMGYM$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Processus :
    ID du processus : 0x158c
    Nom du processus : C:\Windows\System32\VSSVC.exe

    Source de l’événement :
    Nom de la source : VSSAudit
    ID de la source de l’événement : 0x29ec48
    Record Number: 14201
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091016065256.703528-000
    Event Type: Succès de l'audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Adobe\AGL
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=1706
    "NUMBER_OF_PROCESSORS"=2
    "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
    "DFSTRACINGON"=FALSE
    "configsetroot"=%SystemRoot%\ConfigSetRoot
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    0
  4. archet9
     
    Ok...

    Plusieurs infections....--> il faudra passer plusieurs outils !

    Impératif sous vista:

    desactives tes comptes d'utilisateur:
    https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

    Télécharges AD-REMOVER
    ou
    AD-REMOVER

    (de Cyrildu17 / C_XX) sur ton Bureau.

    Déconnectes-toi et ferme toutes applications en cours
    Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
    Clic-droitl sur l'icône [AD-Remover située sur ton Bureau,et choisis :"Exécuter en tant qu'administrateur"
    Au menu principal, choisis l'option L.
    Postes le rapport qui apparaît à la fin.

    (Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

    a+

    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. clemgym Messages postés 208 Statut Membre 27
     
    Bonjour,
    Encore merci pour ce que vous faites =) !

    Voici le rapport :

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_H | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 16.01.2010 à 22:13
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 14:25:26, 17/01/2010 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6002
    Nom du PC: PC-DE-CLEEMGYM | Utilisateur actuel: CleEmGym
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    Service: ASKUpgrade

    C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\Users\CleEmGym\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Ask Search Assistant
    C:\Program Files\Ask Search Assistant
    C:\Program Files\AskBarDis
    C:\Program Files\BigSeekPro Toolbar
    C:\Program Files\Dealio Toolbar
    C:\Program Files\Search Settings
    C:\Users\CleEmGym\AppData\Roaming\Desktopicon
    C:\Users\CleEmGym\AppData\Roaming\EoRezo
    C:\Users\CleEmGym\AppData\LocalLow\Dealio
    C:\Users\CleEmGym\AppData\LocalLow\Search Settings
    C:\Users\CleEmGym\AppData\Roaming\MICROS~1\Windows\STARTM~1\Ebay.lnk
    C:\Windows\Installer\27ef72.msi
    C:\Windows\Installer\27ef79.msi

    (!) -- Fichiers temporaires supprimés.

    .
    HKCU\software\appdatalow\AskBarDis
    HKCU\software\appdatalow\software\Dealio
    HKCU\software\EoRezo
    HKCU\software\fcn
    HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
    HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    HKLM\software\appdatalow\AskBarDis
    HKLM\Software\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
    HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    HKLM\software\classes\ComObject.DeskbarEnabler
    HKLM\software\classes\ComObject.DeskbarEnabler.1
    HKLM\software\classes\installer\Features\A3BB3C491A65ED342A24B8144FE679FE
    HKLM\software\classes\installer\Products\79CAA1B036589D14EA74856E2A220F1E
    HKLM\software\classes\installer\Products\A3BB3C491A65ED342A24B8144FE679FE
    HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
    HKLM\software\classes\SearchSettings.BHO
    HKLM\software\classes\SearchSettings.BHO.1
    HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
    HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    HKLM\software\classes\URLSearchHook.ToolbarURLSearchHook
    HKLM\software\classes\URLSearchHook.ToolbarURLSearchHook.1
    HKLM\software\Dealio
    HKLM\software\EoRezo
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0292226F570267D459357AF78015E534
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\03285961954D5824C85975D955031EE8
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\23A03A6765D10864EB278629A2DF32C3
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\3A4FCCE032CA50340A6975C92410AE30
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AC3985F4D64C2245A96D31569D1BF40
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6E00D9B24354FBA44AE2CA0FA86EF2E2
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7C13F41728A69EF41AA1A3372FB86FA6
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\855847FA0E25FBA46B8516389DFDD4B3
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\8ED411B7A244E0E4C82C46284CA65B81
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\94E65EF7E080DDA4AA2F1DEDCE74AC5B
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9DC2844D0E3E8924C8973C3B3BAE1F58
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\AFEB575AA30ACB243B748619F62F0782
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B92A2929968AED344BD6B34AD60E6604
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\C7D9132F42224AC49BD8C06A0F8E39C4
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F461B8DD96FF5AA41A52D14E1D7B69C7
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\79CAA1B036589D14EA74856E2A220F1E
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A3BB3C491A65ED342A24B8144FE679FE
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
    HKLM\software\microsoft\windows\currentversion\uninstall\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
    HKLM\software\microsoft\windows\currentversion\uninstall\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
    HKLM\software\microsoft\windows\currentversion\uninstall\Ask.com Search Assistant
    HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
    HKLM\software\Search Settings
    .
    ============== Scan additionnel ==============
    .
    .
    * Internet Explorer Version 8.0.6001.18865 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Local Page: C:\Windows\system32\blank.htm
    Show_ToolBar: yes
    Enable Browser Extensions: yes
    Start Page: hxxp://fr.msn.com/
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ============== Suspect (Cracks, Serials, ...) ==============
    .
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\[PC ISO] Splinter Cell Pandora Tomorrow (All CDs + crackfix).rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\[PC] NBA 2K10-CRACK ONLY-[ESPACONSOLAS.com].rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Atomix.Virtual.DJ.Pro.v6.0.4.Cracked.HAPPY.9TH.BIRTHDAY-EAT.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Beijing.2008.CRACK.ONLY.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Burnout Paradise PC Keygen and Crack.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial.rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call of Duty - Modern Warfare 2 - Spec-Ops - LAN CRACK - nVidia840.rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call.of.Duty.5.World.at.War.Incl.Map.Packs.Patches.and.Cracks.[mattlb0619][h33t].torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call.Of.Duty.Modern.Warfare.2.multiplayer.crack.rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call.of.Duty.Modern.Warfare.2.Razor.Release.NO.STEAM.PATCH-ReUnion.1.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Call.of.Duty.Modern.Warfare.2.Razor.Release.NO.STEAM.PATCH-ReUnion.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Crack.rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Daemon Tools Pro 4100218 + working crack-vibept.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\eJay.dj.Mix.Station.2.-.full.multilingual.version.+.Crack.-.by.pollopocket.ace.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Fraps - Version crack‚e - Cracked version By Narcys.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Fraps 2.9.4 Build 7037 + Crack.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Fraps 2.9.4 Build 7037 Crack.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Fraps v2.9.4 Full Retail +[Keygen].rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Games - Cracks & Keygen.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Guitar Pro 5.2 + Keygen + RSE_By TheBobtheBob_www.torrent411.com.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Magic.Movie.Edit.Pro.14 v7.5.2.14 + patch.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\MixVibes Pro v.5.02 + Crack.zip.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\PURE_Keygen.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SPORE (2008) Key Generator + Crack Easy.rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SPORE.Creature.Creator-ViTALiTY [Keygen & Crack Only] - only for keygen.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SPORE.Creature.Creator-ViTALiTY [Keygen & Crack Only].torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SporeCrack.1.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SporeCrack.2.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SporeCrack.3.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\SporeCrack.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\The Matrix Path of Neo cracked.zip.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\The_Sims_3_Crackfix_Read_Nfo-Razor1911.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\Tom Clancys H A W X Keygen Serial FIXED RELOADED HAWX.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRar v3.71+Crack.1.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRar v3.71+Crack.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [Fullfreedownloads.info].rar.1.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [Fullfreedownloads.info].rar.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [h33t] - CaZoR.1.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [h33t] - CaZoR.2.torrent
    C:\Users\CleEmGym\AppData\Roaming\BitTorrent\WinRAR v3.90 Final + Crack (CLEAN) [h33t] - CaZoR.torrent
    .
    ===================================
    .
    12351 Octet(s) - C:\Ad-Report-CLEAN[1].log
    .
    73 Fichier(s) - C:\Users\CleEmGym\AppData\Local\Temp
    38 Fichier(s) - C:\Windows\Temp
    0 Fichier(s) - C:\Windows\Prefetch
    .
    19 Fichier(s) - C:\Ad-Remover\BACKUP
    96 Fichier(s) - C:\Ad-Remover\QUARANTINE
    .
    Fin à: 14:31:34 | 17/01/2010 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    0
  7. archet9
     
    Re....

    Pour ceci:
    Encore merci pour ce que vous faites =) ! 

    ==> Merci ça fait plaisir.......

    Je pense déjà que ton problème de pubs intempestives est derrière toi !

    ---------------------

    • Télécharge USBFIX
    http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe­

    (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir

    • Double clic sur le raccourci UsbFix présent sur ton bureau .

    • Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    • Au second menu Choisis l'option " 2 " (suppression) et tape sur [entrée]

    • Laisse travailler l'outil.

    • Ensuite post le rapport UsbFix.txt qui apparaitra.

    • Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    • Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.


    a+
    0
  8. clemgym Messages postés 208 Statut Membre 27
     
    Bonjour,

    Voici le résultat :

    ############################## | UsbFix V6.074 |

    User : CleEmGym (Administrateurs) # PC-DE-CLEEMGYM
    Update on 15/01/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 15:30:58 | 17/01/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18865
    Windows Firewall Status : Enabled
    AV : avast! antivirus 4.8.1169 [VPS 090821-0] 4.8.1169 [ Enabled | Updated ]

    C:\ -> Disque fixe local # 232,88 Go (151,27 Go free) [VistaOS] # NTFS
    D:\ -> Disque fixe local # 221,16 Go (221,07 Go free) [DATA] # NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM
    G:\ -> Disque fixe local # 465,76 Go (324,54 Go free) [BUFFALO] # NTFS

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe 432
    C:\Windows\system32\csrss.exe 560
    C:\Windows\system32\wininit.exe 616
    C:\Windows\system32\csrss.exe 628
    C:\Windows\system32\services.exe 664
    C:\Windows\system32\lsass.exe 680
    C:\Windows\system32\lsm.exe 696
    C:\Windows\system32\svchost.exe 840
    C:\Windows\system32\winlogon.exe 860
    C:\Windows\system32\nvvsvc.exe 928
    C:\Windows\system32\svchost.exe 956
    C:\Windows\System32\svchost.exe 992
    C:\Windows\System32\svchost.exe 1112
    C:\Windows\System32\svchost.exe 1160
    C:\Windows\system32\svchost.exe 1172
    C:\Windows\system32\svchost.exe 1280
    C:\Windows\system32\SLsvc.exe 1304
    C:\Windows\system32\svchost.exe 1376
    C:\Windows\system32\rundll32.exe 1520
    C:\Program Files\ASUS\SmartLogon\smartlogon.exe 1532
    C:\Windows\system32\svchost.exe 1588
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe 1728
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1740
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1768
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe 1788
    C:\Program Files\Alwil Software\Avast4\ashServ.exe 1808
    C:\Windows\system32\WLANExt.exe 1820
    C:\Windows\system32\taskeng.exe 656
    C:\Windows\System32\spoolsv.exe 832
    C:\Windows\system32\svchost.exe 1188
    C:\Windows\system32\Dwm.exe 2068
    C:\Windows\system32\taskeng.exe 2092
    C:\Windows\Explorer.EXE 2136
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe 2200
    C:\Windows\system32\runonce.exe 2216
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe 2232
    C:\Windows\system32\conime.exe 2380
    C:\Program Files\ATK Hotkey\Hcontrol.exe 2656
    C:\Program Files\ATK Hotkey\MsgTranAgt.exe 2664
    C:\Program Files\Wireless Console 2\wcourier.exe 2672
    C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe 2680
    C:\Program Files\P4G\BatteryLife.exe 2688
    C:\Program Files\ASUS\Splendid\ACMON.exe 2696
    C:\Windows\System32\ACEngSvr.exe 2756
    C:\Program Files\ATK Hotkey\ATKOSD.exe 2976
    C:\Program Files\ATK Hotkey\KBFiltr.exe 3004
    C:\Program Files\ATK Hotkey\WDC.exe 3012
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 3048
    C:\Program Files\Bonjour\mDNSResponder.exe 3064
    C:\Windows\system32\FsUsbExService.Exe 3100
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe 3264
    C:\Windows\system32\PnkBstrA.exe 3320
    C:\Windows\system32\rpcnet.exe 3376
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3476
    C:\Windows\system32\svchost.exe 3508
    C:\Windows\System32\TUProgSt.exe 3544
    C:\Windows\System32\svchost.exe 3576
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 3728
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3760
    C:\Windows\servicing\TrustedInstaller.exe 3796
    C:\Windows\system32\wbem\wmiprvse.exe 4024
    C:\Windows\system32\PresentationSettings.exe 2804

    ################## | Elements infectieux |

    Supprimé ! C:\Users\CleEmGym\AppData\Roaming\addon.dat
    Supprimé ! C:\$Recycle.Bin\S-1-5-18
    Supprimé ! C:\$Recycle.Bin\S-1-5-20
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-1000
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-501
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-1000
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-500
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-501
    G:\autorun.inf -> fichier appelé : "G:\ MobileLaunch.exe" ( Absent ! )
    Supprimé ! G:\autorun.inf
    Supprimé ! G:\$Recycle.Bin\S-1-5-20
    Supprimé ! G:\$Recycle.Bin\S-1-5-21-1765232804-4017979392-2551784716-1000
    Supprimé ! G:\$Recycle.Bin\S-1-5-21-2582927616-315698800-1973798182-1000
    Supprimé ! G:\$Recycle.Bin\S-1-5-21-3723252284-1309184517-3248953833-1000
    Supprimé ! G:\$Recycle.Bin\S-1-5-21-4251025576-1577586405-655904607-1000

    ################## | Registre |

    Supprimé ! [HKCU\SOFTWARE\Bifrost]
    Supprimé ! [HKLM\SOFTWARE\Bifrost]

    ################## | Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{aad66640-8f3d-11de-a45c-0026182b050b}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{e6e84b51-b64f-11de-a75e-806e6f6e6963}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [18/12/2009 11:08|--a------|97] C:\662.vmt
    [11/10/2009 14:04|--a------|126] C:\a52514afa3df35fdc9ebf6f20dbd5037.vmt
    [17/01/2010 14:31|--a------|12695] C:\Ad-Report-CLEAN[1].log
    [12/03/2009 03:11|--a------|23] C:\app3.LOG
    [18/09/2006 22:43|--a------|24] C:\autoexec.bat
    [11/04/2009 07:36|-rahs----|333257] C:\bootmgr
    [16/04/2008 12:27|-ra-s----|8192] C:\BOOTSECT.BAK
    [17/11/2009 18:07|---------|18944] C:\bucks.exe
    [04/04/2007 20:01|--a------|19] C:\CA21.txt
    [18/09/2006 22:43|--a------|10] C:\config.sys
    [05/06/2009 03:48|--a------|13681] C:\devlist.txt
    [16/02/2009 03:31|--a------|25] C:\Driver.10
    [05/02/2009 01:54|-rah-----|1048576] C:\F50SVAS.BIN
    [05/06/2009 03:44|--a------|9] C:\Finish.log
    [?|?|?] C:\hiberfil.sys
    [05/06/2009 02:29|--a------|481] C:\igoogle_log.txt
    [05/06/2009 02:58|--a------|21430272] C:\inject.log
    [05/06/2009 02:58|--a------|19018070] C:\inject.log.txt
    [15/10/2009 10:10|-rahs----|0] C:\IO.SYS
    [15/10/2009 10:10|-rahs----|0] C:\MSDOS.SYS
    [08/08/2008 08:22|--a------|30] C:\NERO.LOG
    [07/01/2009 10:16|--a------|30] C:\NIS2009.TXT
    [04/09/2008 01:11|--a------|54600] C:\npbittorrent.dll
    [16/03/2007 00:18|--a------|25] C:\OFFICE2007_A.TXT
    [?|?|?] C:\pagefile.sys
    [04/06/2009 15:00|--a------|146] C:\Pass.txt
    [22/04/2009 10:11|--a------|3343] C:\Patch.LOG
    [15/01/2009 09:13|--a------|17] C:\READER_A.TXT
    [26/12/2008 06:57|--a------|22] C:\RECOVERY.DAT
    [05/06/2009 03:04|--a------|560] C:\RHDSetup.log
    [16/05/2006 01:22|--a------|5] C:\store.log
    [05/06/2009 02:06|--a------|166] C:\SumHidd.txt
    [05/06/2009 02:05|--a------|98] C:\SumOS.txt
    [17/01/2010 15:35|--a------|6677] C:\UsbFix.txt
    [12/02/2009 19:24|--a------|25] C:\V554.txt
    [09/02/2009 06:30|--a------|41] C:\WindowsLive_A.TXT
    [07/11/2007 08:00|--a------|17734] D:\eula.1028.txt
    [07/11/2007 08:00|--a------|17734] D:\eula.1031.txt
    [07/11/2007 08:00|--a------|10134] D:\eula.1033.txt
    [07/11/2007 08:00|--a------|17734] D:\eula.1036.txt
    [07/11/2007 08:00|--a------|17734] D:\eula.1040.txt
    [07/11/2007 08:00|--a------|118] D:\eula.1041.txt
    [07/11/2007 08:00|--a------|17734] D:\eula.1042.txt
    [07/11/2007 08:00|--a------|17734] D:\eula.2052.txt
    [07/11/2007 08:00|--a------|17734] D:\eula.3082.txt
    [07/11/2007 08:00|--a------|1110] D:\globdata.ini
    [07/11/2007 08:03|--a------|562688] D:\install.exe
    [07/11/2007 08:00|--a------|843] D:\install.ini
    [07/11/2007 08:03|--a------|76304] D:\install.res.1028.dll
    [07/11/2007 08:03|--a------|96272] D:\install.res.1031.dll
    [07/11/2007 08:03|--a------|91152] D:\install.res.1033.dll
    [07/11/2007 08:03|--a------|97296] D:\install.res.1036.dll
    [07/11/2007 08:03|--a------|95248] D:\install.res.1040.dll
    [07/11/2007 08:03|--a------|81424] D:\install.res.1041.dll
    [07/11/2007 08:03|--a------|79888] D:\install.res.1042.dll
    [07/11/2007 08:03|--a------|75792] D:\install.res.2052.dll
    [07/11/2007 08:03|--a------|96272] D:\install.res.3082.dll
    [16/10/2009 12:24|--a------|16995] D:\setup.log
    [07/11/2007 08:00|--a------|5686] D:\vcredist.bmp
    [07/11/2007 08:09|--a------|1442522] D:\VC_RED.cab
    [07/11/2007 08:12|--a------|232960] D:\VC_RED.MSI
    [10/11/2008 17:58|--a------|218416] G:\MobileLaunch.exe
    [10/10/2009 17:21|--a------|92] G:\MobileLaunch.ini
    [17/11/2009 20:55|--a------|28160] G:\Pseudo css.doc

