Se connecter / S'enregistrer
Votre question

[Résolu] Virus lié à MSN

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Janvier 2010 21:47:43

Bonjour, voilà j'ai un soucis à cause d'un virus lié à msn.
Lorsque je me connecte à MSN au bout de 5min ma souris va se figer, des fenêtres de mes contacts vont s'ouvrir et se refermer pendant 10-15sec, ensuite les fenêtres que j'avais en cours de conversations vont se fermer aussi et impossible d'ouvrir une nouvelle fenêtre sur ma page de contact.
J'ai déjà fait msnfix ( il avait trouvé une infection, je devais redémarrer le PC, chose faite, depuis il ne detecte aucun infection) ; ensuite j'ai lancer clearvirusmsn : aucun virus détecté ; j'ai lancer mon anti-virus ( Norton 2009 il me semble ou 2008 ) .

Je viens de lancer du coup Hijackthis mais impossible de savoir quoi supprimer :??:  :??:  :??: 
Voici le raport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:32:33, on 06/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe
C:\Program Files\CyberLink\PlayMovie\PMVService.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBIE.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\rndll.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Nostale(FR)\nostalex.dat
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mumble\mumble.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Gladys\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9136
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://freeart1cile.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\CyberLink\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S4F19.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Firevall Administrating] rndll.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2532158372-3583300359-1391360984-1001\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'AncolieMag')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EC9E8EE-E280-4EAA-BC2C-5E6B6CD9040C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6EC9E8EE-E280-4EAA-BC2C-5E6B6CD9040C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6EC9E8EE-E280-4EAA-BC2C-5E6B6CD9040C}: NameServer = 192.168.1.1
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: CLKERN.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 9781 bytes



Merci pour votre aide.

Autres pages sur : resolu virus lie msn

a c 294 8 Sécurité
7 Janvier 2010 04:06:01

Bonjour,

MSNFix n'est plus à jour actuellement.

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    7 Janvier 2010 09:50:20

    Bonjour,


    ############################## | UsbFix V6.071 |

    User : Gladys (Administrateurs) # PC-DE-GLADYS
    Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 08:48:13 | 07/01/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    AMD Athlon(tm) 64 X2 Dual-Core Processor TK-57
    Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 7.0.6002.18005
    Windows Firewall Status : Enabled
    AV : Norton AntiVirus 15.0.0.58 [ Enabled | Updated ]
    FW : Norton AntiVirus[ Enabled ]15.0.0.58

    C:\ -> Disque fixe local # 137,05 Go (57,04 Go free) [HDD] # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe 468
    C:\Windows\system32\csrss.exe 588
    C:\Windows\system32\csrss.exe 652
    C:\Windows\system32\wininit.exe 660
    C:\Windows\system32\winlogon.exe 708
    C:\Windows\system32\services.exe 740
    C:\Windows\system32\lsass.exe 752
    C:\Windows\system32\lsm.exe 764
    C:\Windows\system32\svchost.exe 892
    C:\Windows\system32\svchost.exe 964
    C:\Windows\System32\svchost.exe 1004
    C:\Windows\system32\Ati2evxx.exe 1088
    C:\Windows\System32\svchost.exe 1144
    C:\Windows\System32\svchost.exe 1172
    C:\Windows\system32\svchost.exe 1184
    C:\Windows\system32\SLsvc.exe 1288
    C:\Windows\system32\svchost.exe 1316
    C:\Windows\system32\svchost.exe 1520
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1660
    C:\Windows\system32\Ati2evxx.exe 1720
    C:\Windows\System32\spoolsv.exe 1764
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 1788
    C:\Windows\system32\svchost.exe 2012
    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 1280
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 1988
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 1612
    C:\Windows\system32\rundll32.exe 2172
    C:\Windows\system32\oodag.exe 2276
    C:\Windows\system32\svchost.exe 2324
    C:\Windows\system32\svchost.exe 2344
    C:\Windows\System32\svchost.exe 2372
    C:\Windows\system32\SearchIndexer.exe 2412
    C:\Windows\system32\taskeng.exe 2728
    C:\Windows\system32\Dwm.exe 3120
    C:\Windows\system32\taskeng.exe 3172
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3464
    C:\Windows\RtHDVCpl.exe 3488
    C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe 3504
    C:\Program Files\ATK Hotkey\Hcontrol.exe 3516
    C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe 3532
    C:\Program Files\CyberLink\PlayMovie\PMVService.exe 3572
    C:\Program Files\ATK Hotkey\ATKOSD.exe 3760
    C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBIE.EXE 3780
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 3788
    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe 3852
    C:\Program Files\Java\jre6\bin\jusched.exe 3880
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe 3920
    C:\Windows\rndll.exe 3928
    C:\Program Files\DAEMON Tools Lite\daemon.exe 3976
    C:\Program Files\Windows Media Player\wmpnscfg.exe 4008
    C:\Windows\system32\wbem\unsecapp.exe 4020
    C:\Windows\system32\wbem\wmiprvse.exe 2164
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 1496
    C:\Program Files\Windows Media Player\wmpnetwk.exe 3432
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 4560
    C:\Program Files\Windows Live\Contacts\wlcomm.exe 4896
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 5120
    C:\Program Files\Windows Live\Mail\wlmail.exe 5540
    C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe 3640
    C:\Windows\system32\conime.exe 4240
    C:\Windows\system32\csrss.exe 5968
    C:\Windows\system32\winlogon.exe 4140
    C:\Windows\system32\Ati2evxx.exe 2104
    C:\Windows\system32\rundll32.exe 1348
    C:\Windows\system32\Dwm.exe 2964
    C:\Program Files\ATK Hotkey\Hcontrol.exe 3208
    C:\Windows\system32\taskeng.exe 3644
    C:\Windows\Explorer.EXE 4856
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 5132
    C:\Windows\RtHDVCpl.exe 4476
    C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe 3352
    C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe 4304
    C:\Program Files\CyberLink\PlayMovie\PMVService.exe 4936
    C:\Program Files\ATK Hotkey\ATKOSD.exe 5176
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 6124
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4720
    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe 5328
    C:\Program Files\Java\jre6\bin\jusched.exe 3600
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 5576
    C:\Windows\rndll.exe 3864
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 4716
    C:\Program Files\Cheat Engine\Cheat Engine.exe 5864
    C:\Nostale(FR)\nostalex.dat 4576
    C:\Program Files\Mumble\dbus-daemon.exe 9664
    C:\Nostale(FR)\nostalex.dat 9084
    C:\Windows\explorer.exe 3664
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 12028
    C:\Program Files\Mozilla Firefox\firefox.exe 8508
    C:\Windows\system32\wbem\wmiprvse.exe 10916

