Virus dans dossier wscsvc

Résolu
faung -  
fuang Messages postés 41 Statut Membre -
Bonjour,

J'ai un problème avec le dossier wscsvc. Chaque fois que je lance le scan avec spybot, il trouve toujours les meme problème avec ce dossier. Et quand je vais sur google, j'ai plein de page web avec des pub qui apparaissent.

Que dois je faire pour enlever ce problème ?

Merci

Fuang

39 réponses

  • 1
  • 2
Résumé de la discussion

Problème récurrent avec le dossier wscsvc et des détections répétées par Spybot, tandis que la navigation affiche des pages présentant des publicités, nécessitant une méthode de nettoyage efficace.
Des liens vers des rapports et outils de nettoyage ont été partagés, notamment Ad-Remover et ZHPDiag, accompagnés de rapports détaillant fichiers supprimés et modifications de registres du système.
Des essais avec ComboFix et des échanges de rapports montrent l'inclusion de marques d'infection et des éléments persistants dans le système, avec des paramètres Firefox et IE modifiés.
Par ailleurs, les rapports révèlent des composants et extensions détectés dans le navigateur et le système, comme des modules Foxit Reader, Web Printing et Dropbox.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. fuang
     
    Voici le lien http://pjjoint.malekal.com/files.php?id=65c2f8613e10815
    1
  2. fuang
     
    voici le lien
    http://pjjoint.malekal.com/files.php?id=65c2f8613e111110
    1
  3. fuang
     
    voici le lien pour ZHP

    http://pjjoint.malekal.com/files.php?id=1f669ff50151013

    En ce qui concerne le rapport d'ad remover, je n'arrive pas a mettre sur le forum.
    1
  4. fuang
     
    Je n'arrive plus à poster le rapport, il me dit "Titre du message non renseigné"
    1
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. fuang Messages postés 41 Statut Membre 14
     
    Merci.

    Voici le rapport

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 01/03/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [3]) -> Lancé à 14:11:24 le 24/03/2011, Mode normal

    Microsoft Windows 7 Édition Familiale Premium (X64)
    Fuang@FUANG-HP (Hewlett-Packard HP G72 Notebook PC)

    ============== ACTION(S) ==============

    (!) -- Fichiers temporaires supprimés.

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.15 (fr)] ****

    Plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
    HKLM_MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 (x)
    HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
    HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

    -- C:\Users\Fuang\AppData\Roaming\Mozilla\FireFox\Profiles\3svwot1t.default --
    Prefs.js - browser.download.lastDir, C:\\Users\\Fuang\\Downloads
    Prefs.js - browser.startup.homepage, hxxp://www.google.ch
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15
    Prefs.js - keyword.URL, hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=

    -- C:\Users\Savitty\AppData\Roaming\Mozilla\FireFox\Profiles\7a574qd3.default --
    Prefs.js - browser.startup.homepage, hxxp://www.google.ch/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{B922D405-6D13-4A2B-AE89-08A030DA4402} (x)
    HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
    HKCU_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
    HKLM_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
    HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (x)
    HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
    HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.)
    HKCU_ElevationPolicy\{849435DA-D57F-4755-8239-7F6A80660B3A} - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe (Foxit Software)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 110 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 24/03/2011 13:25:20 (12531 Octet(s))
    C:\Ad-Report-CLEAN[2].txt - 24/03/2011 13:35:07 (4034 Octet(s))
    C:\Ad-Report-CLEAN[3].txt - 24/03/2011 14:11:29 (3961 Octet(s))

    Fin à: 14:12:24, 24/03/2011

    ============== E.O.F ==============
    1
  7. fuang Messages postés 41 Statut Membre 14
     
    Merci beaucoup. C'est super de trouver quelqu'un comme toi.
    1
    1. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
       
      ok

      en attente du rapport zhpfix
      0
  8. fuang Messages postés 41 Statut Membre 14
     
    Voici le rapport

    Rapport de ZHPFix 1.12.3263 par Nicolas Coolman, Update du 22/03/2011
    Fichier d'export Registre :
    Run by Fuang at 24.03.2011 17:27:20
    Windows 7 Home Premium Edition, 64-bit (Build 7600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
    Contact : nicolascoolman@yahoo.fr