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # D:\autorun.inf -> Dossier créé par UsbFix.
    # G:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Crack > Keygen > Serial |

    "G:\Crack\Fraps_3.0.1.exe"
    13/11/2009 15:19 |Size 2551040 |Crc32 893156c9 |Md5 7c2bbe16f1c077ec8fc26c8d4da7eaff

    "G:\Crack\Game.CD.Key.Telechargementaz.tk.exe"
    20/10/2009 10:25 |Size 1187840 |Crc32 a58967e1 |Md5 feaf72cc5c668cd121e91a5c991aacae

    "G:\Crack\Burnout Paradise The Ultimate Box\KEYGEN.exe"
    03/02/2009 19:03 |Size 8192 |Crc32 10355f99 |Md5 3ea967d5a1535f3aa821944473a20bb7

    "G:\Crack\SporeCrack\rld-spor.exe"
    15/10/2009 18:15 |Size 8192 |Crc32 eb2d0aa8 |Md5 302eef532707c32b2d6dccf06006a5fd

    "G:\Crack\SporeCrack\SporeApp.exe"
    15/10/2009 18:15 |Size 40633800 |Crc32 33986432 |Md5 f26ed9d6063f176c6f8b944eb0b7d0eb

    "G:\Crack\WinRar v3.71+Crack\Crack.exe"
    14/10/2009 18:22 |Size 23919 |Crc32 f68d6cf5 |Md5 06a36fb7b0451cbc89a0d15358ddf8e2

    "G:\Installer\Atomix Virtual Dj 5.0 + Keygen + Effects + Skins + Samplers.zip"
    -> Contain : virtualdj 5.0 + Keygen\install_virtualdj_v5.0.exe

    "G:\Crack\Call.Of.Duty.Modern.Warfare.2.MULTIPLAYER.CRACK.WORKS.rar"
    -> contain : Call.Of.Duty.Modern.Warfare.2.MULTIPLAYER.CRACK.WORKS\iw4mp.exe

    "G:\Crack\ppt-moha.rar"
    -> contain : MOHA.exe

    "G:\Crack\yanliz-kurt-B.Paradise.CRACK-PATCH-KEYGEN_.rar"
    -> contain : Burnout Paradise The Ultimate Box\BurnoutParadise Patch.exe

    "G:\Crack\yanliz-kurt-B.Paradise.CRACK-PATCH-KEYGEN_.rar"
    -> contain : Burnout Paradise The Ultimate Box\BurnoutParadise.exe

    "G:\Crack\yanliz-kurt-B.Paradise.CRACK-PATCH-KEYGEN_.rar"
    -> contain : Burnout Paradise The Ultimate Box\KEYGEN.exe

    "G:\Crack\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial.rar"
    -> contain : 01 MW2 MP CRACK\iw4mp.exe

    "G:\Crack\Pure.iso\Crack For Pure.rar"
    -> contain : Pure.exe

    "G:\Crack\Tom Clancys H A W X Keygen Serial FIXED RELOADED HAWX\TCHAWXFixed.rar"
    -> contain : *TCHawx.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe DNG Converter\Adobe DNG Converter.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe Reader 7.0\AdbeRdr70_fra_full.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\instmsia.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\instmsiw.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\setup.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Goodies\Infos fichier personnel\Infos fichier d'exemple\CustomPanel_allWidgets.txt

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Goodies\Infos fichier personnel\Infos fichier d'exemple\Description.txt

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Goodies\Infos fichier personnel\Infos fichier d'exemple

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Goodies\Modules externes facultatifs\Seiko Epson\PIM II Installer.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Setup.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Adobe Photoshop CS2 (9.0) Fr\Setup.exe.manifest

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe

    "G:\Installer\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com.rar"
    -> contain : Crack et Keygen\Keygen Photoshop CS2 Fr.exe

    "G:\Installer\Atomix Virtual DJ 5.7 (2008) +crack +38 skins +109 effects +123 samples.rar"
    -> contain : Atomix Virtual DJ 5.7+ crack+ 38 skins+ 109 effects +123 samples\Atomix Virtual DJ 5.7 + crack + 38 skins + 109 effects + 123 samples\virtualdj.exe

    "G:\Installer\Atomix.Virtual.DJ.Professional.V5.0.R6.Multilangages.Incl-Serial.[emule-island.com].rar"
    -> contain : install_virtualdj_v5.0.rev6.exe

    "G:\Installer\Xilisoft Video Converter v3.1.7.0630B Multilangages Incl Keygen.rar"
    -> contain : x-video-converter.exe

    "G:\Installer\Xilisoft Video Converter v3.1.7.0630B Multilangages Incl Keygen.rar"
    -> contain : Keygen\KeyGen.exe

    ################## | Upload |

    Veuillez envoyer le fichier : C:\Users\CleEmGym\Desktop\UsbFix_Upload_Me_PC-de-CleEmGym.zip : https://www.ionos.fr/?affiliate_id=77097
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.074 ! |
    0
  9. archet9
     
    Pour améliorer l'outil que tu viens d'utiliser, merci de faire ceci:

    Veuillez envoyer le fichier : C:\Users\CleEmGym\Desktop\UsbFix_Upload_Me_PC-de-CleEmGym.zip : https://www.ionos.fr/?affiliate_id=77097
    Merci pour votre contribution .

    *******************
    Ceci maintenant :

    Fais un scan avec cet antispyware :
    Malwarebytes + tutoriel

    Tu l´installes; mets le a jour...(onglet mise a jour)
    Click maintenant sur l´onglet recherche et coche la case :
    "Executer un examen rapide".
    Puis click sur "rechercher".
    Laisses le scanner le pc...
    A la fin du scan, clique sur Afficher les résultats
    Si des elements on ete trouvés :
    > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "oui".
    A la fin un rapport va s´ouvrir;
    sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
    Copies et colles le rapport stp.

    *********************

    A la suite de cela, afin de faire le point:

    ==> Relances RSIT : tu n'auras qu'un rapport cette fois, c'est normal !

    a+

    0
  10. clemgym Messages postés 208 Statut Membre 27
     
    Re-bonjour,

    Voici le rapport :

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3583
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18865

    17/01/2010 16:52:31
    mbam-log-2010-01-17 (16-52-31).txt

    Type de recherche: Examen rapide
    Eléments examinés: 109104
    Temps écoulé: 5 minute(s), 0 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 4
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 10

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmdxpeixig (Rootkit.TDSS) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmxtsbmpre (Rootkit.TDSS) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{adf9b913-9ac8-9032-7400-095c6b2a74d2} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\logman (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstinit (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Program Files\winlogon\server.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
    C:\Users\CleEmGym\AppData\Roaming\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Users\CleEmGym\AppData\Roaming\Microsoft\mstinit.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\CleEmGym\AppData\Roaming\server.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\drivers\kbiwkmbyifsmvo.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.
    C:\Windows\System32\drivers\kbiwkmypswcyyn.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.
    C:\Windows\System32\kbiwkmcjitecly.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
    C:\Windows\System32\kbiwkmocplbbxq.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
    C:\Windows\System32\kbiwkmqenqaowl.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
    C:\Users\CleEmGym\Local Settings\Application Data\logman.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    0
  11. clemgym Messages postés 208 Statut Membre 27
     
    Alors, j'ai relance RSIT, et voila le rapport :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by CleEmGym at 2010-01-17 16:57:46
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 155 GB (65%) free of 238 GB
    Total RAM: 3070 MB (66% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:58:28, on 17/01/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18865)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
    C:\Users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\dllhst3g.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ATK Hotkey\HControlUser.exe
    C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Windows\System32\ASUSTPE.exe
    C:\Windows\ASScrPro.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\ServoApp.exe
    C:\Program Files\MFP Server\App\Common\MFPAgent.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\DNA\btdna.exe
    C:\bucks.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\CleEmGym\Desktop\RSIT.exe
    C:\Program Files\trend micro\CleEmGym.exe
    C:\Program Files\Steam\Steam.exe
    C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\dllhst3g.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
    O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
    O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Win32dll] C:\bucks.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKLM\..\Policies\Explorer\Run: [Cisvc] C:\Users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe /waitservice
    O4 - HKCU\..\Policies\Explorer\Run: [MstInit] C:\Windows\System32\drivers\mstinit.exe /waitservice
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [MstInit] C:\Users\CleEmGym\AppData\Roaming\MICROS~1\mstinit.exe /waitservice (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [MstInit] C:\Users\CleEmGym\AppData\Roaming\MICROS~1\mstinit.exe /waitservice (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
    O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
    0
  12. archet9
     
    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe
    Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
    Accepte en cliquant sur "Oui"

    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt

    a+
    0
  13. Sofiane_150 Messages postés 194 Statut Membre 35
     
    bonjour a tous moi c'est des sites de jeux qui s'affiche a chaque fois comment supprimer leurs apparétions sur la page , je suis aller sur (outils - options internet-sit a bloquer mais toujour pas d'exécution comment faire pour bloquer les sites de pub et autres , vous remercie bien.
    0
  14. clemgym Messages postés 208 Statut Membre 27
     
    Archet9

    Voici le rapport :

    ComboFix 10-01-16.04 - CleEmGym 17/01/2010 17:45:01.1.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3070.1777 [GMT 1:00]
    Lancé depuis: c:\users\CleEmGym\Desktop\ComboFix.exe
    AV: avast! antivirus 4.8.1169 [VPS 090821-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: avast! antivirus 4.8.1169 [VPS 090821-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\CleEmGym\AppData\Local\Microsoft\dllhst3g.exe
    c:\users\CleEmGym\AppData\Local\mstinit.exe
    c:\users\CleEmGym\AppData\Roaming\Microsoft\mstinit.exe
    c:\windows\system32\drivers\mstinit.exe
    D:\install.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-17 au 2010-01-17 ))))))))))))))))))))))))))))))))))))
    .

