Security center aidez-moi svp

simplementmoidu59 Messages postés 21 Statut Membre -  
 gen-hackman -
Bonjour,

Voilà je n'arrive pas à desinstaller "security center". Mon pc rame avec ça, les icones de mon bureau ont disparu, je n'arrive plus à me connecter à msn... Là je suis en mode sans echec avec prise en charge de réseau parce que sinon rien ne va. J'ai vu qu'il fallait telecharger rsit, ce que j'ai fait. Voilà le rapport :

Logfile of random's system information tool 1.06 (written by random/random)
Run by avril at 2010-01-27 21:33:42
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 164 GB (72%) free of 228 GB
Total RAM: 3002 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:06, on 27/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\avril\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VLDCSHE\RSIT[1].exe
C:\Program Files\trend micro\avril.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: SearchHelper Class - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: &Security Update - {A00A96F3-913E-4814-92DE-8CF82CD7CAB9} - C:\Windows\System32\win32extension.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [TagMonitor] "C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Service Google Update (gupdate1ca318883b0e6aa) (gupdate1ca318883b0e6aa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe

--
End of file - 10750 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\PersonalSec.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-25 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
BrowserHelper Class - C:\Program Files\SGPSA\SearchAssistant.dll [2009-10-15 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A00A96F3-913E-4814-92DE-8CF82CD7CAB9}]
&Security Update - C:\Windows\System32\win32extension.dll [2010-01-26 631296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-15 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-25 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
Search Assistant - C:\Program Files\SGPSA\BHO.dll [2009-11-10 292864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
Fast Browser Search Toolbar Helper - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Fast Browser Search Toolbar - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-15 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-10-28 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-10-28 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-10-28 154136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-12-04 1410344]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-01-20 483420]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-09-23 468264]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-12-24 210216]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-10-10 206128]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-10-30 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-25 136600]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-12-08 432432]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-10-20 111928]
"FBSSA"=C:\Program Files\SGPSA\ie3sh.exe [2009-11-19 65344]
"TagMonitor"=C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe [2008-07-14 886088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2008-11-18 966656]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-09 39408]
"CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-21 192000]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-21 49664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-10-28 221184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2009-09-09 51656]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoClose"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-01-27 21:19:14 ----D---- C:\rsit
2010-01-27 21:19:14 ----D---- C:\Program Files\trend micro
2010-01-27 20:08:04 ----A---- C:\Windows\ntbtlog.txt
2010-01-26 23:49:39 ----D---- C:\Program Files\Common Files\PersonalSecUninstall
2010-01-26 23:47:45 ----A---- C:\Windows\system32\win32extension.dll
2010-01-26 23:47:42 ----D---- C:\Program Files\PersonalSec
2010-01-25 18:34:55 ----D---- C:\games
2010-01-24 20:18:44 ----D---- C:\Program Files\AVIConverter
2010-01-22 12:21:30 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 12:21:29 ----A---- C:\Windows\system32\occache.dll
2010-01-22 12:21:28 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 12:21:28 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 12:21:28 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 12:21:27 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-22 12:21:26 ----A---- C:\Windows\system32\mstime.dll
2010-01-22 12:21:26 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-22 12:21:26 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-22 12:21:26 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-22 12:21:26 ----A---- C:\Windows\system32\iertutil.dll
2010-01-22 12:21:26 ----A---- C:\Windows\system32\iepeers.dll
2010-01-22 12:21:26 ----A---- C:\Windows\system32\ieencode.dll
2010-01-22 12:21:26 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-22 12:21:26 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-16 23:20:05 ----D---- C:\ProgramData\Trymedia
2010-01-15 20:38:49 ----D---- C:\ProgramData\eMule
2010-01-15 20:30:27 ----D---- C:\GameHouse Games
2010-01-15 20:30:06 ----D---- C:\Program Files\RealArcade
2010-01-14 00:53:09 ----D---- C:\ProgramData\Artist Colony
2010-01-13 19:29:19 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 19:29:19 ----A---- C:\Windows\system32\fontsub.dll
2010-01-12 20:11:03 ----D---- C:\ProgramData\Jugilus
2010-01-11 23:31:03 ----D---- C:\Users\avril\AppData\Roaming\Flood Light Games
2010-01-11 23:31:03 ----D---- C:\ProgramData\Flood Light Games
2010-01-11 23:16:34 ----D---- C:\Program Files\James Patterson's Women's Murder Club - Twice in a Blue Moon
2010-01-09 01:03:19 ----D---- C:\Users\avril\AppData\Roaming\GraveyardShift
2010-01-05 00:11:42 ----D---- C:\ProgramData\McAfee
2010-01-03 00:11:42 ----D---- C:\ProgramData\McAfee Security Scan
2010-01-03 00:11:41 ----D---- C:\Program Files\McAfee Security Scan
2010-01-02 22:46:18 ----D---- C:\Users\avril\AppData\Roaming\TikisLab
2009-12-31 23:53:53 ----D---- C:\Users\avril\AppData\Roaming\Gogii
2009-12-30 21:20:03 ----D---- C:\Users\avril\AppData\Roaming\GameHousev1002
2009-12-29 00:24:59 ----D---- C:\Users\avril\AppData\Roaming\Dekovir