    ################## | Elements infectieux |

    C:\Windows\rndll.exe

    ################## | MD5 |

    C:\Users\Gladys\AppData\Local\Temp\IXP000.TMP\ggdfgd.exe
    C:\Windows\rndll.exe

    ################## | Registre |

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "Firevall Administrating"

    ################## | Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{563ce601-26b6-11de-84af-002354a76aa1}
    shell\AutoRun\command =G:\driver\usb\–¼‡‘Š•†‘Í€ŒŽ
    shell\open\command =G:\driver\usb\–¼‡‘Š•†‘Í€ŒŽ

    ################## | Cracks > Keygens > Serials |

    "C:\logiciels\mIRC.v6.34.Incl.KeyGen.and.Server\mIRC.v6.34.Incl.KeyGen.and.Server\f4123501\f4cg\setup.exe"
    02/02/2002 01:02 |Size 1750952 |Crc32 a07f5e4f |Md5 5dec3cee03923a44c99701aaf5cece9b

    "C:\Program Files\Cracklock\unins000.exe"
    11/04/2009 19:33 |Size 72164 |Crc32 53f881c3 |Md5 fe6fc2b661d05ad066c684fdba90c0ae

    "C:\Program Files\Cracklock\Bin\CLINJECT.exe"
    01/08/2001 23:53 |Size 2560 |Crc32 ac457405 |Md5 09d843c716c8d5f00b6c82a9df993f02

    "C:\Program Files\Cracklock\Bin\CLMNGR.exe"
    01/08/2001 23:53 |Size 151552 |Crc32 420baaef |Md5 cdfa95e9a387a38ef9a14ec9d9b8d3c2

    "C:\Program Files\Cracklock\Bin\MCL.exe"
    01/08/2001 23:53 |Size 27136 |Crc32 1cb844b2 |Md5 42e1a7601c0a25185174c5bb090f3e04

    "C:\Program Files\Cracklock\Examples\VBDate.exe"
    30/05/1998 12:02 |Size 8704 |Crc32 db2ba782 |Md5 13d7d709cabc7e88e5c4a435a8221142

    "C:\Program Files\Cracklock\Examples\VCDATE.EXE"
    20/08/1999 13:46 |Size 25088 |Crc32 6007c824 |Md5 c962d099e1a319c12f9047506b66b5c8

    "C:\Users\Gladys\AppData\Local\Temp\keygen_noUPX.exe"
    09/07/2009 11:48 |Size 172032 |Crc32 7d560217 |Md5 d32d0321660d1db330311d2e75e56c76

    "C:\Users\Gladys\Downloads\--www.dl4all.com--Norton_AntiVirus_2009__Norton_Internet_...\--www.dl4all.com--Norton AntiVirus 2009 +Norton Internet Security 2009 + Crack\norton2009_trialreset.exe"
    08/07/2009 20:43 |Size 861588 |Crc32 e5dff9cc |Md5 54f7e3c33bb751a942ff5e38f17a9fc7

    "C:\Users\Gladys\Downloads\--www.dl4all.com--Norton_AntiVirus_2009__Norton_Internet_...\--www.dl4all.com--Norton AntiVirus 2009 +Norton Internet Security 2009 + Crack\NortonInternetSecurity2009.exe"
    19/10/2008 12:55 |Size 59011584 |Crc32 db865371 |Md5 2e556cea877707fefec7dcf05ff40812

    "C:\Users\Gladys\Downloads\Norton 360v3.0 2009 [Include Keygen from XR21]\Norton 360v3.0\Stub.exe"
    09/07/2009 11:48 |Size 778080 |Crc32 8eccdd4a |Md5 3daed7fd0244fc5f85ba99cb408d93f3

    "C:\Users\Gladys\Downloads\Norton 360v3.0 2009 [Include Keygen from XR21]\Norton 360v3.0\N360\Setup\FWCfg.exe"
    09/07/2009 11:36 |Size 31576 |Crc32 c8448bd4 |Md5 ba158815f5157e786d0234b6cea94ad9

