Security center aidez-moi svp

simplementmoidu59 Messages postés 21 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

Voilà je n'arrive pas à desinstaller "security center". Mon pc rame avec ça, les icones de mon bureau ont disparu, je n'arrive plus à me connecter à msn... Là je suis en mode sans echec avec prise en charge de réseau parce que sinon rien ne va. J'ai vu qu'il fallait telecharger rsit, ce que j'ai fait. Voilà le rapport :

Logfile of random's system information tool 1.06 (written by random/random)
Run by avril at 2010-01-27 21:33:42
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 164 GB (72%) free of 228 GB
Total RAM: 3002 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:06, on 27/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\avril\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VLDCSHE\RSIT[1].exe
C:\Program Files\trend micro\avril.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: SearchHelper Class - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: &Security Update - {A00A96F3-913E-4814-92DE-8CF82CD7CAB9} - C:\Windows\System32\win32extension.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [TagMonitor] "C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Service Google Update (gupdate1ca318883b0e6aa) (gupdate1ca318883b0e6aa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
A voir également:

36 réponses

  • 1
  • 2
Réponse 1 / 36
Utilisateur anonyme
 
salut :

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)

▶ Télécharge List&Kill'em et enregistre le sur ton bureau

▶ Branche clés usb , disques durs externes , mp3 , mp4 , etc..

double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

coche la case "creer une icone sur le bureau"

une fois terminée , clic sur "terminer" et le programme se lancera seul

choisis la langue puis choisis l'option 1 = Mode Recherche

▶ laisse travailler l'outil

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

tu peux supprimer le rapport catchme.log de ton bureau maintenant.

0
Réponse 2 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
Voici le rapport :

List'em by g3n-h@ckm@n 1.2.1.1
User : avril (Administrateurs)
Update on 23/01/2010 by g3n-h@ckm@n ::::: 13:50
Start at: 22:06:57 | 27/01/2010
Contact : g3n-h@ckm@n sur CCM

Intel(R) Celeron(R) CPU 900 @ 2.20GHz
Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled

C:\ -> Disque fixe local | 223,02 Go (160,34 Go free) | NTFS
D:\ -> Disque fixe local | 9,86 Go (1,73 Go free) [RECOVERY] | NTFS
E:\ -> Disque CD-ROM

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\avril\AppData\Local\Temp\1860.tmp\pv.exe

======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
LightScribe Control Panel REG_SZ C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HPAdvisor REG_SZ C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
CollaborationHost REG_SZ C:\Windows\system32\p2phost.exe -s
Speech Recognition REG_SZ "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
IgfxTray REG_SZ C:\Windows\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\Windows\system32\hkcmd.exe
Persistence REG_SZ C:\Windows\system32\igfxpers.exe
SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
SysTrayApp REG_EXPAND_SZ %ProgramFiles%\IDT\WDM\sttray.exe
QPService REG_SZ "C:\Program Files\HP\QuickPlay\QPService.exe"
UpdateLBPShortCut REG_SZ "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
UpdatePSTShortCut REG_SZ "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
UCam_Menu REG_SZ "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
QlbCtrl.exe REG_SZ C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
UpdateP2GoShortCut REG_SZ "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
UpdatePDIRShortCut REG_SZ "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
HP Health Check Scheduler REG_SZ c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HP Software Update REG_SZ C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
WirelessAssistant REG_SZ C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
SweetIM REG_SZ C:\Program Files\SweetIM\Messenger\SweetIM.exe
FBSSA REG_SZ C:\Program Files\SGPSA\ie3sh.exe
TagMonitor REG_SZ "C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
ConsentPromptBehaviorAdmin REG_DWORD 2 (0x2)
ConsentPromptBehaviorUser REG_DWORD 1 (0x1)
EnableInstallerDetection REG_DWORD 1 (0x1)
EnableLUA REG_DWORD 1 (0x1)
EnableSecureUIAPaths REG_DWORD 1 (0x1)
EnableVirtualization REG_DWORD 1 (0x1)
PromptOnSecureDesktop REG_DWORD 1 (0x1)
ValidateAdminCodeSignatures REG_DWORD 0 (0x0)
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
scforceoption REG_DWORD 0 (0x0)
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
FilterAdministratorToken REG_DWORD 0 (0x0)
EnableUIADesktopToggle REG_DWORD 0 (0x0)
HideFastUserSwitching REG_DWORD 0 (0x0)