    2010-01-17 16:57 . 2009-11-13 09:44 95232 ----a-w- c:\windows\system32\drivers\logman.exe
    2010-01-17 16:57 . 2009-11-13 09:44 95232 ----a-w- c:\windows\cmstp.exe
    2010-01-17 15:46 . 2010-01-17 15:46 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Malwarebytes
    2010-01-17 15:45 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-01-17 15:45 . 2010-01-17 15:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-01-17 15:45 . 2010-01-17 15:45 -------- d-----w- c:\programdata\Malwarebytes
    2010-01-17 15:45 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-01-17 14:27 . 2010-01-17 14:39 -------- d-----w- C:\UsbFix
    2010-01-17 13:23 . 2010-01-17 13:31 -------- d-----w- C:\Ad-Remover
    2010-01-17 12:59 . 2010-01-17 12:59 -------- d--h--w- c:\program files\winlogon
    2010-01-17 12:25 . 2010-01-17 15:57 -------- d-----w- c:\program files\trend micro
    2010-01-17 12:25 . 2010-01-17 12:26 -------- d-----w- C:\rsit
    2010-01-13 07:09 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
    2010-01-13 07:09 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
    2010-01-12 14:15 . 2010-01-12 14:15 -------- d-----w- C:\Games
    2010-01-11 08:39 . 2008-05-30 13:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
    2010-01-11 08:39 . 2008-05-30 13:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
    2010-01-11 08:39 . 2008-05-30 13:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
    2010-01-11 08:39 . 2008-05-30 13:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
    2010-01-11 08:39 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
    2010-01-11 08:39 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
    2010-01-11 08:39 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
    2010-01-11 08:39 . 2008-03-05 15:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
    2010-01-11 08:39 . 2008-03-05 15:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
    2010-01-11 08:39 . 2008-03-05 15:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
    2010-01-11 08:39 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
    2010-01-11 08:39 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
    2010-01-11 08:39 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
    2010-01-07 13:14 . 2010-01-07 13:14 -------- d-----w- c:\program files\Project10
    2010-01-07 12:12 . 2010-01-07 13:14 286720 ------w- c:\windows\Setup1.exe
    2010-01-07 12:11 . 2010-01-07 13:14 73216 ----a-w- c:\windows\ST6UNST.EXE
    2010-01-03 19:46 . 2010-01-03 19:46 -------- d-----w- c:\program files\Microsoft Visual Studio 8
    2010-01-03 15:13 . 2010-01-03 15:13 -------- d-----w- c:\users\CleEmGym\.thumbnails
    2010-01-03 10:25 . 2010-01-17 13:50 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\gtk-2.0
    2010-01-03 10:17 . 2010-01-17 13:52 -------- d-----w- c:\users\CleEmGym\.gimp-2.6
    2010-01-03 10:16 . 2010-01-03 10:16 -------- d-----w- c:\program files\GIMP-2.0
    2009-12-29 16:14 . 2009-12-29 16:15 -------- d-----w- c:\users\Invité
    2009-12-27 09:52 . 2009-12-27 09:52 -------- d-----w- c:\programdata\UDL
    2009-12-27 09:45 . 2008-05-06 16:39 382240 ------w- c:\windows\system32\UninstMFP.exe
    2009-12-27 09:45 . 2007-05-20 19:45 417792 ------w- c:\windows\system32\ServoApp.exe
    2009-12-27 09:45 . 2006-09-21 20:35 151552 ------w- c:\windows\system32\ddschk.dll
    2009-12-27 09:45 . 2007-05-06 20:44 34944 ----a-w- c:\windows\system32\drivers\mfpec.sys
    2009-12-27 09:45 . 2007-01-09 22:36 10880 ----a-w- c:\windows\system32\drivers\mfpcomp.sys
    2009-12-27 09:45 . 2006-10-20 01:57 10240 ----a-w- c:\windows\system32\drivers\mfpvbus.sys
    2009-12-27 09:45 . 2006-09-21 23:13 200704 ----a-w- c:\windows\system32\mfpcoins.dll
    2009-12-27 09:45 . 2009-12-27 09:45 -------- d-----w- c:\program files\MFP Server
    2009-12-27 09:43 . 2007-04-10 01:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
    2009-12-27 09:43 . 2007-12-07 02:08 86528 ----a-w- c:\windows\system32\E_FLBEGE.DLL
    2009-12-27 09:43 . 2007-12-07 02:01 78848 ----a-w- c:\windows\system32\E_FD4BEGE.DLL
    2009-12-27 09:43 . 2009-12-27 09:44 -------- d-----w- c:\programdata\EPSON
    2009-12-27 09:42 . 2007-07-12 23:00 71680 ----a-w- c:\windows\system32\escwiad.dll
    2009-12-27 09:42 . 2009-12-27 09:50 -------- d-----w- c:\program files\epson
    2009-12-25 10:09 . 2009-12-29 16:17 -------- d-----w- c:\program files\Common Files\Steam
    2009-12-25 09:56 . 2010-01-17 16:21 -------- d-----w- c:\program files\Steam
    2009-12-20 13:28 . 2009-12-20 13:28 -------- d-----w- c:\program files\Guitar Pro 5