    "C:\Users\Gladys\Downloads\Norton 360v3.0 2009 [Include Keygen from XR21]\Norton 360v3.0\N360\Setup\COH32\COH32.exe"
    09/07/2009 11:39 |Size 1250656 |Crc32 40328126 |Md5 6717b32429dc473ef257a4b1d038c07a

    "C:\Users\Gladys\Downloads\Norton 360v3.0 2009 [Include Keygen from XR21]\Norton 360v3.0\N360\Setup\COH64\COH64.exe"
    09/07/2009 11:39 |Size 1996336 |Crc32 a559cc3b |Md5 b784d3e820859bd09bbead21e980af8e

    "C:\Users\Gladys\Downloads\Norton Antivirus 2008 FR\keygen_noUPX.exe"
    30/07/2008 17:47 |Size 172032 |Crc32 7d560217 |Md5 d32d0321660d1db330311d2e75e56c76

    "C:\logiciels\mIRC.v6.34.Incl.KeyGen.and.Server\mIRC.v6.34.Incl.KeyGen.and.Server\f4123501\f4cg.rar"
    -> contain : keygen.exe

    "C:\logiciels\mIRC.v6.34.Incl.KeyGen.and.Server\mIRC.v6.34.Incl.KeyGen.and.Server\f4123501\f4cg.rar"
    -> contain : patch.exe

    "C:\logiciels\mIRC.v6.34.Incl.KeyGen.and.Server\mIRC.v6.34.Incl.KeyGen.and.Server\f4123501\f4cg.rar"
    -> contain : setup.exe

    "C:\Users\Gladys\Downloads\--www.dl4all.com--Norton_AntiVirus_2009__Norton_Internet_..."
    -> contain : *--www.dl4all.com--Norton AntiVirus 2009 +Norton Internet Security 2009 + Crack\Norton2009_TrialReset.exe

    "C:\Users\Gladys\Downloads\--www.dl4all.com--Norton_AntiVirus_2009__Norton_Internet_..."
    -> contain : *--www.dl4all.com--Norton AntiVirus 2009 +Norton Internet Security 2009 + Crack\NortonInternetSecurity2009.exe


    ################## | ! Fin du rapport # UsbFix V6.071 ! |



    Voici le rapport UsbFix
    Contenus similaires
    a c 294 8 Sécurité
    7 Janvier 2010 16:59:59

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    8 Janvier 2010 10:40:14

    Bonjour, voici le rapport après l'option Suppression.



    ############################## | UsbFix V6.071 |

    User : Gladys (Administrateurs) # PC-DE-GLADYS
    Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 10:19:50 | 08/01/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    AMD Athlon(tm) 64 X2 Dual-Core Processor TK-57
    Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 7.0.6002.18005
    Windows Firewall Status : Enabled
    AV : Norton AntiVirus 15.0.0.58 [ Enabled | Updated ]
    FW : Norton AntiVirus[ Enabled ]15.0.0.58

    C:\ -> Disque fixe local # 137,05 Go (57,26 Go free) [HDD] # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe 512
    C:\Windows\system32\csrss.exe 588
    C:\Windows\system32\wininit.exe 652
    C:\Windows\system32\csrss.exe 660
    C:\Windows\system32\services.exe 696
    C:\Windows\system32\winlogon.exe 724
    C:\Windows\system32\lsass.exe 760
    C:\Windows\system32\lsm.exe 768
    C:\Windows\system32\svchost.exe 912
    C:\Windows\system32\svchost.exe 972
    C:\Windows\System32\svchost.exe 1008
    C:\Windows\system32\LogonUI.exe 1048
    C:\Windows\system32\Ati2evxx.exe 1104
    C:\Windows\System32\svchost.exe 1160
    C:\Windows\System32\svchost.exe 1204
    C:\Windows\system32\svchost.exe 1216
    C:\Windows\system32\SLsvc.exe 1328
    C:\Windows\system32\svchost.exe 1364
    C:\Windows\system32\svchost.exe 1556
    C:\Windows\system32\Ati2evxx.exe 1652
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1676
    C:\Windows\System32\spoolsv.exe 1772
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 1796
    C:\Windows\system32\svchost.exe 124
    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 1284
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe 372
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 2064
    C:\Windows\system32\rundll32.exe 2212
    C:\Windows\system32\oodag.exe 2268
    C:\Windows\system32\svchost.exe 2404
    C:\Windows\system32\svchost.exe 2432
    C:\Windows\System32\svchost.exe 2464
    C:\Windows\system32\SearchIndexer.exe 2500
    C:\Windows\system32\taskeng.exe 2824
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 3892
    C:\Windows\system32\wbem\wmiprvse.exe 2428
    C:\Windows\servicing\TrustedInstaller.exe 2368
    C:\Windows\system32\taskeng.exe 224
    C:\Windows\system32\Dwm.exe 3192
    C:\Windows\Explorer.EXE 3272
    C:\Program Files\ATK Hotkey\Hcontrol.exe 2356
    C:\Program Files\ATK Hotkey\ATKOSD.exe 1144
    C:\Windows\system32\runonce.exe 3256
    C:\Windows\system32\conime.exe 3628