======List of files/folders modified in the last 1 months======

2010-01-27 21:31:25 ----A---- C:\ProgramData\HPWALog.txt
2010-01-27 21:30:42 ----D---- C:\Windows\Temp
2010-01-27 21:25:01 ----HD---- C:\ProgramData
2010-01-27 21:24:59 ----A---- C:\ProgramData\hpqp.ini
2010-01-27 21:19:14 ----D---- C:\Program Files
2010-01-27 21:17:57 ----D---- C:\Windows\System32
2010-01-27 21:17:57 ----D---- C:\Windows\inf
2010-01-27 21:17:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-27 21:12:52 ----D---- C:\Windows\system32\catroot2
2010-01-27 20:27:00 ----SD---- C:\Users\avril\AppData\Roaming\Microsoft
2010-01-27 20:08:04 ----D---- C:\Windows
2010-01-27 20:06:47 ----D---- C:\Windows\Prefetch
2010-01-27 13:42:49 ----D---- C:\Program Files\BoontyGames
2010-01-27 13:39:06 ----SHD---- C:\System Volume Information
2010-01-27 13:35:56 ----D---- C:\ProgramData\WildTangent
2010-01-27 13:34:06 ----SHD---- C:\Windows\Installer
2010-01-27 13:33:59 ----D---- C:\Program Files\Common Files
2010-01-27 13:29:57 ----D---- C:\Windows\system32\Tasks
2010-01-27 13:29:07 ----D---- C:\Program Files\Mindscape
2010-01-27 13:28:16 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-26 23:49:39 ----D---- C:\Windows\Tasks
2010-01-26 12:40:45 ----D---- C:\ProgramData\Microsoft Help
2010-01-26 12:40:43 ----RSD---- C:\Windows\assembly
2010-01-26 12:39:50 ----RSD---- C:\Windows\Fonts
2010-01-26 12:39:48 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-25 20:05:21 ----D---- C:\Program Files\SMINST
2010-01-25 15:39:31 ----D---- C:\Users\avril\AppData\Roaming\Zylom
2010-01-25 15:39:31 ----D---- C:\Users\avril\AppData\Roaming\Identities
2010-01-25 00:39:13 ----AD---- C:\ProgramData\Temp
2010-01-24 02:24:35 ----D---- C:\Program Files\Internet Explorer
2010-01-23 23:02:04 ----D---- C:\Windows\winsxs
2010-01-22 12:19:16 ----D---- C:\Windows\system32\catroot
2010-01-22 12:11:40 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-19 22:52:42 ----D---- C:\Program Files\Search Guard PlusU
2010-01-19 22:52:38 ----D---- C:\Program Files\Search Guard Plus
2010-01-16 23:20:13 ----D---- C:\Users\avril\AppData\Roaming\PlayFirst
2010-01-16 23:20:13 ----D---- C:\ProgramData\PlayFirst
2010-01-16 22:39:17 ----D---- C:\Program Files\Google
2010-01-14 12:27:37 ----D---- C:\Program Files\Windows Mail
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-06 12:01:32 ----SD---- C:\Windows\Downloaded Program Files
2010-01-02 00:06:46 ----D---- C:\Users\avril\AppData\Roaming\EleFun Games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-12-19 1093120]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-12-23 138240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-12-04 204976]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
S1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
S1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-11-09 28520]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-12-24 5632]
S2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
S3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2009-02-25 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 FlyUsb;FLY Fusion; C:\Windows\system32\DRIVERS\FlyUsb.sys [2008-07-14 19456]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-10-28 2476544]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-01-20 394240]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe [2009-01-20 81920]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-11-09 108289]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-11-09 185089]
S2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate1ca318883b0e6aa;Service Google Update (gupdate1ca318883b0e6aa); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-09 133104]
S2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
S2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-12-23 365952]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-11-26 247152]
S2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe [2009-01-20 249938]
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe []
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-16 182768]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Si vous pouvez m'aider je vous en remercie d'avance parce que là je ne sais plus quoi faire.
Configuration: Windows Vista Internet Explorer 7.0

36 réponses

  • 1
  • 2
  1. gen-hackman
     
    salut :

    Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)

    ▶ Télécharge List&Kill'em et enregistre le sur ton bureau

    ▶ Branche clés usb , disques durs externes , mp3 , mp4 , etc..

    double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

    coche la case "creer une icone sur le bureau"

    une fois terminée , clic sur "terminer" et le programme se lancera seul

    choisis la langue puis choisis l'option 1 = Mode Recherche

    ▶ laisse travailler l'outil

    à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

    un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

    ▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

    tu peux supprimer le rapport catchme.log de ton bureau maintenant.