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-01-17 16:57 . 2009-08-22 16:05 32156 ----a-w- c:\programdata\nvModes.dat
    2010-01-17 16:57 . 2009-09-14 08:26 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\DNA
    2010-01-17 16:57 . 2009-09-14 08:26 -------- d-----w- c:\program files\DNA
    2010-01-17 16:57 . 2009-06-05 01:00 17408 ----a-w- c:\windows\system32\rpcnetp.exe
    2010-01-17 16:57 . 2009-08-22 15:31 56680 ----a-w- c:\windows\system32\rpcnet.dll
    2010-01-17 16:57 . 2009-08-22 14:56 45056 ----a-w- c:\windows\system32\acovcnt.exe
    2010-01-17 14:36 . 2008-04-16 11:16 672322 ----a-w- c:\windows\system32\perfh00C.dat
    2010-01-17 14:36 . 2008-04-16 11:16 124434 ----a-w- c:\windows\system32\perfc00C.dat
    2010-01-16 19:35 . 2009-08-22 17:04 -------- d-----w- c:\programdata\Messenger Plus!
    2010-01-16 19:10 . 2009-08-22 16:36 -------- d-----w- c:\program files\Messenger Plus! Live
    2010-01-15 13:05 . 2009-09-14 08:26 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\BitTorrent
    2010-01-15 12:23 . 2009-08-23 20:12 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\vlc
    2010-01-15 10:36 . 2009-08-22 14:57 153608 ----a-w- c:\users\CleEmGym\AppData\Local\GDIPFONTCACHEV1.DAT
    2010-01-13 09:22 . 2010-01-11 08:40 -------- d-----w- c:\program files\OpenAL
    2010-01-13 07:28 . 2009-08-22 14:58 -------- d-----w- c:\program files\Common Files\Adobe
    2010-01-13 07:13 . 2009-06-05 01:11 -------- d-----w- c:\programdata\Microsoft Help
    2010-01-13 07:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
    2010-01-11 08:40 . 2010-01-11 08:40 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2010-01-11 08:40 . 2010-01-11 08:40 109144 ----a-w- c:\windows\system32\OpenAL32.dll
    2010-01-03 19:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
    2010-01-03 18:00 . 2009-08-22 15:01 -------- d-----w- c:\program files\Microsoft
    2009-12-27 09:50 . 2009-06-05 01:25 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-12-26 19:29 . 2009-06-05 01:29 -------- d-----w- c:\program files\Google
    2009-12-26 15:49 . 2009-08-26 11:25 680 ----a-w- c:\users\CleEmGym\AppData\Local\d3d9caps.dat
    2009-12-24 17:47 . 2009-12-24 17:47 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2009-12-18 10:41 . 2009-12-04 14:14 -------- d-----w- c:\program files\Ubisoft
    2009-12-18 09:19 . 2009-08-31 16:46 -------- d-----w- c:\program files\TubeMaster++
    2009-12-17 13:48 . 2009-12-17 13:48 -------- d-----w- c:\program files\GamersFirst
    2009-12-14 07:11 . 2009-12-14 07:11 -------- d-----w- c:\program files\Netscape
    2009-12-13 16:32 . 2009-12-13 16:32 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb31C1.tmp.exe
    2009-12-10 08:15 . 2009-11-30 19:25 8192 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
    2009-12-10 08:15 . 2009-11-30 19:25 61440 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
    2009-12-10 08:15 . 2009-11-30 19:25 10240 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
    2009-12-09 08:34 . 2009-08-23 10:26 -------- d-----w- c:\programdata\eMule
    2009-12-09 08:34 . 2009-12-09 08:34 -------- d-----w- c:\program files\eMule
    2009-12-07 20:12 . 2009-12-07 20:12 -------- d-----w- c:\program files\JMCAssemblageGsm
    2009-12-07 13:10 . 2009-12-07 13:10 53248 ----a-w- c:\windows\fados.exe
    2009-12-07 13:03 . 2009-12-07 13:03 -------- d-----w- c:\program files\Common Files\Atlence
    2009-12-06 16:50 . 2009-12-06 16:46 -------- d-----w- c:\program files\Samsung
    2009-12-06 16:49 . 2009-11-30 19:27 -------- d-----w- c:\program files\PC Connectivity Solution
    2009-12-06 16:47 . 2009-12-06 16:47 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Samsung
    2009-12-06 16:46 . 2009-12-06 16:46 -------- d-----w- c:\program files\MarkAny
    2009-12-06 10:35 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus 2
    2009-12-06 10:27 . 2009-12-06 10:27 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-04 14:40 . 2009-12-04 14:40 -------- d-----w- c:\programdata\Ubisoft
    2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\app
    2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-03 07:44 . 2009-09-05 13:29 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\dvdcss
    2009-12-02 18:21 . 2009-12-02 18:21 -------- d-----w- c:\program files\Common Files\Adobe AIR
    2009-12-02 18:21 . 2009-12-02 18:21 38208 ----a-w- c:\users\CleEmGym\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
    2009-12-02 18:21 . 2009-12-02 18:21 38208 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
    2009-12-02 13:25 . 2009-12-02 13:25 859 ----a-w- c:\users\CleEmGym\AppData\Roaming\datawin.dat
    2009-12-02 10:07 . 2009-08-26 10:25 -------- d-----w- c:\program files\Counter-Strike Source
    2009-12-01 09:31 . 2009-12-01 09:31 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Diplodock
    2009-12-01 09:31 . 2009-12-01 09:31 -------- d-----w- c:\program files\Diplodock Company
    2009-11-30 19:34 . 2009-11-30 19:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
    2009-11-30 19:34 . 2009-11-30 19:32 -------- d-----w- c:\programdata\PC Suite
    2009-11-30 19:32 . 2009-11-30 19:27 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\PC Suite
    2009-11-30 19:32 . 2009-11-30 19:29 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Nokia
    2009-11-30 19:28 . 2009-11-30 19:28 -------- d-----w- c:\program files\DIFX
    2009-11-30 19:24 . 2009-11-30 19:24 -------- d-----w- c:\programdata\Installations
    2009-11-30 19:15 . 2009-11-30 19:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
    2009-11-29 11:53 . 2009-11-29 11:53 604488 ----a-w- c:\windows\system32\TUProgSt.exe
    2009-11-29 11:52 . 2009-11-29 11:52 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
    2009-11-29 11:52 . 2009-11-29 11:51 -------- d-----w- c:\program files\TuneUp Utilities 2009
    2009-11-29 11:51 . 2009-11-29 11:51 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\TuneUp Software
    2009-11-29 11:51 . 2009-11-29 11:51 -------- d-----w- c:\programdata\TuneUp Software
    2009-11-29 11:50 . 2009-11-29 11:50 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-11-28 19:12 . 2009-10-31 17:49 -------- d-----w- c:\program files\Patch MsnCreative
    2009-11-28 18:09 . 2009-11-28 18:09 -------- d-----w- c:\program files\Circle Develoement
    2009-11-24 23:54 . 2009-08-22 17:15 1280480 ----a-w- c:\windows\system32\aswBoot.exe
    2009-11-24 23:50 . 2009-08-22 17:15 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2009-11-24 23:50 . 2009-08-22 17:15 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2009-11-24 23:49 . 2009-08-22 17:15 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2009-11-24 23:49 . 2009-08-22 17:15 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2009-11-24 23:48 . 2009-08-22 17:15 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2009-11-24 23:47 . 2009-08-22 17:15 97480 ----a-w- c:\windows\system32\AvastSS.scr
    2009-11-23 18:13 . 2009-11-23 18:13 -------- d-----w- c:\programdata\WindowsSearch
    2009-11-23 10:03 . 2009-09-26 19:39 -------- d-----w- c:\program files\VDOWNLOADER
    2009-11-21 06:40 . 2009-12-09 07:29 916480 ----a-w- c:\windows\system32\wininet.dll
    2009-11-21 06:34 . 2009-12-09 07:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2009-11-21 06:34 . 2009-12-09 07:29 71680 ----a-w- c:\windows\system32\iesetup.dll
    2009-11-21 04:59 . 2009-12-09 07:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-11-20 10:29 . 2009-08-23 08:00 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Skype
    2009-11-20 10:22 . 2009-08-23 08:01 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\skypePM
    2009-11-20 08:30 . 2009-10-07 09:48 -------- d-----w- c:\program files\Electronic Arts
    2009-11-20 08:29 . 2009-11-13 10:53 -------- d-----w- c:\program files\Game Cam V2
    2009-11-17 17:07 . 2009-12-01 10:08 18944 ------w- C:\bucks.exe
    2009-11-16 11:25 . 2009-11-29 11:52 17224 ----a-w- c:\windows\system32\authuitu.dll
    2009-11-16 11:25 . 2009-11-29 11:52 29000 ----a-w- c:\windows\system32\uxtuneup.dll
    2009-11-13 09:44 . 2010-01-17 16:57 95232 ----a-w- c:\windows\system32\drivers\mstinit.exe
    2009-11-13 09:44 . 2010-01-17 16:57 95232 ----a-w- c:\users\CleEmGym\AppData\Roaming\Microsoft\mstinit.exe
    2009-11-09 12:31 . 2009-12-09 07:35 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2009-11-09 12:30 . 2009-12-09 07:35 30720 ----a-w- c:\windows\system32\httpapi.dll
    2009-11-09 10:36 . 2009-12-09 07:35 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2009-11-07 22:49 . 2009-11-07 22:49 86016 ----a-w- c:\windows\system32\frapsvid.dll
    2009-11-03 08:21 . 2009-11-03 08:21 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
    2009-11-02 19:42 . 2009-10-03 06:03 195456 ------w- c:\windows\system32\MpSigStub.exe
    2009-11-02 07:13 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
    2009-06-05 01:23 . 2009-06-05 01:23 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
    @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
    [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
    2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-05 39408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
    "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
    "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2010-01-17 323392]
    "Win32dll"="C:\bucks.exe" [2009-11-17 18944]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
    "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
    "P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-16 13605408]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-16 92704]
    "HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
    "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-07-16 6253088]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
    "ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
    "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-25 159744]
    "ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496]
    "ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-06-05 47672]
    "ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-06-05 33136]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
    "Server Application"="c:\windows\system32\ServoApp.exe" [2007-05-20 417792]
    "GDI Manager"="c:\program files\MFP Server\App\Common\MFPAgent.exe" [2008-05-06 741376]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
    "Cisvc"="c:\users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe" [2009-11-13 95232]

    [HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
    "MstInit"="c:\windows\System32\drivers\mstinit.exe" [2009-11-13 95232]

    [HKEY_USERS\.DEFAULT\software\microsoft\windows\Currentversion\policies\explorer\Run]
    "MstInit"="c:\users\CleEmGym\AppData\Roaming\MICROS~1\mstinit.exe" [2009-11-13 95232]

    c:\users\CleEmGym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    FancyStart daemon.lnk - c:\windows\Installer\{DC905847-D537-427F-BF91-47CC7ACCDE58}\_DF3A81D17C478A2A6C60A5.exe [2009-6-5 12862]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "HonorAutoRunSetting"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "HonorAutoRunSetting"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
    "load"=c:\windows\System32\drivers\logman.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
    2009-04-16 08:41 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
    "Google Update"="c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):ab,f1,ea,33,1a,3d,ca,01

    R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [05/06/2009 03:22 15416]
    R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [22/08/2009 18:15 114768]
    R2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\System32\drivers\mfpec.sys [27/12/2009 10:45 34944]
    R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22/08/2009 18:15 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22/08/2009 18:15 53328]
    R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [06/12/2009 17:47 233472]
    R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [06/12/2009 17:47 36608]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [09/09/2008 04:15 48128]
    R3 WUSBVBus;MFP Server Detector;c:\windows\System32\drivers\mfpvbus.sys [27/12/2009 10:45 10240]
    S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [18/09/2009 15:19 133104]
    S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
    S3 AliWGP;Composite Device;c:\windows\System32\drivers\mfpcomp.sys [27/12/2009 10:45 10880]
    S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\System32\drivers\bfturboh.sys [10/10/2009 17:19 17280]
    S3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [07/04/2008 07:00 6656]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe --> c:\program files\MAGIX\Common\Database\bin\fbserver.exe [?]
    S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/01/2008 03:23 21504]
    S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [22/08/2009 17:29 54632]
    S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21:48 704864]
    S3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 21:22 34064]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 14:19]

    2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 14:19]