    ################## | Elements infectieux |

    Supprimé ! C:\Windows\rndll.exe
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-1073457273-1273766430-2797484330-500
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-2532158372-3583300359-1391360984-1000
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-2532158372-3583300359-1391360984-1001

    ################## | MD5 |

    Supprimé ! C:\Users\Gladys\AppData\Local\Temp\IXP000.TMP\ggdfgd.exe

    ################## | Registre |

    Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "Firevall Administrating"

    ################## | Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{563ce601-26b6-11de-84af-002354a76aa1}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [18/09/2006 22:43|--a------|24] C:\autoexec.bat
    [11/04/2009 07:36|-rahs----|333257] C:\bootmgr
    [26/11/2008 03:25|-ra-s----|8192] C:\BOOTSECT.BAK
    [05/01/2010 08:58|--a------|957] C:\cleannavi.txt
    [25/10/2009 16:39|--a------|74] C:\CMLoader.log
    [18/09/2006 22:43|--a------|10] C:\config.sys
    [23/04/2008 16:10|--a------|2916] C:\files.crc
    [?|?|?] C:\hiberfil.sys
    [?|?|?] C:\pagefile.sys
    [25/11/2008 19:21|--a------|426] C:\RHDSetup.log
    [25/11/2008 19:22|--a------|86] C:\setup.log
    [25/11/2008 20:12|--a------|0] C:\temp_ig.txt
    [08/01/2010 10:35|--a------|3873] C:\UsbFix.txt

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Crack > Keygen > Serial |

    "C:\logiciels\mIRC.v6.34.Incl.KeyGen.and.Server\mIRC.v6.34.Incl.KeyGen.and.Server\f4123501\f4cg\setup.exe"
    02/02/2002 01:02 |Size 1750952 |Crc32 a07f5e4f |Md5 5dec3cee03923a44c99701aaf5cece9b

    "C:\Program Files\Cracklock\unins000.exe"
    11/04/2009 19:33 |Size 72164 |Crc32 53f881c3 |Md5 fe6fc2b661d05ad066c684fdba90c0ae

    "C:\Program Files\Cracklock\Bin\CLINJECT.exe"
    01/08/2001 23:53 |Size 2560 |Crc32 ac457405 |Md5 09d843c716c8d5f00b6c82a9df993f02

    "C:\Program Files\Cracklock\Bin\CLMNGR.exe"
    01/08/2001 23:53 |Size 151552 |Crc32 420baaef |Md5 cdfa95e9a387a38ef9a14ec9d9b8d3c2

    "C:\Program Files\Cracklock\Bin\MCL.exe"
    01/08/2001 23:53 |Size 27136 |Crc32 1cb844b2 |Md5 42e1a7601c0a25185174c5bb090f3e04

    "C:\Program Files\Cracklock\Examples\VBDate.exe"
    30/05/1998 12:02 |Size 8704 |Crc32 db2ba782 |Md5 13d7d709cabc7e88e5c4a435a8221142

    "C:\Program Files\Cracklock\Examples\VCDATE.EXE"
    20/08/1999 13:46 |Size 25088 |Crc32 6007c824 |Md5 c962d099e1a319c12f9047506b66b5c8

    "C:\Users\Gladys\AppData\Local\Temp\keygen_noUPX.exe"
    09/07/2009 11:48 |Size 172032 |Crc32 7d560217 |Md5 d32d0321660d1db330311d2e75e56c76

    "C:\Users\Gladys\Downloads\--www.dl4all.com--Norton_AntiVirus_2009__Norton_Internet_...\--www.dl4all.com--Norton AntiVirus 2009 +Norton Internet Security 2009 + Crack\norton2009_trialreset.exe"
    08/07/2009 20:43 |Size 861588 |Crc32 e5dff9cc |Md5 54f7e3c33bb751a942ff5e38f17a9fc7

    "C:\Users\Gladys\Downloads\--www.dl4all.com--Norton_AntiVirus_2009__Norton_Internet_...\--www.dl4all.com--Norton AntiVirus 2009 +Norton Internet Security 2009 + Crack\NortonInternetSecurity2009.exe"
    19/10/2008 12:55 |Size 59011584 |Crc32 db865371 |Md5 2e556cea877707fefec7dcf05ff40812

    "C:\Users\Gladys\Downloads\Norton 360v3.0 2009 [Include Keygen from XR21]\Norton 360v3.0\Stub.exe"
    09/07/2009 11:48 |Size 778080 |Crc32 8eccdd4a |Md5 3daed7fd0244fc5f85ba99cb408d93f3

    "C:\Users\Gladys\Downloads\Norton 360v3.0 2009 [Include Keygen from XR21]\Norton 360v3.0\N360\Setup\FWCfg.exe"
    09/07/2009 11:36 |Size 31576 |Crc32 c8448bd4 |Md5 ba158815f5157e786d0234b6cea94ad9

    "C:\Users\Gladys\Downloads\Norton 360v3.0 2009 [Include Keygen from XR21]\Norton 360v3.0\N360\Setup\COH32\COH32.exe"
    09/07/2009 11:39 |Size 1250656 |Crc32 40328126 |Md5 6717b32429dc473ef257a4b1d038c07a