    0
  2. simplementmoidu59 Messages postés 21 Statut Membre
     
    Voici le rapport :

    List'em by g3n-h@ckm@n 1.2.1.1
    User : avril (Administrateurs)
    Update on 23/01/2010 by g3n-h@ckm@n ::::: 13:50
    Start at: 22:06:57 | 27/01/2010
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Celeron(R) CPU 900 @ 2.20GHz
    Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
    Internet Explorer 7.0.6001.18000
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local | 223,02 Go (160,34 Go free) | NTFS
    D:\ -> Disque fixe local | 9,86 Go (1,73 Go free) [RECOVERY] | NTFS
    E:\ -> Disque CD-ROM

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\List_Kill'em\List_Kill'em.exe
    C:\Windows\system32\cmd.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\avril\AppData\Local\Temp\1860.tmp\pv.exe

    ======================
    Keys "Run"
    ======================
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    LightScribe Control Panel REG_SZ C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    HPAdvisor REG_SZ C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
    swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    CollaborationHost REG_SZ C:\Windows\system32\p2phost.exe -s
    Speech Recognition REG_SZ "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    IgfxTray REG_SZ C:\Windows\system32\igfxtray.exe
    HotKeysCmds REG_SZ C:\Windows\system32\hkcmd.exe
    Persistence REG_SZ C:\Windows\system32\igfxpers.exe
    SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    SysTrayApp REG_EXPAND_SZ %ProgramFiles%\IDT\WDM\sttray.exe
    QPService REG_SZ "C:\Program Files\HP\QuickPlay\QPService.exe"
    UpdateLBPShortCut REG_SZ "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    UpdatePSTShortCut REG_SZ "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    UCam_Menu REG_SZ "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
    Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    QlbCtrl.exe REG_SZ C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    UpdateP2GoShortCut REG_SZ "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    UpdatePDIRShortCut REG_SZ "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
    HP Health Check Scheduler REG_SZ c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    HP Software Update REG_SZ C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    WirelessAssistant REG_SZ C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    SweetIM REG_SZ C:\Program Files\SweetIM\Messenger\SweetIM.exe
    FBSSA REG_SZ C:\Program Files\SGPSA\ie3sh.exe
    TagMonitor REG_SZ "C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

    =====================
    Other Keys
    =====================
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    ConsentPromptBehaviorAdmin REG_DWORD 2 (0x2)
    ConsentPromptBehaviorUser REG_DWORD 1 (0x1)
    EnableInstallerDetection REG_DWORD 1 (0x1)
    EnableLUA REG_DWORD 1 (0x1)
    EnableSecureUIAPaths REG_DWORD 1 (0x1)
    EnableVirtualization REG_DWORD 1 (0x1)
    PromptOnSecureDesktop REG_DWORD 1 (0x1)
    ValidateAdminCodeSignatures REG_DWORD 0 (0x0)
    dontdisplaylastusername REG_DWORD 0 (0x0)
    legalnoticecaption REG_SZ
    legalnoticetext REG_SZ
    scforceoption REG_DWORD 0 (0x0)
    shutdownwithoutlogon REG_DWORD 1 (0x1)
    undockwithoutlogon REG_DWORD 1 (0x1)
    FilterAdministratorToken REG_DWORD 0 (0x0)
    EnableUIADesktopToggle REG_DWORD 0 (0x0)
    HideFastUserSwitching REG_DWORD 0 (0x0)

    ===============
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    NoLogoff REG_DWORD 0 (0x0)
    NoClose REG_DWORD 0 (0x0)

    ===============
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    ===============
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    AppInit_DLLS REG_SZ

    ===============
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]

    ===============
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    {E54729E8-BB3D-4270-9D49-7389EA579090} REG_SZ EasyBits Security Shield Hook - prevents launching insecure programs by kids

    ===============
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ===============
    ActivX controls
    ===============
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E77F23EB-E7AB-4502-8F37-247DBAF1A147}

    ===============
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8C109B9C-C4EB-8F0E-6290-42E98D593ABB}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11CF-96B8-444553540000}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}

    ==============
    BHO :
    ======
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{A00A96F3-913E-4814-92DE-8CF82CD7CAB9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

    ================
    Internet Explorer :
    ================
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    Start Page REG_SZ https://home.sweetim.com/

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    Start Page REG_SZ https://www.google.fr/?gws_rd=ssl

    ========
    Services
    ========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

    Ndisuio : 0x3
    EapHost : 0x3
    Wlansvc : 0x2
    SharedAccess : 0x4
    windefend : 0x2
    wuauserv : 0x2
    wscsvc : 0x2

    =========
    Atapi.sys
    =========

    %%%% HASHDEEP-1.0
    %%%% size,md5,sha256,filename
    ## Invoked from: C:\Users\avril\AppData\Local\Temp\1860.tmp
    ## C:\> hashdeep C:\Windows\System32\Drivers\atapi.sys
    ##
    21560,9c0e70031905adbf94edb9ea14af943b,88e4a250c22e919decedf1d59566265c473cdfac97440f25a6d05e6200223194,C:\Windows\System32\Drivers\atapi.sys

    Sources
    =======

    C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
    C:\Windows\System32\drivers\atapi.sys
    C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
    C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
    C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
    C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
    C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys
    C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
    C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys

    Référence :
    ==========

    Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
    Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
    Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
    Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
    Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
    Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
    Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C

    =======
    Drive :
    =======

    D‚fragmenteur de disque Windows
    Copyright (c) 2006 Microsoft Corp.