    2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251025576-1577586405-655904607-1000Core.job
    - c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-10 07:24]

    2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251025576-1577586405-655904607-1000UA.job
    - c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-10 07:24]

    2010-01-17 c:\windows\Tasks\Maintenance en 1 clic.job
    - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 16:04]
    .
    .
    ------- Examen supplémentaire -------
    .
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    MSConfigStartUp-PCSuiteTrayApplication - c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    ActiveSetup-{ADF9B913-9AC8-9032-7400-095C6B2A74D2} - c:\program files\winlogon\server.exe
    AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
    AddRemove-BigSeekPro Toolbar - c:\program files\BigSeekPro Toolbar\UninstallToolbar.exe
    AddRemove-eBay Icon - c:\users\CleEmGym\AppData\Roaming\Desktopicon\uninst.exe

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-01-17 17:57
    Windows 6.0.6002 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    C:\ADSM_PData_0150

    Scan terminé avec succès
    Fichiers cachés: 1

    **************************************************************************

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8552B1F8]<<
    kernel: MBR read successfully
    detected MBR rootkit hooks:
    \Driver\Disk -> CLASSPNP.SYS @ 0x8a7acd24
    \Driver\ACPI -> acpi.sys @ 0x807c2d68
    \Driver\atapi -> 0x8552b1f8
    IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
    user & kernel MBR OK
    copy of MBR has been found in sector 61 !
    copy of MBR has been found in sector 62 !

    **************************************************************************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
    "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-4251025576-1577586405-655904607-1000\Software\SecuROM\License information*]
    "datasecu"=hex:e9,c7,4f,ee,5e,c2,81,8a,ad,bb,36,9c,f1,31,ea,5c,2c,f0,e3,89,21,
    3b,0e,78,fc,3f,1b,41,6b,54,c4,3f,9c,fa,f8,15,27,42,21,6b,24,0a,a3,a6,6c,8a,\
    "rkeysecu"=hex:eb,ed,78,56,b0,73,a7,c6,a8,f5,22,8f,dd,e4,e7,c8

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:00000000
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'Explorer.exe'(5088)
    c:\program files\RocketDock\RocketDock.dll
    c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
    c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\nvvsvc.exe
    c:\windows\system32\rundll32.exe
    c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    c:\program files\ATK Hotkey\ASLDRSrv.exe
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\windows\system32\WLANExt.exe
    c:\program files\ATKGFNEX\GFNEXSrv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\program files\ASUS\SmartLogon\sensorsrv.exe
    c:\program files\ATK Hotkey\Hcontrol.exe
    c:\program files\ATK Hotkey\MsgTranAgt.exe
    c:\program files\ASUS\ASUS CopyProtect\aspg.exe
    c:\program files\P4G\BatteryLife.exe
    c:\program files\ASUS\Splendid\ACMON.exe
    c:\windows\system32\conime.exe
    c:\windows\System32\ACEngSvr.exe
    c:\program files\ATK Hotkey\ATKOSD.exe
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\ATK Hotkey\KBFiltr.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\ATK Hotkey\WDC.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\windows\system32\PnkBstrA.exe
    c:\windows\system32\rpcnet.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\windows\System32\TUProgSt.exe
    c:\users\CleEmGym\Local Settings\APPLIC~1\MICROS~1\cisvc.exe
    c:\windows\System32\rundll32.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    c:\windows\RtHDVCpl.exe
    c:\windows\servicing\TrustedInstaller.exe
    c:\program files\Alwil Software\Avast4\ashDisp.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\program files\Synaptics\SynTP\SynTPHelper.exe
    .
    **************************************************************************
    .
    Heure de fin: 2010-01-17 18:06:43 - La machine a redémarré
    ComboFix-quarantined-files.txt 2010-01-17 17:06

    Avant-CF: 162 196 926 464 octets libres
    Après-CF: 161 925 128 192 octets libres

    - - End Of File - - 6EB7F0EF7C8204B58034258B4CAE7B84
    0
  15. archet9
     
    > Avec Combofix :

    - Crée un nouveau document texte : clic droit de souris sur le bureau => Nouveau => Document Texte, et copie/colle dedans les lignes en gras:

    File::
    c:\windows\system32\drivers\logman.exe
    c:\windows\cmstp.exe
    c:\windows\fados.exe
    c:\windows\System32\drivers\mstinit.exe

    Reg::
    [HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]


    - Enregistre ce fichier sous le nom CFScript (Type du fichier : tous les fichiers)
    - Ferme tous tes navigateurs web (donc copie ou imprime les instructions suivantes avant si besoin est).
    - Désactive ton antivirus et tes autres protections résidentes (ex : Spybot) si tu en as (c'est important).
    - Fait un glisser/déposer de ce fichier CFScript sur le programme ComboFix.exe comme sur cette image :

    [img]http://img517.imageshack.us/img517/8662/cfscript10uc2.gif[/img]

    (Explications du glisser/coller : Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relâche alors le bouton de la souris).

    - Combofix va démarrer puis une fenêtre bleue va apparaître. Au message qui s'affiche (Type 1 to continue, or 2 to abort) : tape 1 puis valide.
    - Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal !
    - Ne touche à rien tant que le scan n'est pas terminé sinon le PC peut planter !
    - Une fois le scan achevé, un rapport va s'afficher: poste le stp.
    PS : Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

    > ENSUITE:

    Un nouveau RSIT STP....

    a+

    0
  16. clemgym Messages postés 208 Statut Membre 27
     
    Bonsoir,

    Voici le rapport de ComboFix :

    ComboFix 10-01-16.04 - CleEmGym 17/01/2010 19:12:16.2.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3070.2218 [GMT 1:00]
    Lancé depuis: c:\users\CleEmGym\Desktop\ComboFix.exe
    Commutateurs utilisés :: c:\users\CleEmGym\Desktop\CFScript.txt
    AV: avast! antivirus 4.8.1169 [VPS 090821-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: avast! antivirus 4.8.1169 [VPS 090821-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    FILE ::
    "c:\windows\cmstp.exe"
    "c:\windows\fados.exe"
    "c:\windows\system32\drivers\logman.exe"
    "c:\windows\System32\drivers\mstinit.exe"
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\CleEmGym\AppData\Roaming\Microsoft\mstinit.exe
    c:\windows\cmstp.exe
    c:\windows\fados.exe
    c:\windows\system32\drivers\comrepl.exe
    c:\windows\system32\drivers\logman.exe
    c:\windows\system32\drivers\mstinit.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-17 au 2010-01-17 ))))))))))))))))))))))))))))))))))))
    .