    "C:\Users\Gladys\Downloads\Norton 360v3.0 2009 [Include Keygen from XR21]\Norton 360v3.0\N360\Setup\COH64\COH64.exe"
    09/07/2009 11:39 |Size 1996336 |Crc32 a559cc3b |Md5 b784d3e820859bd09bbead21e980af8e

    "C:\Users\Gladys\Downloads\Norton Antivirus 2008 FR\keygen_noUPX.exe"
    30/07/2008 17:47 |Size 172032 |Crc32 7d560217 |Md5 d32d0321660d1db330311d2e75e56c76

    "C:\logiciels\mIRC.v6.34.Incl.KeyGen.and.Server\mIRC.v6.34.Incl.KeyGen.and.Server\f4123501\f4cg.rar"
    -> contain : keygen.exe

    "C:\logiciels\mIRC.v6.34.Incl.KeyGen.and.Server\mIRC.v6.34.Incl.KeyGen.and.Server\f4123501\f4cg.rar"
    -> contain : patch.exe

    "C:\logiciels\mIRC.v6.34.Incl.KeyGen.and.Server\mIRC.v6.34.Incl.KeyGen.and.Server\f4123501\f4cg.rar"
    -> contain : setup.exe

    "C:\Users\Gladys\Downloads\--www.dl4all.com--Norton_AntiVirus_2009__Norton_Internet_..."
    -> contain : *--www.dl4all.com--Norton AntiVirus 2009 +Norton Internet Security 2009 + Crack\Norton2009_TrialReset.exe

    "C:\Users\Gladys\Downloads\--www.dl4all.com--Norton_AntiVirus_2009__Norton_Internet_..."
    -> contain : *--www.dl4all.com--Norton AntiVirus 2009 +Norton Internet Security 2009 + Crack\NortonInternetSecurity2009.exe


    ################## | Upload |

    Veuillez envoyer le fichier : C:\Users\Gladys\Desktop\UsbFix_Upload_Me_PC-de-Gladys.zip : http://chiquitine.changelog.fr/Sample/Upload.php
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.071 ! |

    a c 294 8 Sécurité
    8 Janvier 2010 16:00:10

    Le virus MSN est effacé.

  • Relance UsbFix et choisis l'option 6 pour le désinstaller.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    8 Janvier 2010 16:21:11

    Voici le rapport de MBAM :


    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3517
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 7.0.6002.18005

    08/01/2010 16:19:15
    mbam-log-2010-01-08 (16-19-15).txt

    Type de recherche: Examen rapide
    Eléments examinés: 108447
    Temps écoulé: 9 minute(s), 38 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\Gladys\AppData\Local\Temp\keygen_noUPX.exe (Malware.Tool) -> Quarantined and deleted successfully.
    C:\Windows\System32\ovfsthtlfnmyvcxsmsqtemxcfwauwuckfidtpd.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
    a c 294 8 Sécurité
    8 Janvier 2010 16:32:01

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    8 Janvier 2010 22:04:56

    Alors voici le rapport de info.txt :


    info.txt logfile of random's system information tool 1.06 2010-01-08 21:55:38

    ======Uninstall list======

    -->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
    Adobe Photoshop Elements 6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobePE6*
    Adobe Reader 8.1.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*
    AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x040c -removeonly
    Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
    Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
    ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
    Cheat Engine 5.5-->"C:\Program Files\Cheat Engine\unins000.exe"
    Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
    Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
    CyberLink PowerCinema-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
    CyberLink PowerCinema-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
    DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
    Dragonica(FR)-->C:\Program Files\gPotato.eu\Dragonica\FR\uninst.exe
    EasyBits Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
    Encyclopaedia Universalis-->"C:\Program Files\Encyclopaedia Universalis\Encyclopaedia Universalis\Uninstall_Encyclopaedia Universalis\Désinstaller Encyclopaedia Universalis 2009.exe"
    EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
    HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
    HijackThis 2.0.2-->"C:\Users\Gladys\Downloads\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Infocentre Rev. 2.0.0.1-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    IPcute version 0.605-->"C:\Program Files\IPcute\unins000.exe"
    Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    K-Lite Mega Codec Pack 5.0.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\ProgramData\LuUninstall.LiveUpdate"
    LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
    Lizardtech DjVu Control-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{105CFC7C-6992-11D5-BD9D-000102C10FD8}\Setup.exe" -l0x40c
    Ma-Config.com-->MsiExec.exe /X{FACFAAB3-1443-427D-A0B0-1B55BB4F7FB2}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    McAfee SiteAdvisor-->C:\Program Files\McAfee\SiteAdvisor\Uninstall.exe
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Metaboli-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *METABOLI*
    MicroBest Cracklock 3.8.4-->"C:\Program Files\Cracklock\unins000.exe"
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works 9 SE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9se*
    Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
    Microsoft® Office Trial 2007-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *OFF2k7_FR*
    mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
    MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
    Nero 8 Essentials-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Nero8*
    Nero 8 Essentials-->MsiExec.exe /X{980B9958-1239-4FC5-8C88-AC5650321036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Nokia Connectivity Cable Driver-->MsiExec.exe /I{6869591A-7DD8-46D2-837F-57CBF7358955}
    Nokia Multimedia Common Components 2.4-->MsiExec.exe /I{6EB6C056-02BB-453E-8448-EC90B9794180}
    Norton AntiVirus (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}_15_0_0_58\Setup.exe" /X
    Norton AntiVirus Help-->MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
    Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
    Norton Internet Security-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NIS2008_FR*
    Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.0.0.125\InstStub.exe /X
    Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
    Nostale Online FR (Remove)-->"C:\Nostale(FR)\unins000.exe"
    O&O Defrag Professional Edition-->MsiExec.exe /I{53480330-E1D1-41CA-B8F8-7F78644F7F50}
    OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
    Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
    Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
    Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
    PC Connectivity Solution-->MsiExec.exe /I{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}
    Power Cinema 6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *PowerCinema6*
    QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
    SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
    Samsung Mobile Modem Device Software-->C:\Windows\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
    SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    SAMSUNG USB Mobile Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
    SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
    SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
    Shareaza 2.4.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
    SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
    Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
    Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
    Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
    Update for Outlook 2007 Junk Email Filter (kb976884)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}
    USB 2.0 VGA UVC WebCam-->C:\Windows\Uninstvga.bat
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}