    Rapport d'analyse pour le volume C:

    Taille du volume = 223 Go
    Espace libre = 160 Go
    tendue d'espace libre la plus grande = 65.94 Go
    Pourcentage de fragmentation des fichiers = 8 %

    Remarqueÿ: sur les volumes NTFS, les fragments de fichiers de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.

    Il n'est pas n‚cessaire de d‚fragmenter ce volume.

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    Present !! : C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    Present !! : C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    Present !! : C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    Present !! : C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    Present !! : C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    Present !! : C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    Present !! : C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    Present !! : C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    Present !! : C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
    Present !! : C:\ProgramData\Trymedia
    Present !! : C:\Program Files\Common Files\PersonalSecUninstall
    Present !! : C:\Program Files\Fast Browser Search
    Present !! : C:\Program Files\GamesBar
    Present !! : C:\Program Files\PersonalSec
    Present !! : C:\Program Files\Search Guard PlusU
    Present !! : C:\Program Files\SGPSA
    Present !! : C:\Windows\System32\EZUPBH~1.DLL
    Present !! : C:\Windows\system32\win32extension.dll
    Present !! : C:\Windows\Tasks\PersonalSec.job
    Present !! : C:\Users\avril\Local Settings\Temp\tdm.log
    Present !! : C:\Users\avril\LOCAL Settings\Temp\73BAB2C7-2256-478C-A2F3-CEC110A1884C.exe
    Present !! : C:\Users\avril\LOCAL Settings\Temp\8BD54F3E-DD19-4a69-93D8-5C6A5BBBE20E.exe
    Present !! : C:\Users\avril\LOCAL Settings\Temp\bfguni.exe
    Present !! : C:\Users\avril\LOCAL Settings\Temp\HPQSi.exe
    Present !! : C:\Users\avril\LOCAL Settings\Temp\Installation Silverlight.exe
    Present !! : C:\Users\avril\LOCAL Settings\Temp\jre-6u15-windows-i586-iftw.exe
    Present !! : C:\Users\avril\LOCAL Settings\Temp\SearchWithGoogleUpdate.exe
    Present !! : C:\Users\avril\LOCAL Settings\Temp\Uninstall.exe

    ¤¤¤¤¤¤¤¤¤¤ Keys :

    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SweetIM
    Present !! : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Present !! : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose
    Present !! : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogoff
    Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
    Present !! : "HKCU\software\microsoft\internet explorer\searchscopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}"
    Present !! : "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
    Present !! : "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
    Present !! : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
    Present !! : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
    Present !! : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}"
    Present !! : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}"
    Present !! : "HKLM\Software\Trymedia Systems"
    Present !! : HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    Present !! : HKCR\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    Present !! : HKCR\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0}
    Present !! : HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Present !! : HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Present !! : HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Present !! : HKCR\ezUPBHook.ShellObj
    Present !! : HKCR\ezUPBHook.ShellObj.1
    Present !! : HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
    Present !! : HKCR\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
    Present !! : HKCR\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}
    Present !! : HKCR\interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Present !! : HKCR\interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Present !! : HKCR\interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Present !! : HKCR\MediaPlayer.GraphicsUtils
    Present !! : HKCR\MediaPlayer.GraphicsUtils.1
    Present !! : HKCR\MgMediaPlayer.GifAnimator
    Present !! : HKCR\MgMediaPlayer.GifAnimator.1
    Present !! : HKCR\SWEETIE.IEToolbar
    Present !! : HKCR\SWEETIE.IEToolbar.1
    Present !! : HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook
    Present !! : HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
    Present !! : HKCR\Toolbar3.SWEETIE
    Present !! : HKCR\Toolbar3.SWEETIE.1
    Present !! : HKCR\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d}
    Present !! : HKCR\TypeLib\{478CAB91-9E28-11D4-97FF-0050047D51FB}
    Present !! : HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    Present !! : HKCR\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    Present !! : HKCR\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Present !! : HKCR\urlsearchhook.toolbarurlsearchhook
    Present !! : HKCR\urlsearchhook.toolbarurlsearchhook.1
    Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Present !! : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Present !! : HKCU\Software\SweetIM
    Present !! : HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    Present !! : HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    Present !! : HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Present !! : HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Present !! : HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Present !! : HKLM\Software\Classes\Interface\{01009AEC-AFAA-4982-9F2B-6411C5C27E77}
    Present !! : HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    Present !! : HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Present !! : HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Present !! : HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Present !! : HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
    Present !! : HKLM\Software\Classes\MediaPlayer.GraphicsUtils
    Present !! : HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1
    Present !! : HKLM\Software\Classes\MgMediaPlayer.GifAnimator
    Present !! : HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
    Present !! : HKLM\Software\Classes\SWEETIE.IEToolbar
    Present !! : HKLM\Software\Classes\SWEETIE.IEToolbar.1
    Present !! : HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
    Present !! : HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
    Present !! : HKLM\Software\Classes\Toolbar3.SWEETIE
    Present !! : HKLM\Software\Classes\Toolbar3.SWEETIE.1
    Present !! : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    Present !! : HKLM\Software\Classes\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    Present !! : HKLM\Software\Classes\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Present !! : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
    Present !! : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
    Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    Present !! : HKLM\SOFTWARE\SweetIM
    Present !! : HKLM\System\CurrentControlSet\Servises