    2010-01-17 18:20 . 2010-01-17 18:20 -------- d-----w- c:\users\Public\AppData\Local\temp
    2010-01-17 18:20 . 2010-01-17 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-01-17 18:20 . 2010-01-17 18:20 -------- d-----w- c:\users\CleEmGym\AppData\Local\temp
    2010-01-17 15:46 . 2010-01-17 15:46 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Malwarebytes
    2010-01-17 15:45 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-01-17 15:45 . 2010-01-17 15:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-01-17 15:45 . 2010-01-17 15:45 -------- d-----w- c:\programdata\Malwarebytes
    2010-01-17 15:45 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-01-17 14:27 . 2010-01-17 14:39 -------- d-----w- C:\UsbFix
    2010-01-17 13:23 . 2010-01-17 13:31 -------- d-----w- C:\Ad-Remover
    2010-01-17 12:59 . 2010-01-17 12:59 -------- d--h--w- c:\program files\winlogon
    2010-01-17 12:25 . 2010-01-17 15:57 -------- d-----w- c:\program files\trend micro
    2010-01-17 12:25 . 2010-01-17 12:26 -------- d-----w- C:\rsit
    2010-01-15 21:13 . 2008-02-05 07:03 39936 ----a-w- c:\programdata\EPSON\EPSON Stylus SX400 Series\Language\040c.E_DIX0RE.DLL
    2010-01-13 07:09 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
    2010-01-13 07:09 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
    2010-01-12 14:15 . 2010-01-12 14:15 -------- d-----w- C:\Games
    2010-01-11 08:39 . 2008-05-30 13:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
    2010-01-11 08:39 . 2008-05-30 13:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
    2010-01-11 08:39 . 2008-05-30 13:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
    2010-01-11 08:39 . 2008-05-30 13:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
    2010-01-11 08:39 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
    2010-01-11 08:39 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
    2010-01-11 08:39 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
    2010-01-11 08:39 . 2008-03-05 15:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
    2010-01-11 08:39 . 2008-03-05 15:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
    2010-01-11 08:39 . 2008-03-05 15:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
    2010-01-11 08:39 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
    2010-01-11 08:39 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
    2010-01-11 08:39 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
    2010-01-07 13:14 . 2010-01-07 13:14 -------- d-----w- c:\program files\Project10
    2010-01-07 12:12 . 2010-01-07 13:14 286720 ------w- c:\windows\Setup1.exe
    2010-01-07 12:11 . 2010-01-07 13:14 73216 ----a-w- c:\windows\ST6UNST.EXE
    2010-01-03 19:46 . 2010-01-03 19:46 -------- d-----w- c:\program files\Microsoft Visual Studio 8
    2010-01-03 15:13 . 2010-01-03 15:13 -------- d-----w- c:\users\CleEmGym\.thumbnails
    2010-01-03 10:25 . 2010-01-17 13:50 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\gtk-2.0
    2010-01-03 10:17 . 2010-01-17 13:52 -------- d-----w- c:\users\CleEmGym\.gimp-2.6
    2010-01-03 10:16 . 2010-01-03 10:16 -------- d-----w- c:\program files\GIMP-2.0
    2009-12-29 16:14 . 2009-12-29 16:15 -------- d-----w- c:\users\Invité
    2009-12-27 09:52 . 2009-12-27 09:52 -------- d-----w- c:\programdata\UDL
    2009-12-27 09:45 . 2008-05-06 16:39 382240 ------w- c:\windows\system32\UninstMFP.exe
    2009-12-27 09:45 . 2007-05-20 19:45 417792 ------w- c:\windows\system32\ServoApp.exe
    2009-12-27 09:45 . 2006-09-21 20:35 151552 ------w- c:\windows\system32\ddschk.dll
    2009-12-27 09:45 . 2007-05-06 20:44 34944 ----a-w- c:\windows\system32\drivers\mfpec.sys
    2009-12-27 09:45 . 2007-01-09 22:36 10880 ----a-w- c:\windows\system32\drivers\mfpcomp.sys
    2009-12-27 09:45 . 2006-10-20 01:57 10240 ----a-w- c:\windows\system32\drivers\mfpvbus.sys
    2009-12-27 09:45 . 2006-09-21 23:13 200704 ----a-w- c:\windows\system32\mfpcoins.dll
    2009-12-27 09:45 . 2009-12-27 09:45 -------- d-----w- c:\program files\MFP Server
    2009-12-27 09:44 . 2008-02-07 05:03 56320 ----a-w- c:\programdata\EPSON\EPSON Stylus SX400 Series\Language\040c.E_S9E0G7.DLL
    2009-12-27 09:44 . 2007-12-17 04:00 143872 ----a-w- c:\programdata\EPSON\EPW!3 SSRP\E_S40ST7.EXE
    2009-12-27 09:44 . 2007-01-11 04:02 113664 ----a-w- c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    2009-12-27 09:44 . 2008-05-26 07:03 212480 ----a-w- c:\programdata\EPSON\EPSON Stylus SX400 Series\Language\040c.E_DI0EEE.DLL
    2009-12-27 09:43 . 2007-04-10 01:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
    2009-12-27 09:43 . 2007-12-07 02:08 86528 ----a-w- c:\windows\system32\E_FLBEGE.DLL
    2009-12-27 09:43 . 2007-12-07 02:01 78848 ----a-w- c:\windows\system32\E_FD4BEGE.DLL
    2009-12-27 09:43 . 2009-12-27 09:44 -------- d-----w- c:\programdata\EPSON
    2009-12-27 09:42 . 2007-07-12 23:00 71680 ----a-w- c:\windows\system32\escwiad.dll
    2009-12-27 09:42 . 2009-12-27 09:50 -------- d-----w- c:\program files\epson
    2009-12-25 10:09 . 2009-12-29 16:17 -------- d-----w- c:\program files\Common Files\Steam
    2009-12-25 09:56 . 2010-01-17 17:28 -------- d-----w- c:\program files\Steam
    2009-12-24 17:47 . 2009-12-24 17:47 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2009-12-20 13:28 . 2009-12-20 13:28 -------- d-----w- c:\program files\Guitar Pro 5

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-01-17 18:08 . 2009-08-22 16:05 32156 ----a-w- c:\programdata\nvModes.dat
    2010-01-17 18:07 . 2009-08-22 14:56 45056 ----a-w- c:\windows\system32\acovcnt.exe
    2010-01-17 18:07 . 2009-06-05 01:00 17408 ----a-w- c:\windows\system32\rpcnetp.exe
    2010-01-17 18:07 . 2009-08-22 15:31 56680 ----a-w- c:\windows\system32\rpcnet.dll
    2010-01-17 18:06 . 2009-09-14 08:26 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\DNA
    2010-01-17 17:09 . 2009-09-14 08:26 -------- d-----w- c:\program files\DNA
    2010-01-17 14:36 . 2008-04-16 11:16 672322 ----a-w- c:\windows\system32\perfh00C.dat
    2010-01-17 14:36 . 2008-04-16 11:16 124434 ----a-w- c:\windows\system32\perfc00C.dat
    2010-01-16 19:35 . 2009-08-22 17:04 -------- d-----w- c:\programdata\Messenger Plus!
    2010-01-16 19:10 . 2009-08-22 16:36 -------- d-----w- c:\program files\Messenger Plus! Live
    2010-01-15 13:05 . 2009-09-14 08:26 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\BitTorrent
    2010-01-15 12:23 . 2009-08-23 20:12 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\vlc
    2010-01-15 10:36 . 2009-08-22 14:57 153608 ----a-w- c:\users\CleEmGym\AppData\Local\GDIPFONTCACHEV1.DAT
    2010-01-13 09:22 . 2010-01-11 08:40 -------- d-----w- c:\program files\OpenAL
    2010-01-13 07:28 . 2009-08-22 14:58 -------- d-----w- c:\program files\Common Files\Adobe
    2010-01-13 07:13 . 2009-06-05 01:11 -------- d-----w- c:\programdata\Microsoft Help
    2010-01-13 07:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
    2010-01-11 08:40 . 2010-01-11 08:40 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2010-01-11 08:40 . 2010-01-11 08:40 109144 ----a-w- c:\windows\system32\OpenAL32.dll
    2010-01-03 19:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
    2010-01-03 18:00 . 2009-08-22 15:01 -------- d-----w- c:\program files\Microsoft
    2009-12-27 09:50 . 2009-06-05 01:25 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-12-26 19:29 . 2009-06-05 01:29 -------- d-----w- c:\program files\Google
    2009-12-26 15:49 . 2009-08-26 11:25 680 ----a-w- c:\users\CleEmGym\AppData\Local\d3d9caps.dat
    2009-12-18 10:41 . 2009-12-04 14:14 -------- d-----w- c:\program files\Ubisoft
    2009-12-18 09:19 . 2009-08-31 16:46 -------- d-----w- c:\program files\TubeMaster++
    2009-12-17 13:48 . 2009-12-17 13:48 -------- d-----w- c:\program files\GamersFirst
    2009-12-14 07:11 . 2009-12-14 07:11 -------- d-----w- c:\program files\Netscape
    2009-12-13 16:32 . 2009-12-13 16:32 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb31C1.tmp.exe
    2009-12-10 08:15 . 2009-11-30 19:25 8192 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
    2009-12-10 08:15 . 2009-11-30 19:25 61440 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
    2009-12-10 08:15 . 2009-11-30 19:25 10240 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
    2009-12-09 08:34 . 2009-08-23 10:26 -------- d-----w- c:\programdata\eMule
    2009-12-09 08:34 . 2009-12-09 08:34 -------- d-----w- c:\program files\eMule
    2009-12-07 20:12 . 2009-12-07 20:12 -------- d-----w- c:\program files\JMCAssemblageGsm
    2009-12-07 13:03 . 2009-12-07 13:03 -------- d-----w- c:\program files\Common Files\Atlence
    2009-12-06 16:50 . 2009-12-06 16:46 -------- d-----w- c:\program files\Samsung
    2009-12-06 16:49 . 2009-11-30 19:27 -------- d-----w- c:\program files\PC Connectivity Solution
    2009-12-06 16:47 . 2009-12-06 16:47 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Samsung
    2009-12-06 16:46 . 2009-12-06 16:46 -------- d-----w- c:\program files\MarkAny
    2009-12-06 10:35 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus 2
    2009-12-06 10:27 . 2009-12-06 10:27 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-04 14:40 . 2009-12-04 14:40 -------- d-----w- c:\programdata\Ubisoft
    2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\app
    2009-12-03 19:40 . 2009-12-03 19:40 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-03 07:44 . 2009-09-05 13:29 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\dvdcss
    2009-12-02 18:21 . 2009-12-02 18:21 -------- d-----w- c:\program files\Common Files\Adobe AIR
    2009-12-02 18:21 . 2009-12-02 18:21 38208 ----a-w- c:\users\CleEmGym\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
    2009-12-02 18:21 . 2009-12-02 18:21 38208 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
    2009-12-02 13:25 . 2009-12-02 13:25 859 ----a-w- c:\users\CleEmGym\AppData\Roaming\datawin.dat
    2009-12-02 10:07 . 2009-08-26 10:25 -------- d-----w- c:\program files\Counter-Strike Source
    2009-12-01 09:31 . 2009-12-01 09:31 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Diplodock
    2009-12-01 09:31 . 2009-12-01 09:31 -------- d-----w- c:\program files\Diplodock Company
    2009-11-30 19:34 . 2009-11-30 19:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
    2009-11-30 19:34 . 2009-11-30 19:32 -------- d-----w- c:\programdata\PC Suite
    2009-11-30 19:32 . 2009-11-30 19:27 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\PC Suite
    2009-11-30 19:32 . 2009-11-30 19:29 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Nokia
    2009-11-30 19:28 . 2009-11-30 19:28 -------- d-----w- c:\program files\DIFX
    2009-11-30 19:24 . 2009-11-30 19:24 -------- d-----w- c:\programdata\Installations
    2009-11-30 19:15 . 2009-11-30 19:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
    2009-11-29 11:53 . 2009-11-29 11:53 604488 ----a-w- c:\windows\system32\TUProgSt.exe
    2009-11-29 11:52 . 2009-11-29 11:52 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
    2009-11-29 11:52 . 2009-11-29 11:51 -------- d-----w- c:\program files\TuneUp Utilities 2009
    2009-11-29 11:51 . 2009-11-29 11:51 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\TuneUp Software
    2009-11-29 11:51 . 2009-11-29 11:51 -------- d-----w- c:\programdata\TuneUp Software
    2009-11-29 11:50 . 2009-11-29 11:50 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-11-28 19:12 . 2009-10-31 17:49 -------- d-----w- c:\program files\Patch MsnCreative
    2009-11-28 18:09 . 2009-11-28 18:09 -------- d-----w- c:\program files\Circle Develoement
    2009-11-24 23:54 . 2009-08-22 17:15 1280480 ----a-w- c:\windows\system32\aswBoot.exe
    2009-11-24 23:50 . 2009-08-22 17:15 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2009-11-24 23:50 . 2009-08-22 17:15 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2009-11-24 23:49 . 2009-08-22 17:15 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2009-11-24 23:49 . 2009-08-22 17:15 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2009-11-24 23:48 . 2009-08-22 17:15 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2009-11-24 23:47 . 2009-08-22 17:15 97480 ----a-w- c:\windows\system32\AvastSS.scr
    2009-11-23 18:13 . 2009-11-23 18:13 -------- d-----w- c:\programdata\WindowsSearch
    2009-11-23 10:03 . 2009-09-26 19:39 -------- d-----w- c:\program files\VDOWNLOADER
    2009-11-21 06:40 . 2009-12-09 07:29 916480 ----a-w- c:\windows\system32\wininet.dll
    2009-11-21 06:34 . 2009-12-09 07:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2009-11-21 06:34 . 2009-12-09 07:29 71680 ----a-w- c:\windows\system32\iesetup.dll
    2009-11-21 04:59 . 2009-12-09 07:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-11-20 10:29 . 2009-08-23 08:00 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\Skype
    2009-11-20 10:22 . 2009-08-23 08:01 -------- d-----w- c:\users\CleEmGym\AppData\Roaming\skypePM
    2009-11-20 08:30 . 2009-10-07 09:48 -------- d-----w- c:\program files\Electronic Arts
    2009-11-20 08:29 . 2009-11-13 10:53 -------- d-----w- c:\program files\Game Cam V2
    2009-11-17 17:07 . 2009-12-01 10:08 18944 ------w- C:\bucks.exe
    2009-11-16 11:25 . 2009-11-29 11:52 17224 ----a-w- c:\windows\system32\authuitu.dll
    2009-11-16 11:25 . 2009-11-29 11:52 29000 ----a-w- c:\windows\system32\uxtuneup.dll
    2009-11-09 12:31 . 2009-12-09 07:35 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2009-11-09 12:30 . 2009-12-09 07:35 30720 ----a-w- c:\windows\system32\httpapi.dll
    2009-11-09 10:36 . 2009-12-09 07:35 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2009-11-07 22:49 . 2009-11-07 22:49 86016 ----a-w- c:\windows\system32\frapsvid.dll
    2009-11-03 08:21 . 2009-11-03 08:21 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
    2009-11-02 19:42 . 2009-10-03 06:03 195456 ------w- c:\windows\system32\MpSigStub.exe
    2009-11-02 07:13 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
    2009-10-29 09:17 . 2009-11-25 08:50 2048 ----a-w- c:\windows\system32\tzres.dll
    2009-10-21 16:45 . 2009-12-06 17:24 33792 ----a-w- c:\windows\system32\identprv.dll
    2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
    2008-05-22 16:35 . 2008-05-22 16:35 51962 ----a-w- c:\program files\Common Files\banner.jpg
    2009-06-05 01:23 . 2009-06-05 01:23 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
    @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
    [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
    2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-05 39408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
    "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
    "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2010-01-17 323392]
    "Win32dll"="C:\bucks.exe" [2009-11-17 18944]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
    "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
    "P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-16 13605408]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-16 92704]
    "HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
    "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-07-16 6253088]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
    "ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
    "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-25 159744]
    "ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496]
    "ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-06-05 47672]
    "ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-06-05 33136]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
    "Server Application"="c:\windows\system32\ServoApp.exe" [2007-05-20 417792]
    "GDI Manager"="c:\program files\MFP Server\App\Common\MFPAgent.exe" [2008-05-06 741376]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
    "Cisvc"="c:\users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe" [2009-11-13 95232]