    ======Security center information======

    AV: Norton AntiVirus
    FW: Norton AntiVirus
    AS: Windows Defender
    AS: Norton AntiVirus

    ======System event log======

    Computer Name: PC-de-Gladys
    Event Code: 1002
    Message: Échec de la publication de l’élément Provider\Microsoft.Base.Publication/Publication/Computer. Vérifiez que PKEY_PUBSVCS_METADATA et PKEY_PUBSVCS_TYPE sont définis correctement avec l’instance de la fonction et qu’il n’y a pas eu d’erreurs lors de l’ajout de l’instance de la fonction.
    Record Number: 35183
    Source Name: Microsoft-Windows-ResourcePublication
    Time Written: 20090709092903.079154-000
    Event Type: Erreur
    User: AUTORITE NT\SERVICE LOCAL

    Computer Name: PC-de-Gladys
    8 Janvier 2010 22:05:19

    Et voici celui de lod.txt :


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Gladys at 2010-01-08 22:02:51
    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2
    System drive C: has 59 GB (42%) free of 140 GB
    Total RAM: 2686 MB (31% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:02:57, on 08/01/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe
    C:\Program Files\CyberLink\PlayMovie\PMVService.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBIE.EXE
    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Nostale(FR)\nostalex.dat
    C:\Windows\system32\conime.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
    C:\Users\Gladys\Downloads\RSIT.exe
    C:\Users\Gladys\Downloads\Gladys.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9136
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\CyberLink\PlayMovie\PMVService.exe"
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S4F19.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6EC9E8EE-E280-4EAA-BC2C-5E6B6CD9040C}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{6EC9E8EE-E280-4EAA-BC2C-5E6B6CD9040C}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{6EC9E8EE-E280-4EAA-BC2C-5E6B6CD9040C}: NameServer = 192.168.1.1
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O20 - AppInit_DLLs: CLKERN.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
    O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 9795 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Extension de garantie-Gladys.job
    C:\Windows\tasks\Norton AntiVirus - Effectuer une analyse complète du système - Gladys.job
    C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Gladys.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2009-07-09 116088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
    McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
    {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
    {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-17 4702208]
    "Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
    "PCMAgent"=C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe [2008-03-21 143360]
    "CLMLServer"=C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe [2008-04-11 196608]
    "PlayMovie"=C:\Program Files\CyberLink\PlayMovie\PMVService.exe [2008-03-31 172032]
    "toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
    "OODefragTray"=C:\Windows\system32\oodtray.exe [2007-06-28 2512128]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-10-03 39792]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
    "ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
    "EPSON Stylus DX6000 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE [2006-02-13 131072]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
    "NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    ""= []
    "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2008-02-04 1038136]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="CLKERN.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2009-04-11 49152]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=128
    "NoDriveTypeAutoRun"=128
    "HonorAutoRunSetting"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Users\Gladys\AppData\Local\Temp\IXP000.TMP\ggdfgd.exe"="C:\Users\Gladys\AppData\Local\Temp\IXP000.TMP\ggdfgd.exe:*:Enabled:Firevall Administrating"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 1 months======

    2010-01-08 21:55:10 ----D---- C:\rsit
    2010-01-08 21:55:10 ----D---- \rsit
    2010-01-08 16:06:12 ----D---- C:\ProgramData\Malwarebytes
    2010-01-08 16:06:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-01-08 10:35:28 ----RASHD---- C:\autorun.inf
    2010-01-08 10:35:28 ----RASHD---- \autorun.inf
    2010-01-07 08:46:56 ----D---- C:\UsbFix
    2010-01-07 08:46:56 ----D---- \UsbFix
    2010-01-05 09:31:57 ----D---- C:\Program Files\Mumble
    2010-01-05 08:58:14 ----A---- C:\cleannavi.txt
    2010-01-05 08:58:14 ----A---- \cleannavi.txt
    2010-01-05 08:57:55 ----D---- C:\Program Files\Navilog1
    2010-01-01 19:44:19 ----D---- C:\Program Files\AxBx
    2009-12-20 21:15:46 ----A---- C:\Windows\system32\d3dx9.dll
    2009-12-20 21:15:46 ----A---- C:\Windows\system32\D3DX81ab.dll
    2009-12-17 17:04:01 ----SHD---- C:\Config.Msi
    2009-12-17 17:04:01 ----SHD---- \Config.Msi
    2009-12-11 07:25:37 ----A---- C:\Windows\system32\wininet.dll
    2009-12-11 07:25:36 ----A---- C:\Windows\system32\mshtml.dll
    2009-12-11 07:25:35 ----A---- C:\Windows\system32\urlmon.dll
    2009-12-11 07:25:33 ----A---- C:\Windows\system32\ieframe.dll
    2009-12-11 07:25:31 ----A---- C:\Windows\system32\ieui.dll
    2009-12-11 07:25:29 ----A---- C:\Windows\system32\ieencode.dll
    2009-12-11 07:25:27 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-12-10 10:13:30 ----A---- C:\Windows\system32\nshhttp.dll
    2009-12-10 10:13:26 ----A---- C:\Windows\system32\httpapi.dll
    2009-12-10 04:30:59 ----A---- C:\Windows\system32\winhttp.dll
    2009-12-10 04:29:54 ----A---- C:\Windows\system32\rastls.dll