    ========== Clé(s) du Registre ==========
    O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe => Clé non supprimée
    HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings => Clé non supprimée
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\7A931B0A5D8E8E947AFB2124E1562280 => Clé non supprimée
    HKCU\Software\AppDataLow\Software\uTorrentBar => Clé absente
    O53 - SMSR:HKLM\...\startupreg\KUGHGZXAKT [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Users\Fuang\AppData\Local\Temp\Sk1.exe => Clé non supprimée

    ========== Valeur(s) du Registre ==========
    R3 - URLSearchHook: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} Clé orpheline => Valeur absente

    ========== Fichier(s) ==========
    c:\program files (x86)\common files\spigot\search settings\searchsettings.exe => Supprimé et mis en quarantaine
    c:\users\fuang\appdata\local\temp\sk1.exe => Supprimé et mis en quarantaine

    ========== Logiciel(s) ==========
    O42 - Logiciel: pdfforge Toolbar v4.3 - (.Spigot, Inc..) [HKLM][64Bits] -- {A0B139A7-E8D5-49E8-A7BF-12421E652208} => Logiciel déjà supprimé

    ========== Récapitulatif ==========
    5 : Clé(s) du Registre
    1 : Valeur(s) du Registre
    2 : Fichier(s)
    1 : Logiciel(s)

    End of the scan
    1
  9. fuang Messages postés 41 Statut Membre 14
     
    Bonjour,

    quand je me connecte, je suis encore envoyé sur des sites publicitaires.

    J'ai fait comme tu m'as dit, j'ai scanné en mode sans échec.

    Voici

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 01/03/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [4]) -> Lancé à 08:08:26 le 25/03/2011, Mode sans echec

    Microsoft Windows 7 Édition Familiale Premium (X64)
    Fuang@FUANG-HP (Hewlett-Packard HP G72 Notebook PC)

    ============== ACTION(S) ==============

    (!) -- Fichiers temporaires supprimés.

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.16 (fr)] ****

    Plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
    HKLM_MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 (x)
    HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
    HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

    -- C:\Users\Fuang\AppData\Roaming\Mozilla\FireFox\Profiles\3svwot1t.default --
    Prefs.js - browser.download.lastDir, C:\\Users\\Fuang\\Downloads
    Prefs.js - browser.startup.homepage, hxxp://www.google.ch
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
    Prefs.js - keyword.URL, hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=

    -- C:\Users\Savitty\AppData\Roaming\Mozilla\FireFox\Profiles\7a574qd3.default --
    Prefs.js - browser.startup.homepage, hxxp://www.google.ch/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
    HKCU_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
    HKLM_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
    HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (x)
    HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
    HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.)
    HKCU_ElevationPolicy\{849435DA-D57F-4755-8239-7F6A80660B3A} - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe (Foxit Software)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 110 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 31 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 24/03/2011 13:25:20 (12531 Octet(s))
    C:\Ad-Report-CLEAN[2].txt - 24/03/2011 13:35:07 (4034 Octet(s))
    C:\Ad-Report-CLEAN[3].txt - 24/03/2011 14:11:29 (4100 Octet(s))
    C:\Ad-Report-CLEAN[4].txt - 25/03/2011 08:08:34 (0 Octet(s))

    Fin à: 08:09:15, 25/03/2011

    ============== E.O.F ==============
    1
  10. fuang Messages postés 41 Statut Membre 14
     