    c:\users\CleEmGym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    FancyStart daemon.lnk - c:\windows\Installer\{DC905847-D537-427F-BF91-47CC7ACCDE58}\_DF3A81D17C478A2A6C60A5.exe [2009-6-5 12862]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "HonorAutoRunSetting"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "HonorAutoRunSetting"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
    2009-04-16 08:41 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
    "Google Update"="c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):ab,f1,ea,33,1a,3d,ca,01

    R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [05/06/2009 03:22 15416]
    R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [22/08/2009 18:15 114768]
    R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22/08/2009 18:15 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22/08/2009 18:15 53328]
    R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [06/12/2009 17:47 233472]
    R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [06/12/2009 17:47 36608]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [09/09/2008 04:15 48128]
    R3 WUSBVBus;MFP Server Detector;c:\windows\System32\drivers\mfpvbus.sys [27/12/2009 10:45 10240]
    S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [26/08/2009 12:03 721904]
    S2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\System32\drivers\mfpec.sys [27/12/2009 10:45 34944]
    S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [18/09/2009 15:19 133104]
    S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
    S3 AliWGP;Composite Device;c:\windows\System32\drivers\mfpcomp.sys [27/12/2009 10:45 10880]
    S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\System32\drivers\bfturboh.sys [10/10/2009 17:19 17280]
    S3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [07/04/2008 07:00 6656]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe --> c:\program files\MAGIX\Common\Database\bin\fbserver.exe [?]
    S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/01/2008 03:23 21504]
    S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [22/08/2009 17:29 54632]
    S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21:48 704864]
    S3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 21:22 34064]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 14:19]

    2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 14:19]

    2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251025576-1577586405-655904607-1000Core.job
    - c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-10 07:24]

    2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251025576-1577586405-655904607-1000UA.job
    - c:\users\CleEmGym\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-10 07:24]

    2010-01-17 c:\windows\Tasks\Maintenance en 1 clic.job
    - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 16:04]
    .
    .
    ------- Examen supplémentaire -------
    .
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Explorer_Run-MstInit - c:\windows\System32\drivers\mstinit.exe
    HKU-Default-Explorer_Run-MstInit - c:\users\CleEmGym\AppData\Roaming\MICROS~1\mstinit.exe

    **************************************************************************
    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés:

    **************************************************************************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
    "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-4251025576-1577586405-655904607-1000\Software\SecuROM\License information*]
    "datasecu"=hex:e9,c7,4f,ee,5e,c2,81,8a,ad,bb,36,9c,f1,31,ea,5c,2c,f0,e3,89,21,
    3b,0e,78,fc,3f,1b,41,6b,54,c4,3f,9c,fa,f8,15,27,42,21,6b,24,0a,a3,a6,6c,8a,\
    "rkeysecu"=hex:eb,ed,78,56,b0,73,a7,c6,a8,f5,22,8f,dd,e4,e7,c8

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:00000000
    .
    Heure de fin: 2010-01-17 19:24:06
    ComboFix-quarantined-files.txt 2010-01-17 18:24
    ComboFix2.txt 2010-01-17 17:06

    Avant-CF: 161 819 570 176 octets libres
    Après-CF: 161 797 705 728 octets libres

    - - End Of File - - 215B4437CAF25CF8DA0D9B196EE5FC32
    0
  17. clemgym Messages postés 208 Statut Membre 27
     
    Et voici le RSIT que tu m'a demandé :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by CleEmGym at 2010-01-17 19:28:54
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 154 GB (65%) free of 238 GB
    Total RAM: 3070 MB (63% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:28:57, on 17/01/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18865)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Windows\system32\conime.exe
    C:\Windows\explorer.exe
    C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\CleEmGym\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\CleEmGym\Desktop\RSIT.exe
    C:\Program Files\trend micro\CleEmGym.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
    O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
    O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Win32dll] C:\bucks.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKLM\..\Policies\Explorer\Run: [Cisvc] C:\Users\CleEmGym\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe /waitservice
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
    O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
    0
  18. clemgym Messages postés 208 Statut Membre 27
     
    Déjà, Je me doit de te remercier pour tout ce que tu as fait, c'est gentil !
    Je donnerai des nouvelles si j'ai encore des pubs !

    Merci =)
    0
  19. clemgym Messages postés 208 Statut Membre 27
     
    Bonsoir,

    Désolé de te décevoir mais j'ai encore reçus des pubs =(

    Voila !

    Au revoir
    0
  20. archet9
     
    Télécharge LopSD.exe sur ton Bureau
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    Clique sur le raccourci LopSD présent sur le Bureau pour lancer LopSD.

    Choisis la langue F pour Français puis valide par Entrée.

    Choisis l'option Recherche en saisissant 1 puis valide par Entrée
    .
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré qui se trouve ici => (C:\lopR.txt)

    (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

    a+
    0
  • 1
  • 2
  • 3
  • 4
  • 5