    ============

    catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-01-27 22:14:04
    Windows 6.0.6001 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    user & kernel MBR OK

    ==========
    Programs
    ==========

    Activation Assistant for the 2007 Microsoft Office suites
    Adobe
    AOL
    Atheros
    AVIConverter
    Avira
    BoontyGames
    Common Files
    CyberLink
    desktop.ini
    DIFX
    EasyBits For Kids
    Fast Browser Search
    Fichiers communs
    GamesBar
    Google
    Hewlett-Packard
    Hewlett-Packard Company
    HP
    IDT
    InstallShield Installation Information
    Intel
    Internet Explorer
    James Patterson's Women's Murder Club - Twice in a Blue Moon
    Java
    LeapFrog
    List_Kill'em
    McAfee Security Scan
    Microsoft
    Microsoft Games
    Microsoft Office
    Microsoft Silverlight
    Microsoft SQL Server Compact Edition
    Microsoft Works
    Microsoft.NET
    Mindscape
    Movie Maker
    MSBuild
    MSXML 4.0
    Oberon Media
    Online Services
    orange
    PersonalSec
    QuickTime
    RealArcade
    Realtek
    Reference Assemblies
    Samsung
    Search Guard Plus
    Search Guard PlusU
    SGPSA
    SMINST
    SweetIM
    Synaptics
    trend micro
    Uninstall Information
    Windows Calendar
    Windows Collaboration
    Windows Defender
    Windows Live
    Windows Live SkyDrive
    Windows Mail
    Windows Media Player
    Windows NT
    Windows Photo Gallery
    Windows Sidebar

    ============
    Drive C:
    ============

    $RECYCLE.BIN
    autoexec.bat
    Boonty
    boot
    bootmgr
    config.sys
    conmgr.log
    Documents and Settings
    GameHouse Games
    games
    gen5
    HP
    Kill'em
    List'em.txt
    logfile.dat
    MSOCache
    pagefile.sys
    PerfLogs
    Program Files
    ProgramData
    rsit
    SwSetup
    System Volume Information
    System.sav
    Users
    Windows

    ¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m14s\Patch-09-11-2009-09h51m14s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m14s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m17s\Patch-09-11-2009-09h51m17s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m17s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m20s\Patch-09-11-2009-09h51m20s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m20s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m23s\Patch-09-11-2009-09h51m23s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m23s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m26s\Patch-09-11-2009-09h51m26s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m26s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m29s\Patch-09-11-2009-09h51m29s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m29s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m31s\Patch-09-11-2009-09h51m31s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m31s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m34s\Patch-09-11-2009-09h51m34s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m34s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m37s\Patch-09-11-2009-09h51m37s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m37s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m39s\Patch-09-11-2009-09h51m39s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m39s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m42s\Patch-09-11-2009-09h51m42s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m42s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m44s\Patch-09-11-2009-09h51m44s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m44s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m48s\Patch-09-11-2009-09h51m48s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m48s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m50s\Patch-09-11-2009-09h51m50s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m50s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m52s\Patch-09-11-2009-09h51m52s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m52s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m55s\Patch-09-11-2009-09h51m55s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m55s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m57s\Patch-09-11-2009-09h51m57s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h51m57s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m00s\Patch-09-11-2009-09h52m00s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m00s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m02s\Patch-09-11-2009-09h52m02s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m02s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m05s\Patch-09-11-2009-09h52m05s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m05s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m07s\Patch-09-11-2009-09h52m07s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m07s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m10s\Patch-09-11-2009-09h52m10s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-09h52m10s\Patch.1.mft.7z
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-10h02m00s\Patch-09-11-2009-10h02m00s.log
    C:\ProgramData\NortonInstaller\Logs\09-11-2009-10h02m00s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m14s\Patch-09-11-2009-09h51m14s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m14s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m17s\Patch-09-11-2009-09h51m17s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m17s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m20s\Patch-09-11-2009-09h51m20s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m20s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m23s\Patch-09-11-2009-09h51m23s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m23s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m26s\Patch-09-11-2009-09h51m26s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m26s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m29s\Patch-09-11-2009-09h51m29s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m29s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m31s\Patch-09-11-2009-09h51m31s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m31s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m34s\Patch-09-11-2009-09h51m34s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m34s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m37s\Patch-09-11-2009-09h51m37s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m37s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m39s\Patch-09-11-2009-09h51m39s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m39s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m42s\Patch-09-11-2009-09h51m42s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m42s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m44s\Patch-09-11-2009-09h51m44s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m44s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m48s\Patch-09-11-2009-09h51m48s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m48s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m50s\Patch-09-11-2009-09h51m50s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m50s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m52s\Patch-09-11-2009-09h51m52s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m52s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m55s\Patch-09-11-2009-09h51m55s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m55s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m57s\Patch-09-11-2009-09h51m57s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h51m57s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m00s\Patch-09-11-2009-09h52m00s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m00s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m02s\Patch-09-11-2009-09h52m02s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m02s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m05s\Patch-09-11-2009-09h52m05s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m05s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m07s\Patch-09-11-2009-09h52m07s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m07s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m10s\Patch-09-11-2009-09h52m10s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-09h52m10s\Patch.1.mft.7z
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-10h02m00s\Patch-09-11-2009-10h02m00s.log
    C:\Users\All Users\NortonInstaller\Logs\09-11-2009-10h02m00s\Patch.1.mft.7z
    C:\Program Files\Microsoft Works\Install.exe
    C:\SwSetup\MSWorks\Install.exe
    C:\SwSetup\MSWorks\PFiles\MSWorks\Install.exe
    C:\Windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  3. gen-hackman
     