    Voici le rapport

    ComboFix 11-03-24.03 - Fuang 25.03.2011 8:39.1.4 - x64
    Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.41.1036.18.3894.2146 [GMT 1:00]
    Lancé depuis: c:\users\Fuang\Desktop\ComboFix.exe
    AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
    SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\users\Fuang\ntuser.pol
    c:\users\Savitty\ntuser.pol
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-02-25 au 2011-03-25 ))))))))))))))))))))))))))))))))))))
    .
    .
    2011-03-25 07:44 . 2011-03-25 07:44 -------- d-----w- c:\users\Savitty\AppData\Local\temp
    2011-03-25 07:44 . 2011-03-25 07:44 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-03-24 12:39 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-03-24 12:24 . 2011-03-24 12:24 -------- d-----w- c:\program files (x86)\Ad-Remover
    2011-03-24 10:51 . 2011-03-24 10:51 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2011-03-24 10:48 . 2011-03-25 06:52 -------- d-----w- c:\program files (x86)\ZHPDiag
    2011-03-24 09:41 . 2011-03-24 09:41 -------- d-----w- c:\users\Fuang\AppData\Local\PackageAware
    2011-03-23 12:51 . 2011-03-23 12:51 -------- d-----w- c:\program files (x86)\Enigma Software Group
    2011-03-23 12:50 . 2011-03-24 08:29 -------- d-----w- c:\windows\41EBC322660F4D16A0DF53147210CBDB.TMP
    2011-03-23 12:50 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
    2011-03-23 08:38 . 2011-03-23 08:38 -------- d-----w- c:\users\Fuang\AppData\Roaming\Malwarebytes
    2011-03-23 08:37 . 2011-03-23 08:37 -------- d-----w- c:\programdata\Malwarebytes
    2011-03-23 08:37 . 2011-03-24 12:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-03-23 08:37 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-23 06:54 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\trend micro
    2011-03-23 06:54 . 2011-03-23 06:54 -------- d-----w- C:\rsit
    2011-03-17 08:25 . 2011-03-24 08:29 -------- d-----w- c:\programdata\HP Product Assistant
    2011-03-17 08:24 . 2011-03-24 08:29 -------- d-----w- c:\windows\SysWow64\spool
    2011-03-17 08:23 . 2011-03-17 08:23 -------- d-----w- c:\program files (x86)\Common Files\HP
    2011-03-15 08:28 . 2011-03-23 07:06 -------- d-----w- c:\program files (x86)\Panda Security
    2011-03-15 08:22 . 2011-03-15 08:22 -------- d-----w- c:\users\Fuang\AppData\Roaming\QuickScan
    2011-03-14 10:01 . 2011-03-16 06:03 -------- d-----w- c:\program files (x86)\Spyware Doctor
    2011-03-13 12:59 . 2011-03-13 12:59 -------- d-----w- c:\users\Fuang\dvbern-tax
    2011-03-13 12:44 . 2011-03-13 12:44 -------- d-----w- c:\users\Fuang\GeTax2009
    2011-03-13 12:44 . 2011-03-13 12:44 -------- d-----w- c:\users\Fuang\GeTax2010
    2011-03-13 12:43 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\GeTaxPP2010
    2011-03-13 12:42 . 2011-03-13 12:42 -------- d--h--w- c:\users\Fuang\InstallAnywhere
    2011-03-10 08:48 . 2011-03-10 08:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
    2011-03-10 08:48 . 2011-03-10 08:48 2052928 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-03-08 10:49 . 2009-07-14 01:41 258048 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
    2011-03-07 14:43 . 2011-03-07 14:43 143360 --sha-r- c:\windows\SysWow64\WPDSp0.dll
    2011-03-07 06:00 . 2011-03-07 06:00 -------- d-----w- c:\program files (x86)\GIMP-2.0
    2011-03-04 07:38 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD8AE3FF-6FB5-449D-8B4E-0C9C656A9ABC}\mpengine.dll
    2011-02-28 07:20 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
    2011-02-28 07:20 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
    2011-02-28 07:19 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
    2011-02-28 07:19 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
    2011-02-28 07:19 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-28 07:19 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
    2011-02-24 21:50 . 1999-12-17 09:13 86016 ----a-w- c:\windows\unvise32.exe
    2011-02-24 21:49 . 2011-02-24 21:49 -------- d-----w- c:\program files (x86)\Mindscape
    2011-02-24 17:43 . 2011-02-24 17:43 53248 ----a-r- c:\users\Fuang\AppData\Roaming\Microsoft\Installer\{5CED88DF-4B9A-436E-BC30-5BC9502B1EE8}\_D4074E803447_4AC3_8D7C_7D82D0C071C6.exe
    2011-02-24 17:42 . 2011-02-24 17:42 -------- d-----w- c:\program files (x86)\SDLL
    2011-02-23 20:45 . 2011-02-23 20:45 -------- d-----w- c:\users\Fuang\AppData\Local\Zattoo
    2011-02-23 20:44 . 2011-02-23 20:45 -------- d-----w- c:\program files (x86)\Zattoo4
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-02-02 16:11 . 2010-11-19 07:14 270720 ------w- c:\windows\system32\MpSigStub.exe
    2011-01-26 06:53 . 2011-02-09 06:34 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2011-01-26 06:53 . 2011-02-09 06:34 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
    2011-01-26 06:31 . 2011-02-09 06:34 144384 ----a-w- c:\windows\system32\cdd.dll
    2011-01-07 08:06 . 2011-02-09 06:34 46080 ----a-w- c:\windows\system32\atmlib.dll
    2011-01-07 07:27 . 2011-02-09 06:34 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
    2011-01-07 05:49 . 2011-02-09 06:34 366080 ----a-w- c:\windows\system32\atmfd.dll
    2011-01-07 05:33 . 2011-02-09 06:34 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
    2011-01-05 06:20 . 2011-02-09 06:34 612352 ----a-w- c:\windows\system32\vbscript.dll
    2011-01-05 05:37 . 2011-02-09 06:34 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
    2011-01-05 04:00 . 2011-02-09 06:34 3127808 ----a-w- c:\windows\system32\win32k.sys
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
    .
    c:\users\Fuang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Fuang\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "HideFastUserSwitching"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "EnableShellExecuteHooks"= 1 (0x1)
    .
    [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-22 1436424]
    R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    R3 KUSBusByTCP;KUSBusByTCP;SysWOW64\Drivers\KUSBusByTCP.sys [x]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
    S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-08-17 135336]
    S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-04 92216]
    S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-07-02 27192]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
    S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-17 315392]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
    S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
    S3 KUSBusByTCPMasterBus;Master Bus of Kernel USB Software Bus by TCP;SysWOW64\Drivers\KUSBusByTCPMasterBus.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    S3 WSDPrintDevice;Prise en charge de l'impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2010-05-19 08:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2011-03-21 c:\windows\Tasks\HPCeeScheduleForFuang.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Examen supplémentaire -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    FF - ProfilePath - c:\users\Fuang\AppData\Roaming\Mozilla\Firefox\Profiles\3svwot1t.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.ch
    FF - prefs.js: keyword.URL - hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
    FF - prefs.js: network.proxy.type - 0
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
    HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
    AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
    .
    .
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc]
    @Denied: (Full) (LocalSystem)
    @Denied: (Full) (Owner)
    "DisplayName"="@%SystemRoot%\\system32\\wcncsvc.dll,-3"
    "ErrorControl"=dword:00000001
    "ImagePath"=expand:"%SystemRoot%\\System32\\svchost.exe -k LocalServiceAndNoImpersonation"
    "Start"=dword:00000003
    "Type"=dword:00000020
    "Description"="@%SystemRoot%\\system32\\wcncsvc.dll,-4"
    "DependOnService"=multi:"rpcss\00\00"
    "ObjectName"="NT AUTHORITY\\LocalService"
    "ServiceSidType"=dword:00000001
    "RequiredPrivileges"=multi:"SeChangeNotifyPrivilege\00\00"
    "FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,
    00,01,00,00,00,c0,d4,01,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\Parameters]
    "ServiceDllUnloadOnStop"=dword:00000001
    "ServiceMain"="WcnServiceMain"
    "ServiceDll"=expand:"%SystemRoot%\\System32\\wcncsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\Security]
    "Security"=hex:01,00,14,80,8c,00,00,00,98,00,00,00,14,00,00,00,30,00,00,00,02,
    00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
    .
    Heure de fin: 2011-03-25 08:46:29
    ComboFix-quarantined-files.txt 2011-03-25 07:46
    .
    Avant-CF: 392'078'217'216 octets libres
    Après-CF: 392'264'105'984 octets libres
    .
    - - End Of File - - 2AA459500921DF25EB7D9C8E406FF096
    1
  11. fuang Messages postés 41 Statut Membre 14
     
    C'est normal que ma connexion internet est très lente ?
    1
  12. fuang Messages postés 41 Statut Membre 14
     
    C'est pas un fichier .exe. Je ne peux pas l'exécuter.
    1
  13. fuang Messages postés 41 Statut Membre 14
     
    Je vais essayé.

    En tout cas merci beaucoup pour ce que vous avez fait.

    Fuang
    1
  14. fuang Messages postés 41 Statut Membre 14
     
    jusque maintenant ça va. j'ai pas encore eu de spot publicitaire.

    Je vous tiens au courant si cela change.

    Merci

    Fuang
    1
    1. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
       
      ok teste un peu et si tout va bien

      on finalise
      0
  15. fuang Messages postés 41 Statut Membre 14
     
    Voilà, j'ai testé. Cela semble bien fonctionner. J'ai pas encore eu de spot publicitaire.

    Merci encore.
    1
  16. fuang Messages postés 41 Statut Membre 14
     
    Et voici Javara

    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Fri Mar 25 16:36:06 2011

    Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

    Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

    ------------------------------------

    Finished reporting.
    1
  17. fuang Messages postés 41 Statut Membre 14
     
    Merci beaucoup
    1
  • 1
  • 2