    ======List of files/folders modified in the last 1 months======

    2010-01-08 22:02:55 ----D---- C:\Windows\Temp
    2010-01-08 16:22:33 ----D---- C:\Program Files\mIRC
    2010-01-08 16:20:14 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-08 16:19:27 ----D---- C:\Windows\system32\drivers
    2010-01-08 16:19:27 ----D---- C:\Windows\Branding
    2010-01-08 16:19:15 ----AD---- C:\Windows\System32
    2010-01-08 16:06:12 ----HD---- C:\ProgramData
    2010-01-08 16:06:12 ----HD---- \ProgramData
    2010-01-08 16:06:11 ----RD---- C:\Program Files
    2010-01-08 16:06:11 ----RD---- \Program Files
    2010-01-08 10:52:26 ----D---- C:\Windows\inf
    2010-01-08 10:52:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-01-08 10:47:12 ----D---- C:\Nostale(FR)
    2010-01-08 10:47:12 ----D---- \Nostale(FR)
    2010-01-08 10:35:12 ----SHD---- C:\$Recycle.Bin
    2010-01-08 10:35:12 ----SHD---- \$Recycle.Bin
    2010-01-08 10:21:25 ----D---- C:\Windows
    2010-01-08 10:21:25 ----D---- \Windows
    2010-01-08 01:44:39 ----SHD---- C:\System Volume Information
    2010-01-08 01:44:39 ----SHD---- \System Volume Information
    2010-01-07 08:47:02 ----D---- C:\Windows\prefetch
    2010-01-05 09:32:35 ----D---- C:\Windows\winsxs
    2010-01-02 22:41:30 ----D---- C:\Program Files\Cheat Engine
    2010-01-02 10:32:52 ----A---- C:\Windows\msnfix.txt
    2009-12-19 22:32:43 ----D---- C:\Windows\system32\WDI
    2009-12-19 22:31:38 ----D---- C:\Program Files\McAfee
    2009-12-19 19:30:12 ----D---- C:\Windows\system32\catroot
    2009-12-17 17:04:31 ----SHD---- C:\Windows\Installer
    2009-12-17 17:04:27 ----D---- C:\Program Files\Nokia
    2009-12-17 17:04:23 ----D---- C:\Program Files\Common Files\Nokia
    2009-12-17 17:04:23 ----D---- C:\Program Files\Common Files
    2009-12-17 16:35:48 ----SD---- C:\Windows\Downloaded Program Files
    2009-12-16 17:58:56 ----RD---- C:\Users
    2009-12-16 17:58:56 ----RD---- \Users
    2009-12-11 03:44:17 ----D---- C:\Windows\rescache
    2009-12-11 03:28:16 ----D---- C:\Windows\system32\catroot2
    2009-12-11 03:25:04 ----D---- C:\Windows\system32\fr-FR
    2009-12-11 03:25:04 ----D---- C:\Program Files\Windows Mail
    2009-12-11 03:09:21 ----D---- C:\ProgramData\Microsoft Help
    2009-12-11 03:07:33 ----RSD---- C:\Windows\assembly

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-08-26 371248]
    R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20091230.001\IDSvix86.sys [2009-11-20 286768]
    R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2009-03-17 447024]
    R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
    R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
    R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-10-25 5632]
    R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-02-19 24112]
    R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2009-02-19 184496]
    R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\CyberLink\PlayMovie\000.fcl [2008-03-31 41456]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
    R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-25 4385792]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-26 102448]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-22 1950552]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
    R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100108.002\NAVENG.SYS [2009-08-25 84912]
    R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100108.002\NAVEX15.SYS [2009-08-25 1323568]
    R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-01-23 50176]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
    R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2009-02-19 13616]
    R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-07-09 124464]
    R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2009-02-19 96560]
    R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
    R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2009-02-19 22320]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]
    S3 av2csm62;av2csm62; C:\Windows\system32\drivers\av2csm62.sys []
    S3 catchme;catchme; \??\C:\Users\Gladys\AppData\Local\Temp\catchme.sys []
    S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-05-14 14336]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
    S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
    S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
    S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
    S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
    S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
    R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208]
    R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-25 733184]
    R2 Automatic LiveUpdate Scheduler;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-23 243064]
    R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
    R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
    R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
    R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-12-08 93320]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
    R2 O&O Defrag;O&O Defrag; C:\Windows\system32\oodag.exe [2007-06-28 1049856]
    R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-07-09 1251720]
    S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe []
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-25 647680]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-13 234864]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
    S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-03-19 2739229]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

    -----------------EOF-----------------
    a c 294 8 Sécurité
    8 Janvier 2010 22:10:56

  • Désinstalle DAEMON Tools Toolbar.