===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoLogoff REG_DWORD 0 (0x0)
NoClose REG_DWORD 0 (0x0)

===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ

===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{E54729E8-BB3D-4270-9D49-7389EA579090} REG_SZ EasyBits Security Shield Hook - prevents launching insecure programs by kids

===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E77F23EB-E7AB-4502-8F37-247DBAF1A147}

===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8C109B9C-C4EB-8F0E-6290-42E98D593ABB}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}

==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{A00A96F3-913E-4814-92DE-8CF82CD7CAB9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://home.sweetim.com/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.google.fr/?gws_rd=ssl

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
Wlansvc : 0x2
SharedAccess : 0x4
windefend : 0x2
wuauserv : 0x2
wscsvc : 0x2

=========
Atapi.sys
=========

%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Users\avril\AppData\Local\Temp\1860.tmp
## C:\> hashdeep C:\Windows\System32\Drivers\atapi.sys
##
21560,9c0e70031905adbf94edb9ea14af943b,88e4a250c22e919decedf1d59566265c473cdfac97440f25a6d05e6200223194,C:\Windows\System32\Drivers\atapi.sys


Sources
=======

C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
C:\Windows\System32\drivers\atapi.sys
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys

Référence :
==========

Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C

=======
Drive :
=======

D‚fragmenteur de disque Windows
Copyright (c) 2006 Microsoft Corp.

Rapport d'analyse pour le volume C:

Taille du volume = 223 Go
Espace libre = 160 Go
tendue d'espace libre la plus grande = 65.94 Go
Pourcentage de fragmentation des fichiers = 8 %

Remarqueÿ: sur les volumes NTFS, les fragments de fichiers de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.

Il n'est pas n‚cessaire de d‚fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Present !! : C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
Present !! : C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
Present !! : C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
Present !! : C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
Present !! : C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
Present !! : C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
Present !! : C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Present !! : C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Present !! : C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Present !! : C:\ProgramData\Trymedia
Present !! : C:\Program Files\Common Files\PersonalSecUninstall
Present !! : C:\Program Files\Fast Browser Search
Present !! : C:\Program Files\GamesBar
Present !! : C:\Program Files\PersonalSec
Present !! : C:\Program Files\Search Guard PlusU
Present !! : C:\Program Files\SGPSA
Present !! : C:\Windows\System32\EZUPBH~1.DLL
Present !! : C:\Windows\system32\win32extension.dll
Present !! : C:\Windows\Tasks\PersonalSec.job
Present !! : C:\Users\avril\Local Settings\Temp\tdm.log
Present !! : C:\Users\avril\LOCAL Settings\Temp\73BAB2C7-2256-478C-A2F3-CEC110A1884C.exe
Present !! : C:\Users\avril\LOCAL Settings\Temp\8BD54F3E-DD19-4a69-93D8-5C6A5BBBE20E.exe
Present !! : C:\Users\avril\LOCAL Settings\Temp\bfguni.exe
Present !! : C:\Users\avril\LOCAL Settings\Temp\HPQSi.exe
Present !! : C:\Users\avril\LOCAL Settings\Temp\Installation Silverlight.exe
Present !! : C:\Users\avril\LOCAL Settings\Temp\jre-6u15-windows-i586-iftw.exe
Present !! : C:\Users\avril\LOCAL Settings\Temp\SearchWithGoogleUpdate.exe
Present !! : C:\Users\avril\LOCAL Settings\Temp\Uninstall.exe

¤¤¤¤¤¤¤¤¤¤ Keys :

Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SweetIM
Present !! : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847}
Present !! : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose
Present !! : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogoff
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
Present !! : "HKCU\software\microsoft\internet explorer\searchscopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}"
Present !! : "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Present !! : "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}"
Present !! : "HKLM\Software\Trymedia Systems"
Present !! : HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Present !! : HKCR\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Present !! : HKCR\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0}
Present !! : HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Present !! : HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Present !! : HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Present !! : HKCR\ezUPBHook.ShellObj
Present !! : HKCR\ezUPBHook.ShellObj.1
Present !! : HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Present !! : HKCR\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Present !! : HKCR\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}
Present !! : HKCR\interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Present !! : HKCR\interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Present !! : HKCR\interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Present !! : HKCR\MediaPlayer.GraphicsUtils
Present !! : HKCR\MediaPlayer.GraphicsUtils.1
Present !! : HKCR\MgMediaPlayer.GifAnimator
Present !! : HKCR\MgMediaPlayer.GifAnimator.1
Present !! : HKCR\SWEETIE.IEToolbar
Present !! : HKCR\SWEETIE.IEToolbar.1
Present !! : HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook
Present !! : HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
Present !! : HKCR\Toolbar3.SWEETIE
Present !! : HKCR\Toolbar3.SWEETIE.1
Present !! : HKCR\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d}
Present !! : HKCR\TypeLib\{478CAB91-9E28-11D4-97FF-0050047D51FB}
Present !! : HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Present !! : HKCR\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Present !! : HKCR\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Present !! : HKCR\urlsearchhook.toolbarurlsearchhook
Present !! : HKCR\urlsearchhook.toolbarurlsearchhook.1
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Present !! : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Present !! : HKCU\Software\SweetIM
Present !! : HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Present !! : HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Present !! : HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Present !! : HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Present !! : HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Present !! : HKLM\Software\Classes\Interface\{01009AEC-AFAA-4982-9F2B-6411C5C27E77}
Present !! : HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Present !! : HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Present !! : HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Present !! : HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Present !! : HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Present !! : HKLM\Software\Classes\MediaPlayer.GraphicsUtils
Present !! : HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1
Present !! : HKLM\Software\Classes\MgMediaPlayer.GifAnimator
Present !! : HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
Present !! : HKLM\Software\Classes\SWEETIE.IEToolbar
Present !! : HKLM\Software\Classes\SWEETIE.IEToolbar.1
Present !! : HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
Present !! : HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
Present !! : HKLM\Software\Classes\Toolbar3.SWEETIE
Present !! : HKLM\Software\Classes\Toolbar3.SWEETIE.1
Present !! : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Present !! : HKLM\Software\Classes\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Present !! : HKLM\Software\Classes\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Present !! : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Present !! : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Present !! : HKLM\SOFTWARE\SweetIM
Present !! : HKLM\System\CurrentControlSet\Servises

============

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-27 22:14:04
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

==========
Programs
==========

Activation Assistant for the 2007 Microsoft Office suites
Adobe
AOL
Atheros
AVIConverter
Avira
BoontyGames
Common Files
CyberLink
desktop.ini
DIFX
EasyBits For Kids
Fast Browser Search
Fichiers communs
GamesBar
Google
Hewlett-Packard
Hewlett-Packard Company
HP
IDT
InstallShield Installation Information
Intel
Internet Explorer
James Patterson's Women's Murder Club - Twice in a Blue Moon
Java
LeapFrog
List_Kill'em
McAfee Security Scan
Microsoft
Microsoft Games
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Works
Microsoft.NET
Mindscape
Movie Maker
MSBuild
MSXML 4.0
Oberon Media
Online Services
orange
PersonalSec
QuickTime
RealArcade
Realtek
Reference Assemblies
Samsung
Search Guard Plus
Search Guard PlusU
SGPSA
SMINST
SweetIM
Synaptics
trend micro
Uninstall Information
Windows Calendar
Windows Collaboration
Windows Defender
Windows Live
Windows Live SkyDrive
Windows Mail
Windows Media Player
Windows NT
Windows Photo Gallery
Windows Sidebar

============
Drive C:
============

$RECYCLE.BIN
autoexec.bat
Boonty
boot
bootmgr
config.sys
conmgr.log
Documents and Settings
GameHouse Games
games
gen5
HP
Kill'em
List'em.txt
logfile.dat
MSOCache
pagefile.sys
PerfLogs
Program Files
ProgramData
rsit
SwSetup
System Volume Information
System.sav
Users
Windows

¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m14s\Patch-09-11-2009-09h51m14s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m14s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m17s\Patch-09-11-2009-09h51m17s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m17s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m20s\Patch-09-11-2009-09h51m20s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m20s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m23s\Patch-09-11-2009-09h51m23s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m23s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m26s\Patch-09-11-2009-09h51m26s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m26s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m29s\Patch-09-11-2009-09h51m29s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m29s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m31s\Patch-09-11-2009-09h51m31s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m31s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m34s\Patch-09-11-2009-09h51m34s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m34s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m37s\Patch-09-11-2009-09h51m37s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m37s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m39s\Patch-09-11-2009-09h51m39s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m39s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m42s\Patch-09-11-2009-09h51m42s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m42s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m44s\Patch-09-11-2009-09h51m44s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m44s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m48s\Patch-09-11-2009-09h51m48s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m48s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m50s\Patch-09-11-2009-09h51m50s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m50s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m52s\Patch-09-11-2009-09h51m52s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m52s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m55s\Patch-09-11-2009-09h51m55s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m55s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m57s\Patch-09-11-2009-09h51m57s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m57s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m00s\Patch-09-11-2009-09h52m00s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m00s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m02s\Patch-09-11-2009-09h52m02s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m02s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m05s\Patch-09-11-2009-09h52m05s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m05s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m07s\Patch-09-11-2009-09h52m07s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m07s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m10s\Patch-09-11-2009-09h52m10s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m10s\Patch.1.mft.7z
C:\ProgramData\NortonInstaller\Logs\09-11-2009-10h02m00s\Patch-09-11-2009-10h02m00s.log
C:\ProgramData\NortonInstaller\Logs\09-11-2009-10h02m00s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m14s\Patch-09-11-2009-09h51m14s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m14s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m17s\Patch-09-11-2009-09h51m17s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m17s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m20s\Patch-09-11-2009-09h51m20s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m20s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m23s\Patch-09-11-2009-09h51m23s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m23s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m26s\Patch-09-11-2009-09h51m26s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m26s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m29s\Patch-09-11-2009-09h51m29s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m29s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m31s\Patch-09-11-2009-09h51m31s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m31s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m34s\Patch-09-11-2009-09h51m34s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m34s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m37s\Patch-09-11-2009-09h51m37s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m37s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m39s\Patch-09-11-2009-09h51m39s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m39s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m42s\Patch-09-11-2009-09h51m42s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m42s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m44s\Patch-09-11-2009-09h51m44s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m44s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m48s\Patch-09-11-2009-09h51m48s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m48s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m50s\Patch-09-11-2009-09h51m50s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m50s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m52s\Patch-09-11-2009-09h51m52s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m52s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m55s\Patch-09-11-2009-09h51m55s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m55s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m57s\Patch-09-11-2009-09h51m57s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m57s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m00s\Patch-09-11-2009-09h52m00s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m00s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m02s\Patch-09-11-2009-09h52m02s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m02s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m05s\Patch-09-11-2009-09h52m05s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m05s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m07s\Patch-09-11-2009-09h52m07s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m07s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m10s\Patch-09-11-2009-09h52m10s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m10s\Patch.1.mft.7z
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-10h02m00s\Patch-09-11-2009-10h02m00s.log
C:\Users\All Users\NortonInstaller\Logs\09-11-2009-10h02m00s\Patch.1.mft.7z
C:\Program Files\Microsoft Works\Install.exe
C:\SwSetup\MSWorks\Install.exe
C:\SwSetup\MSWorks\PFiles\MSWorks\Install.exe
C:\Windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 3 / 36
Utilisateur anonyme
 
▶ Relance List&Kill'em(soit en clic droit pour vista),avec le raccourci sur ton bureau.
mais cette fois-ci :

▶ choisis l'option 2 = Mode Suppression

laisse travailler l'outil.

en fin de scan un rapport s'ouvre

▶ colle le contenu dans ta reponse
0
Réponse 4 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
Kill'em by g3n-h@ckm@n 1.2.1.1

User : avril (Administrateurs)
Update on 23/01/2010 by g3n-h@ckm@n ::::: 13:50
Start at: 22:41:48 | 27/01/2010
Contact : g3n-h@ckm@n sur CCM

Intel(R) Celeron(R) CPU 900 @ 2.20GHz
Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled

C:\ -> Disque fixe local | 223,02 Go (160,39 Go free) | NTFS
D:\ -> Disque fixe local | 9,86 Go (1,73 Go free) [RECOVERY] | NTFS
E:\ -> Disque CD-ROM


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\avril\AppData\Local\Temp\C236.tmp\ERUNT.EXE
C:\Users\avril\AppData\Local\Temp\C236.tmp\pv.exe

Detections :
==========


¤¤¤¤¤¤¤¤¤¤ Files/folders :

Quarantined & Deleted !! : C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
Quarantined & Deleted !! : C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
Quarantined & Deleted !! : C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
Quarantined & Deleted !! : C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
Quarantined & Deleted !! : C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
Quarantined & Deleted !! : C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
Quarantined & Deleted !! : C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Quarantined & Deleted !! : C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Quarantined & Deleted !! : C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Quarantined & Deleted !! : C:\ProgramData\Trymedia
Quarantined & Deleted !! : C:\Program Files\Common Files\PersonalSecUninstall
Quarantined & Deleted !! : C:\Program Files\Fast Browser Search
Quarantined & Deleted !! : C:\Program Files\GamesBar
Quarantined & Deleted !! : C:\Program Files\PersonalSec
Quarantined & Deleted !! : C:\Program Files\Search Guard PlusU
Quarantined & Deleted !! : C:\Program Files\SGPSA

Quarantined & Deleted !! : C:\Windows\SYSTEM32\EZUPBH~1.DLL
Quarantined & Deleted !! : C:\Windows\system32\win32extension.dll
Quarantined & Deleted !! : C:\Windows\Tasks\PersonalSec.job
Quarantined & Deleted !! : C:\Users\avril\Local Settings\Temp\tdm.log
Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\73BAB2C7-2256-478C-A2F3-CEC110A1884C.exe
Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\8BD54F3E-DD19-4a69-93D8-5C6A5BBBE20E.exe
Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\bfguni.exe
Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\HPQSi.exe
Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\Installation Silverlight.exe
Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\jre-6u15-windows-i586-iftw.exe
Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\SearchWithGoogleUpdate.exe
Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\Uninstall.exe

==============
host file OK !
==============

========
Registry
========
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr

============
Disk Cleaned
============

================
Prefetch cleaned
================



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
Et je fais quoi maintenant ?
0
Réponse 6 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
Désolée si j'insiste mais c'est fini ? Pensez-vous que je peux redemarrer normalement maintenant ? Merci de vos reponses.
0
Réponse 7 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
Bon j'ai redemarrer normalement et tout semble etre revenu dans l'ordre.

Merci beaucoup pour votre aide.

Gaëlle
0
Réponse 8 / 36
Utilisateur anonyme
 
hello desole

tu l as lancé en tant qu'administrateur l option suppression ? tu l as lancé deux fois ?
0
Réponse 9 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
Salut,

Je ne sais pas. J'ai fait comme vous avez dit. Pourquoi ? ya un probleme ?
0
Réponse 10 / 36
Utilisateur anonyme
 
i manque un affichage de suppression de clés...

Télécharge OTL de OLDTimer

enregistre le sur ton Bureau.

▶ Double clic ( pour vista / 7 => clic droit "executer en tant qu'administrateur") sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant scan all users

▶ règle-le sur "60 Days"

▶ dans la colonne de gauche , mets tout sur all

ne modifie pas ceci :

"files created whithin" et "files modified whithin"

▶Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

▶▶ Tu feras la meme chose avec le "Extra.txt".
0
Réponse 11 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
Oui mais j'y arrive pas à telecharger le truc : ya un message "OTL cannot be run from a temporary folder!

Please dowload it to your Desktop or other suitable location."
0
Réponse 12 / 36
Utilisateur anonyme
 
y a ecrit "enregistre-le sur ton bureau" !!!
0
Réponse 13 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
http://www.cijoint.fr/cjlink.php?file=cj201001/cijg7YhG0L.txt

http://www.cijoint.fr/cjlink.php?file=cj201001/cijK9O3XmU.txt

Voilà. Désolée pour tout-à-l'heure, j'avais cliqué. J'espère ne pas m'être trompée cette fois-ci parce que j'ai pas trouvé les documents dans document and setting... C'est pour ça que ça été long.
0
Réponse 14 / 36
Utilisateur anonyme
 
▶ Désactivez le contrôle des comptes utilisateurs avant utilisation de cet outil:

▶ Allez dans "Démarrer" puis Panneau de configuration.
▶ Double Cliquez sur l'icône Comptes d'utilisateurs et sur "Activer ou désactiver le contrôle des comptes d'utilisateurs".
▶ Décochez la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
▶ Validez par OK et redémarrez .

ensuite

▶ Télécharge Ad-remover ( de C_XX ) sur ton bureau :


▶ Déconnecte toi et ferme toutes applications en cours !

▶ clic droit sur "Ad-R.exe" en tant qu'administrateur pour lancer l'installation et laisse les paramètres d'installation par défaut .

▶ clic droit sur le raccourci Ad-remover en tant qu'administrateur qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis l'option "L" et tape sur [entrée] .

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 15 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 28.01.2010 à 18:26
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:27:43, 28/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ HomeBasic Service Pack 2 v6.0.6001
Nom du PC: GAELLEETYANN | Utilisateur actuel: avril
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

C:\Users\Public\MyWebTattoo.exe
C:\Program Files\Search Guard Plus - ... [b]ERREUR SUPPRESSION !![/b]
C:\Program Files\SweetIM
C:\Users\avril\AppData\LocalLow\SweetIM
C:\ProgramData\SweetIM
C:\Windows\Installer\295b6ae.msi
C:\Windows\Installer\295b6ec.msi

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\FBSearch
HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\Registry\User\S-1-5-21-3925734268-2236897331-3125560892-1000\Software\Sweetim
HKCU\software\microsoft\internet explorer\searchscopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\software\SGPUpdater
HKCU\software\SweetIM
HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
HKLM\software\classes\ComObject.DeskbarEnabler
HKLM\software\classes\ComObject.DeskbarEnabler.1
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM\software\classes\URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\GamesBarSetup
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC11F05E-A65C-4bdd-8429-8362BC4433FD}
HKLM\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\FBSSA
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\software\SweetIM
HKLM\software\Trymedia Systems
.
============== Scan additionnel ==============
.
.
* Internet Explorer Version 7.0.6001.18000 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
11913 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
1896 Fichier(s) - C:\Users\avril\AppData\Local\Temp
149 Fichier(s) - C:\Windows\Temp
13 Fichier(s) - C:\Windows\Prefetch
.
19 Fichier(s) - C:\Ad-Remover\BACKUP
281 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 22:31:55 | 28/01/2010 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 16 / 36
Utilisateur anonyme
 
hello

▶ Télécharge FindyKill sur ton bureau :

http://pagesperso-orange.fr/NosTools/Chiquitine29/Setup.exe

! Déconnecte toi et ferme toutes applications en cours !

▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 17 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
Salut,

Voici le rapport :


############################## | FindyKill V5.028 |

# User : avril (Administrateurs) # GAELLEETYANN
# Update on 26/01/2010 by El Desaparecido
# Start at: 13:09:01 | 29/01/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Celeron(R) CPU 900 @ 2.20GHz
# Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 223,02 Go (158,53 Go free) # NTFS
# D:\ # Disque fixe local # 9,86 Go (1,73 Go free) [RECOVERY] # NTFS
# E:\ # Disque CD-ROM

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TAGMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
c:\program files\aol\aol toolbar 5.0\AolTbServer.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe

################## | C: |


################## | C:\Windows |


################## | C:\Windows\Prefetch |


################## | C:\Windows\system32 |


################## | C:\Windows\system32\drivers |


################## | C:\Users\avril\AppData\Roaming |


################## | Zip File ... |


################## | Temporary Internet Files |


################## | Registre |


################## | Etat |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# (!) Uac = 0x0

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | ! Fin du rapport # FindyKill V5.028 ! |
0
Réponse 18 / 36
Utilisateur anonyme
 
########### [ Option 2 ( Suppression ) ]



▶ Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .

▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

▶ Relance "FindyKill" (clic droit "en tant qu'administrateur" pour Vista): au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]

▶ Le pc va redémarrer automatiquement ...

▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !

▶ Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
0
Réponse 19 / 36
simplementmoidu59 Messages postés 21 Statut Membre
 
############################## | FindyKill V5.028 |

# User : avril (Administrateurs) # GAELLEETYANN
# Update on 26/01/2010 by El Desaparecido
# Start at: 13:28:51 | 29/01/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Celeron(R) CPU 900 @ 2.20GHz
# Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 223,02 Go (159,03 Go free) # NTFS
# D:\ # Disque fixe local # 9,86 Go (1,73 Go free) [RECOVERY] # NTFS
# E:\ # Disque CD-ROM

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\runonce.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## | C: |


################## | C:\Windows |


################## | C:\Windows\Prefetch |

Supprimé ! C:\Windows\Prefetch\WINUPGRO.EXE-3A2FD0C8.pf

################## | C:\Windows\system32 |


################## | C:\Windows\system32\drivers |


################## | C:\Users\avril\AppData\Roaming |


################## | Autres suppressions ... |


################## | Zip File ... |

################## | Temporary Internet Files |

Supprimé ! C:\Users\avril\AppData\Roaming\Microsoft\Windows\Cookies\Low\avril@crack[1].txt

################## | Registre |


################## | Etat |

# Mode sans echec : OK


# Affichage des fichiers cachés : OK

# Uac : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | PEH |


################## | ! Fin du rapport # FindyKill V5.028 ! |
0
Réponse 20 / 36
Utilisateur anonyme
 
ok refais ce demandé au post 10 stp
0

Discussions similaires

A quoi sert ETDctrl ? Peut-on le supprimer ?
Siempre2407 -
Siempre2407 -

2 réponses
SecurityHealth est a désactiver ou pas au démarrage de W10 Pro 64 ?
Walti55 -
Walti55 -

2 réponses
Security boot fail lors du démarrage
Steu -
Thiecoss -

5 réponses
Analyse de l'appli "AI SECURITY"
cl06 -
CCMBot -

1 réponse
ETD Control Helper dans System32 - Dois-je le supprimer ?
Miaou -
MisteryBean -

10 réponses