    ▶ Relance List&Kill'em(soit en clic droit pour vista),avec le raccourci sur ton bureau.
    mais cette fois-ci :

    ▶ choisis l'option 2 = Mode Suppression

    laisse travailler l'outil.

    en fin de scan un rapport s'ouvre

    ▶ colle le contenu dans ta reponse
    0
  4. simplementmoidu59 Messages postés 21 Statut Membre
     
    Kill'em by g3n-h@ckm@n 1.2.1.1

    User : avril (Administrateurs)
    Update on 23/01/2010 by g3n-h@ckm@n ::::: 13:50
    Start at: 22:41:48 | 27/01/2010
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Celeron(R) CPU 900 @ 2.20GHz
    Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
    Internet Explorer 7.0.6001.18000
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local | 223,02 Go (160,39 Go free) | NTFS
    D:\ -> Disque fixe local | 9,86 Go (1,73 Go free) [RECOVERY] | NTFS
    E:\ -> Disque CD-ROM

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\List_Kill'em\List_Kill'em.exe
    C:\Windows\system32\cmd.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\avril\AppData\Local\Temp\C236.tmp\ERUNT.EXE
    C:\Users\avril\AppData\Local\Temp\C236.tmp\pv.exe

    Detections :
    ==========

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    Quarantined & Deleted !! : C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    Quarantined & Deleted !! : C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    Quarantined & Deleted !! : C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    Quarantined & Deleted !! : C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    Quarantined & Deleted !! : C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    Quarantined & Deleted !! : C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    Quarantined & Deleted !! : C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    Quarantined & Deleted !! : C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    Quarantined & Deleted !! : C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
    Quarantined & Deleted !! : C:\ProgramData\Trymedia
    Quarantined & Deleted !! : C:\Program Files\Common Files\PersonalSecUninstall
    Quarantined & Deleted !! : C:\Program Files\Fast Browser Search
    Quarantined & Deleted !! : C:\Program Files\GamesBar
    Quarantined & Deleted !! : C:\Program Files\PersonalSec
    Quarantined & Deleted !! : C:\Program Files\Search Guard PlusU
    Quarantined & Deleted !! : C:\Program Files\SGPSA

    Quarantined & Deleted !! : C:\Windows\SYSTEM32\EZUPBH~1.DLL
    Quarantined & Deleted !! : C:\Windows\system32\win32extension.dll
    Quarantined & Deleted !! : C:\Windows\Tasks\PersonalSec.job
    Quarantined & Deleted !! : C:\Users\avril\Local Settings\Temp\tdm.log
    Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\73BAB2C7-2256-478C-A2F3-CEC110A1884C.exe
    Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\8BD54F3E-DD19-4a69-93D8-5C6A5BBBE20E.exe
    Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\bfguni.exe
    Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\HPQSi.exe
    Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\Installation Silverlight.exe
    Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\jre-6u15-windows-i586-iftw.exe
    Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\SearchWithGoogleUpdate.exe
    Quarantined & Deleted !! : C:\Users\avril\LOCAL Settings\Temp\Uninstall.exe

    ==============
    host file OK !
    ==============

    ========
    Registry
    ========
    Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr

    ============
    Disk Cleaned
    ============

    ================
    Prefetch cleaned
    ================

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. simplementmoidu59 Messages postés 21 Statut Membre
     
    Et je fais quoi maintenant ?
    0
  7. simplementmoidu59 Messages postés 21 Statut Membre
     
    Désolée si j'insiste mais c'est fini ? Pensez-vous que je peux redemarrer normalement maintenant ? Merci de vos reponses.
    0
  8. simplementmoidu59 Messages postés 21 Statut Membre
     
    Bon j'ai redemarrer normalement et tout semble etre revenu dans l'ordre.

    Merci beaucoup pour votre aide.

    Gaëlle
    0
  9. gen-hackman
     
    hello desole

    tu l as lancé en tant qu'administrateur l option suppression ? tu l as lancé deux fois ?
    0
  10. simplementmoidu59 Messages postés 21 Statut Membre
     
    Salut,

    Je ne sais pas. J'ai fait comme vous avez dit. Pourquoi ? ya un probleme ?
    0
  11. gen-hackman
     
    i manque un affichage de suppression de clés...

    Télécharge OTL de OLDTimer

    enregistre le sur ton Bureau.

    ▶ Double clic ( pour vista / 7 => clic droit "executer en tant qu'administrateur") sur OTL.exe pour le lancer.

    ▶ Coche les 2 cases Lop et Purity

    ▶ Coche la case devant scan all users

    ▶ règle-le sur "60 Days"

    ▶ dans la colonne de gauche , mets tout sur all

    ne modifie pas ceci :

    "files created whithin" et "files modified whithin"


    ▶Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    ▶▶▶ NE LE POSTE PAS SUR LE FORUM

    Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

    ▶ Clique sur Parcourir et cherche le fichier ci-dessus.

    ▶ Clique sur Ouvrir.

    ▶ Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

    est ajouté dans la page.

    ▶ Copie ce lien dans ta réponse.

    ▶▶ Tu feras la meme chose avec le "Extra.txt".
    0
  12. simplementmoidu59 Messages postés 21 Statut Membre
     
    Oui mais j'y arrive pas à telecharger le truc : ya un message "OTL cannot be run from a temporary folder!

    Please dowload it to your Desktop or other suitable location."
    0
  13. gen-hackman
     
    y a ecrit "enregistre-le sur ton bureau" !!!
    0
  14. simplementmoidu59 Messages postés 21 Statut Membre
     
    http://www.cijoint.fr/cjlink.php?file=cj201001/cijg7YhG0L.txt

    http://www.cijoint.fr/cjlink.php?file=cj201001/cijK9O3XmU.txt

    Voilà. Désolée pour tout-à-l'heure, j'avais cliqué. J'espère ne pas m'être trompée cette fois-ci parce que j'ai pas trouvé les documents dans document and setting... C'est pour ça que ça été long.
    0
  15. gen-hackman
     
    ▶ Désactivez le contrôle des comptes utilisateurs avant utilisation de cet outil:

    ▶ Allez dans "Démarrer" puis Panneau de configuration.
    ▶ Double Cliquez sur l'icône Comptes d'utilisateurs et sur "Activer ou désactiver le contrôle des comptes d'utilisateurs".
    ▶ Décochez la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
    ▶ Validez par OK et redémarrez .

    ensuite

    ▶ Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    ▶ Déconnecte toi et ferme toutes applications en cours !

    ▶ clic droit sur "Ad-R.exe" en tant qu'administrateur pour lancer l'installation et laisse les paramètres d'installation par défaut .

    ▶ clic droit sur le raccourci Ad-remover en tant qu'administrateur qui est sur ton bureau pour lancer l'outil .

    ▶ Au menu principal choisis l'option "L" et tape sur [entrée] .

    ▶ Laisse travailler l'outil et ne touche à rien ...

    ▶ Poste le rapport qui apparait à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    ▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    0
  16. simplementmoidu59 Messages postés 21 Statut Membre
     
    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 28.01.2010 à 18:26
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 22:27:43, 28/01/2010 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows Vista™ HomeBasic Service Pack 2 v6.0.6001
    Nom du PC: GAELLEETYANN | Utilisateur actuel: avril
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    C:\Users\Public\MyWebTattoo.exe
    C:\Program Files\Search Guard Plus - ... [b]ERREUR SUPPRESSION !![/b]
    C:\Program Files\SweetIM
    C:\Users\avril\AppData\LocalLow\SweetIM
    C:\ProgramData\SweetIM
    C:\Windows\Installer\295b6ae.msi
    C:\Windows\Installer\295b6ec.msi

    (!) -- Fichiers temporaires supprimés.

    .
    HKCU\software\FBSearch
    HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\Registry\User\S-1-5-21-3925734268-2236897331-3125560892-1000\Software\Sweetim
    HKCU\software\microsoft\internet explorer\searchscopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
    HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKCU\software\SGPUpdater
    HKCU\software\SweetIM
    HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    HKLM\Software\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
    HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    HKLM\software\classes\ComObject.DeskbarEnabler
    HKLM\software\classes\ComObject.DeskbarEnabler.1
    HKLM\software\classes\MediaPlayer.GraphicsUtils
    HKLM\software\classes\MediaPlayer.GraphicsUtils.1
    HKLM\software\classes\MgMediaPlayer.GifAnimator
    HKLM\software\classes\MgMediaPlayer.GifAnimator.1
    HKLM\software\classes\SWEETIE.IEToolbar
    HKLM\software\classes\SWEETIE.IEToolbar.1
    HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
    HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
    HKLM\software\classes\Toolbar3.SWEETIE
    HKLM\software\classes\Toolbar3.SWEETIE.1
    HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKLM\Software\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
    HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    HKLM\software\classes\URLSearchHook.ToolbarURLSearchHook
    HKLM\software\classes\URLSearchHook.ToolbarURLSearchHook.1
    HKLM\software\GamesBarSetup
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC11F05E-A65C-4bdd-8429-8362BC4433FD}
    HKLM\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\FBSSA
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
    HKLM\software\SweetIM
    HKLM\software\Trymedia Systems
    .
    ============== Scan additionnel ==============
    .
    .
    * Internet Explorer Version 7.0.6001.18000 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Do404Search: 01000000
    Local Page: C:\Windows\system32\blank.htm
    Show_ToolBar: yes
    Enable Browser Extensions: yes
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: %SystemRoot%\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    11913 Octet(s) - C:\Ad-Report-CLEAN[1].log
    .
    1896 Fichier(s) - C:\Users\avril\AppData\Local\Temp
    149 Fichier(s) - C:\Windows\Temp
    13 Fichier(s) - C:\Windows\Prefetch
    .
    19 Fichier(s) - C:\Ad-Remover\BACKUP
    281 Fichier(s) - C:\Ad-Remover\QUARANTINE
    .
    Fin à: 22:31:55 | 28/01/2010 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    0
  17. gen-hackman
     
    hello

    ▶ Télécharge FindyKill sur ton bureau :

    http://pagesperso-orange.fr/NosTools/Chiquitine29/Setup.exe

    ! Déconnecte toi et ferme toutes applications en cours !

    ▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

    ▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

    ▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    ▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

    ▶ Laisse travailler l'outil et ne touche à rien ...

    ▶ Poste le rapport qui apparait à la fin , sur le forum ...

    ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
    0
  18. simplementmoidu59 Messages postés 21 Statut Membre
     
    Salut,

    Voici le rapport :

    ############################## | FindyKill V5.028 |

    # User : avril (Administrateurs) # GAELLEETYANN
    # Update on 26/01/2010 by El Desaparecido
    # Start at: 13:09:01 | 29/01/2010
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # Intel(R) Celeron(R) CPU 900 @ 2.20GHz
    # Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
    # Internet Explorer 7.0.6001.18000
    # Windows Firewall Status : Enabled

    # C:\ # Disque fixe local # 223,02 Go (158,53 Go free) # NTFS
    # D:\ # Disque fixe local # 9,86 Go (1,73 Go free) [RECOVERY] # NTFS
    # E:\ # Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\SMINST\BLService.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TAGMonitor.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\System32\p2phost.exe
    C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    c:\program files\aol\aol toolbar 5.0\AolTbServer.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conime.exe

    ################## | C: |

    ################## | C:\Windows |

    ################## | C:\Windows\Prefetch |

    ################## | C:\Windows\system32 |

    ################## | C:\Windows\system32\drivers |

    ################## | C:\Users\avril\AppData\Roaming |

    ################## | Zip File ... |

    ################## | Temporary Internet Files |

    ################## | Registre |

    ################## | Etat |

    # Affichage des fichiers cachés : OK

    # Mode sans echec : OK

    # (!) Uac = 0x0

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
    # Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
    # (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
    # windefend -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | ! Fin du rapport # FindyKill V5.028 ! |
    0
  19. gen-hackman
     
    ########### [ Option 2 ( Suppression ) ]

    ▶ Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .

    ▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

    ▶ Relance "FindyKill" (clic droit "en tant qu'administrateur" pour Vista): au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    ▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]

    ▶ Le pc va redémarrer automatiquement ...

    ▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !

    ▶ Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

    ▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
    0
  20. simplementmoidu59 Messages postés 21 Statut Membre
     
    ############################## | FindyKill V5.028 |

    # User : avril (Administrateurs) # GAELLEETYANN
    # Update on 26/01/2010 by El Desaparecido
    # Start at: 13:28:51 | 29/01/2010
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # Intel(R) Celeron(R) CPU 900 @ 2.20GHz
    # Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
    # Internet Explorer 7.0.6001.18000
    # Windows Firewall Status : Enabled

    # C:\ # Disque fixe local # 223,02 Go (159,03 Go free) # NTFS
    # D:\ # Disque fixe local # 9,86 Go (1,73 Go free) [RECOVERY] # NTFS
    # E:\ # Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\LogonUI.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\userinit.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Windows\system32\runonce.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\SMINST\BLService.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ################## | C: |

    ################## | C:\Windows |

    ################## | C:\Windows\Prefetch |

    Supprimé ! C:\Windows\Prefetch\WINUPGRO.EXE-3A2FD0C8.pf

    ################## | C:\Windows\system32 |

    ################## | C:\Windows\system32\drivers |

    ################## | C:\Users\avril\AppData\Roaming |

    ################## | Autres suppressions ... |

    ################## | Zip File ... |

    ################## | Temporary Internet Files |

    Supprimé ! C:\Users\avril\AppData\Roaming\Microsoft\Windows\Cookies\Low\avril@crack[1].txt

    ################## | Registre |

    ################## | Etat |

    # Mode sans echec : OK

    # Affichage des fichiers cachés : OK

    # Uac : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
    # Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # windefend -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | PEH |

    ################## | ! Fin du rapport # FindyKill V5.028 ! |
    0
  21. gen-hackman
     
    ok refais ce demandé au post 10 stp
    0
  • 1
  • 2