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=-
    "{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Users\Gladys\AppData\Local\Temp\IXP000.TMP\ggdfgd.exe"=-

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    9 Janvier 2010 08:45:10

    Voici le rapport de OTM


    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Users\Gladys\AppData\Local\Temp\IXP000.TMP\ggdfgd.exe deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users
    -> No Temporary Internet Files cache folder defined!

    User: AncolieMag
    -> No Temporary Internet Files cache folder defined!

    User: Default
    -> No Temporary Internet Files cache folder defined!

    User: Default User
    -> No Temporary Internet Files cache folder defined!

    User: Gladys
    -> No Temporary Internet Files cache folder defined!

    User: Public
    -> No Temporary Internet Files cache folder defined!

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    Windows Temp folder emptied: 31532292 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 87596 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 30,00 mb


    OTM by OldTimer - Version 3.1.4.0 log created on 01092010_082629

    Files moved on Reboot...
    File C:\Windows\temp\JETBE2.tmp not found!

    Registry entries deleted on Reboot...
    9 Janvier 2010 20:48:13

    Non plus aucun soucis pour l'instant. Merci infiniment je croise les doigts pour que ca continue :) 

    Bonne continuation à toi ;) 
    a c 294 8 Sécurité
    9 Janvier 2010 20:55:01

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Clique droit sur ToolsCleaner2.exe et choisis Exécuter en tant qu'administrateur.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    9 Janvier 2010 21:21:54

    Voici le rapport Tcleaner :

    [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\cleannavi.txt: trouvé !
    C:\_OTM: trouvé !
    C:\UsbFix: trouvé !
    C:\Rsit: trouvé !
    C:\Program Files\Navilog1: trouvé !
    C:\Program Files\Navilog1\Navilog1.bat: trouvé !
    C:\Users\Gladys\AppData\Local\Temp\*.msnfix: trouvé !
    C:\Users\Gladys\AppData\Roaming\Microsoft\Windows\Recent\MSNFix.lnk: trouvé !
    C:\Users\Gladys\Desktop \Navilog1.exe: trouvé !
    C:\Users\Gladys\Desktop\catchme.log: trouvé !
    C:\Users\Gladys\Desktop\MsnFix: trouvé !
    C:\Users\Gladys\Desktop\MSNFix\incl\catchme.exe: trouvé !
    C:\Users\Gladys\Downloads\Msnfix.zip: trouvé !
    C:\Users\Gladys\Downloads\OTM.exe: trouvé !
    atrouvé !
    C:\Users\Gladys\Downloads\hijackthis.log: trouvé !
    C:\Users\Gladys\Downloads\UsbFix.exe: trouvé !
    C:\Users\Gladys\Downloads\Rsit.exe: trouvé !
    C:\Users\Gladys\Downloads\MsnFix: trouvé !
    C:\Users\Gladys\Downloads\MSNFix\MsnFix: trouvé !
    C:\Users\Gladys\Downloads\MSNFix\MSNFix\incl\catchme.exe: trouvé !
    C:\Windows\msnfix.txt: trouvé !
    C:\Windows\System32\*.msnfix: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Program Files\Navilog1\Navilog1.bat: supprimé !
    C:\Users\Gladys\AppData\Roaming\Microsoft\Windows\Recent\MSNFix.lnk: supprimé !
    C:\Users\Gladys\Desktop\Navilog1.exe: supprimé !
    C:\Users\Gladys\Desktop\MSNFix\incl\catchme.exe: supprimé !
    C:\Users\Gladys\Downloads\Msnfix.zip: supprimé !
    C:\Users\Gladys\Downloads\OTM.exe: supprimé !
    C:\Users\Gladys\Downloads\HijackThis.exe: supprimé !
    C:\Users\Gladys\Downloads\MSNFix\MSNFix\incl\catchme.exe: supprimé !
    C:\cleannavi.txt: supprimé !
    C:\Users\Gladys\AppData\Local\Temp\*.msnfix: ERREUR DE SUPPRESSION !!
    C:\Users\Gladys\Desktop\catchme.log: supprimé !
    C:\Users\Gladys\Downloads\hijackthis.log: supprimé !
    C:\Users\Gladys\Downloads\UsbFix.exe: supprimé !
    C:\Users\Gladys\Downloads\Rsit.exe: supprimé !
    C:\Windows\msnfix.txt: supprimé !
    C:\Windows\System32\*.msnfix: ERREUR DE SUPPRESSION !!
    C:\_OTM: supprimé !
    C:\UsbFix: supprimé !
    C:\Rsit: supprimé !
    C:\Program Files\Navilog1: supprimé !
    C:\Users\Gladys\Desktop\MsnFix: supprimé !
    C:\Users\Gladys\Downloads\MsnFix: supprimé !
    a c 294 8 Sécurité
    9 Janvier 2010 21:23:28

    Tu peux supprimer ToolsCleaner.

    Bonne nuit ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS