[Résolu] Mon PC rame et plante

[Gof]

Assure toi que HijackThis, et tous les programmes que je te te demande d'exécuter, soient exécutés en mode Administrateur.

 

Pour cela, ne double-clique pas dessus, mais fais un clic-droit avec ta souris, et sélectionne Exécuter en tant qu'Administrateur.

 

Réessaie, et dis moi ce qu'il en est.

[Missty]

La manip a fonctionner ! merci beaucoup

Et voici le rapport malwarebytes

 

 

 

 

Malwarebytes' Anti-Malware 1.34

Version de la base de données: 1883

Windows 6.0.6001 Service Pack 1

 

22/03/2009 15:48:23

mbam-log-2009-03-22 (15-48-23).txt

 

Type de recherche: Examen complet (C:\|D:\|)

Eléments examinés: 206305

Temps écoulé: 1 hour(s), 27 minute(s), 52 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 3

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3b8fb116-d358-48a3-a5c7-db84f15cbb04} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\webmedia.chl (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

[Gof]

Bonjour,

 

Bien. Reposte un rapport RSIT, généré de la même façon que précédemment.

 

A ce rapport, joins en un autre, généré comme ceci :

 

Télécharge Rooter de Eric_71 sur ton bureau.

• Double-clique dessus afin de l'exécuter.
  
• L'outil va travailler et le Bloc-Notes va s'ouvrir
  
• Poste le rapport une fois qu'il sera affiché dans le Bloc-Notes
  

 

Profites en pour donner des nouvelles du PC.

[Missty]

Euh .... un rapport RSIT ?????

 

le PC va déjà bien mieux , seul internet ne répond parfois .

 

Microsoft Windows Vista Home Edition (6.0.6001) Service Pack 1

 

C:\ [Fixed] - NTFS - (Total:144985 Mo/Free:1119 Mo)

D:\ [Fixed] - NTFS - (Total:7640 Mo/Free:2046 Mo)

E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

 

22/03/2009|16:11

 

----------------------\\ Processes..

 

--Locked-- [system Process]

--Locked-- System

---------- \SystemRoot\System32\smss.exe

---------- C:\Windows\system32\csrss.exe

---------- C:\Windows\system32\wininit.exe

---------- C:\Windows\system32\csrss.exe

---------- C:\Windows\system32\services.exe

---------- C:\Windows\system32\lsass.exe

---------- C:\Windows\system32\lsm.exe

---------- C:\Windows\system32\svchost.exe

---------- C:\Windows\system32\winlogon.exe

---------- C:\Windows\system32\svchost.exe

---------- C:\Windows\System32\svchost.exe

---------- C:\Windows\System32\svchost.exe

---------- C:\Windows\System32\svchost.exe

---------- C:\Windows\system32\svchost.exe

--Locked-- audiodg.exe

---------- C:\Windows\system32\SLsvc.exe

---------- C:\Windows\system32\svchost.exe

---------- C:\Windows\System32\spoolsv.exe

---------- C:\Windows\system32\taskeng.exe

---------- C:\Windows\system32\Dwm.exe

---------- C:\Windows\Explorer.EXE

---------- C:\Windows\system32\svchost.exe

---------- ??

---------- C:\Windows\system32\svchost.exe

---------- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

---------- C:\Program Files\Common Files\LightScribe\LSSrvc.exe

---------- C:\Windows\system32\svchost.exe

---------- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

---------- C:\Windows\system32\svchost.exe

---------- C:\Windows\System32\svchost.exe

---------- C:\Windows\system32\SearchIndexer.exe

---------- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

---------- C:\Windows\system32\taskeng.exe

---------- C:\Program Files\Synaptics\SynTP\SynTPStart.exe

---------- C:\Windows\RtHDVCpl.exe

---------- C:\Windows\System32\rundll32.exe

---------- C:\Program Files\Java\jre6\bin\jusched.exe

---------- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

---------- C:\Program Files\Windows Sidebar\sidebar.exe

---------- C:\Program Files\Nosibay\VPbubble\Launcher.exe

---------- C:\Windows\ehome\ehtray.exe

---------- C:\Program Files\Windows Media Player\wmpnscfg.exe

---------- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

---------- C:\Windows\System32\rundll32.exe

---------- C:\Program Files\Windows Media Player\wmpnetwk.exe

---------- C:\Windows\ehome\ehmsas.exe

---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

---------- C:\Program Files\Windows Sidebar\sidebar.exe

---------- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

---------- C:\Program Files\Windows Live\Mail\wlmail.exe

---------- C:\Program Files\Windows Live\Contacts\wlcomm.exe

---------- C:\Program Files\Nosibay\VPbubble\VPbubble.exe

---------- C:\Program Files\Windows Live\Toolbar\wltuser.exe

---------- C:\Windows\system32\conime.exe

---------- C:\Program Files\Internet Explorer\IEUser.exe

---------- C:\Program Files\Internet Explorer\iexplore.exe

---------- C:\Windows\system32\DllHost.exe

---------- C:\Windows\system32\DllHost.exe

---------- C:\Windows\system32\cmd.exe

---------- C:\Rooter$\RK.exe

 

----------------------\\ Search..

 

----------------------\\ ROOTKIT !!

 

 

 

1 - "C:\Rooter$\Rooter_1.txt" - 22/03/2009|16:11

 

----------------------\\ Scan completed at 16:11

[Gof]

Oui, RSIT, tel que Pear te l'avait déjà fait exécuté dans ce post.

[Missty]

le rapport log.txt

 

par contre le rapport info.txt reste celui du 20 Mars

 

 

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by Missty at 2009-03-22 16:20:48

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1

System drive C: has 71 GB (49%) free of 145 GB

Total RAM: 2046 MB (41% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:20:52, on 22/03/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Nosibay\VPbubble\Launcher.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\System32\rundll32.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Nosibay\VPbubble\VPbubble.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Windows\system32\conime.exe

C:\Program Files\Internet Explorer\IEUser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Missty\Desktop\RSIT.exe

C:\Users\Missty\Downloads\Missty.exe

 

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Users\Missty\Downloads\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [VPbubble] "C:\Program Files\Nosibay\VPbubble\launcher.exe"

O4 - HKCU\..\Run: [EPSON Stylus S20 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEAE.EXE /FU "C:\Windows\TEMP\E_S35A0.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - Trusted Zone: *.canalplay.com

O15 - Trusted Zone: *.canalplusactive.com

O15 - Trusted Zone: *.canalplay.com (HKLM)

O15 - Trusted Zone: *.canalplusactive.com (HKLM)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll

O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Service CANALPLAY - Canal+ Distribution - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 

--

End of file - 7598 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\User_Feed_Synchronization-{F91B2FA7-0ECF-42C0-A5B3-E6746407262D}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-07-29 62728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-12-02 2436160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-12-02 2436160]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-09 4390912]

"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-05-01 86016]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-05-01 8429568]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-05-01 81920]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]

"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-02-05 206088]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]

"Malwarebytes' Anti-Malware"=C:\Users\Missty\Downloads\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

"VPbubble"=C:\Program Files\Nosibay\VPbubble\launcher.exe [2008-06-03 239120]

"EPSON Stylus S20 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEAE.EXE [2007-11-30 188928]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe [2008-10-05 235936]

 

C:\Users\Missty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

C:\Windows\system32\klogon.dll [2008-07-29 218376]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======List of files/folders created in the last 3 months======

 

2009-03-22 16:11:56 ----A---- C:\Rooter.txt

2009-03-22 16:11:15 ----D---- C:\Rooter$

2009-03-20 19:38:45 ----D---- C:\rsit

2009-03-19 20:29:27 ----D---- C:\_OTMoveIt

2009-03-19 20:12:20 ----A---- C:\Users\Missty\AppData\Roaming\SetValue.bat

2009-03-19 20:12:20 ----A---- C:\Users\Missty\AppData\Roaming\GetValue.vbs

2009-03-19 19:47:00 ----A---- C:\Windows\system32\tmp.txt

2009-03-19 19:46:57 ----A---- C:\rapport.txt

2009-03-19 19:46:39 ----A---- C:\Windows\system32\WS2Fix.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\VCCLSID.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\VACFix.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\swxcacls.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\swsc.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\swreg.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\SrchSTS.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\Process.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\o4Patch.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\IEDFix.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\IEDFix.C.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\dumphive.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe

2009-03-19 19:46:39 ----A---- C:\Windows\system32\404Fix.exe

2009-03-11 18:33:03 ----A---- C:\Windows\system32\wmp.dll

2009-03-11 18:33:02 ----A---- C:\Windows\system32\wmploc.DLL

2009-03-11 18:33:02 ----A---- C:\Windows\system32\spwmp.dll

2009-03-11 18:33:02 ----A---- C:\Windows\system32\dxmasf.dll

2009-03-11 18:32:58 ----A---- C:\Windows\system32\schannel.dll

2009-03-02 10:12:05 ----D---- C:\Program Files\Microsoft Sync Framework

2009-02-17 16:28:36 ----A---- C:\Windows\system32\EncDec.dll

2009-02-17 16:28:30 ----A---- C:\Windows\system32\psisdecd.dll

2009-02-11 08:46:13 ----A---- C:\Windows\system32\mshtml.dll

2009-02-11 08:46:12 ----A---- C:\Windows\system32\ieframe.dll

2009-02-11 08:46:11 ----A---- C:\Windows\system32\wininet.dll

2009-02-11 08:46:11 ----A---- C:\Windows\system32\urlmon.dll

2009-02-11 08:46:11 ----A---- C:\Windows\system32\msfeeds.dll

2009-02-11 08:46:10 ----A---- C:\Windows\system32\mstime.dll

2009-02-11 08:46:10 ----A---- C:\Windows\system32\jsproxy.dll

2009-02-11 08:46:10 ----A---- C:\Windows\system32\iertutil.dll

2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll

2009-02-02 14:02:08 ----D---- C:\ProgramData\Zylom

2009-01-05 11:05:40 ----D---- C:\ProgramData\GameHouse

2009-01-04 19:59:03 ----D---- C:\Program Files\Common Files\Sonic Shared

 

======List of files/folders modified in the last 3 months======

 

2009-03-22 16:20:47 ----D---- C:\Windows\Temp

2009-03-22 16:18:44 ----D---- C:\Windows\Prefetch

2009-03-22 14:18:39 ----D---- C:\Windows\system32\drivers

2009-03-21 16:34:03 ----D---- C:\Windows\System32

2009-03-21 16:34:03 ----D---- C:\Windows\inf

2009-03-21 16:34:03 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-03-21 08:40:19 ----D---- C:\ProgramData\Kaspersky Lab

2009-03-21 08:40:08 ----D---- C:\Windows\SMINST

2009-03-20 22:09:55 ----SHD---- C:\System Volume Information

2009-03-20 19:39:06 ----D---- C:\Program Files\Trend Micro

2009-03-19 20:22:22 ----HD---- C:\ProgramData

2009-03-19 20:21:59 ----SHD---- C:\Windows\Installer

2009-03-19 20:15:05 ----SD---- C:\Windows\Downloaded Program Files

2009-03-19 20:11:58 ----A---- C:\Windows\ntbtlog.txt

2009-03-18 22:25:36 ----D---- C:\Program Files\Common Files

2009-03-18 19:39:12 ----RD---- C:\Program Files

2009-03-12 18:07:26 ----D---- C:\Windows\winsxs

2009-03-12 17:56:49 ----D---- C:\Windows\system32\catroot

2009-03-12 17:52:22 ----D---- C:\Program Files\Windows Media Player

2009-03-12 17:52:21 ----D---- C:\Program Files\Windows Mail

2009-03-11 18:32:42 ----D---- C:\Windows\system32\catroot2

2009-03-02 11:32:45 ----D---- C:\Windows\Microsoft.NET

2009-03-02 11:32:44 ----RSD---- C:\Windows\assembly

2009-03-02 10:17:01 ----SD---- C:\Users\Missty\AppData\Roaming\Microsoft

2009-03-02 10:12:20 ----D---- C:\Program Files\Windows Live

2009-03-02 10:11:57 ----SD---- C:\ProgramData\Microsoft

2009-03-02 10:11:38 ----D---- C:\Windows

2009-03-02 10:09:07 ----D---- C:\Program Files\Common Files\microsoft shared

2009-02-25 20:39:30 ----A---- C:\Windows\system32\samsrv.dll

2009-02-25 19:52:52 ----D---- C:\Windows\system32\config

2009-02-25 19:52:42 ----D---- C:\Windows\Tasks

2009-02-25 19:52:42 ----D---- C:\Windows\system32\Tasks

2009-02-25 19:52:41 ----D---- C:\Windows\system32\spool

2009-02-25 19:52:41 ----D---- C:\Windows\system32\Msdtc

2009-02-25 19:52:39 ----D---- C:\Windows\system32\wbem

2009-02-25 19:52:39 ----D---- C:\Windows\registration

2009-02-25 12:55:00 ----A---- C:\Windows\system32\mrt.exe

2009-02-17 16:58:57 ----D---- C:\Windows\ehome

2009-02-02 15:04:12 ----D---- C:\Users\Missty\AppData\Roaming\Identities

2009-02-02 14:02:05 ----D---- C:\Users\Missty\AppData\Roaming\Zylom

2009-01-05 12:11:00 ----D---- C:\Program Files\Common Files\Real

2009-01-05 12:10:40 ----D---- C:\Users\Missty\AppData\Roaming\Real

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]

R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2008-07-21 121872]

R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-02-05 224272]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2008-07-09 20496]

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]

R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]

R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936]

R3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-01 7495968]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]

R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-10-09 981504]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]

R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]

S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

S3 catchme;catchme; \??\C:\Users\Missty\AppData\Local\Temp\catchme.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 E100B;Pilote de carte Intel ® PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]

S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; C:\Windows\system32\DRIVERS\sis163u.sys [2005-06-20 215040]

S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 avp;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-02-05 206088]

R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]

R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-02 138168]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]

S3 Service CANALPLAY;Service CANALPLAY; C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 436096]

S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]

 

-----------------EOF-----------------

[Gof]

Re

 

Ton rapport n'indique plus aucune trace ambigüe et/ou infectieuse.

 

Tout est légitime. Qu'en est-il de tes soucis initiaux ?

[Missty]

ça a l'air d'être tout bon , le malade semble être guéri !!

 

un grand merci pour ton aide et celle de pear

[Gof]

Bien, je vais te faire supprimer les éléments que l'on a utilisés.

 

 

Supprime les éléments suivants si présents sur ton Bureau :

• Del.bat
  smitfraudfix.exe
  otmoveit3.exe
  Rooter.exe
  

 

Supprime les fichiers suivants si présents :

• C:\Users\Missty\Downloads\RSIT.exe
  C:\Windows\system32\tmp.txt
  C:\Windows\system32\WS2Fix.exe
  C:\Windows\system32\VCCLSID.exe
  C:\Windows\system32\VACFix.exe
  C:\Windows\system32\swxcacls.exe
  C:\Windows\system32\swsc.exe
  C:\Windows\system32\swreg.exe
  C:\Windows\system32\SrchSTS.exe
  C:\Windows\system32\Process.exe
  C:\Windows\system32\o4Patch.exe
  C:\Windows\system32\IEDFix.exe
  C:\Windows\system32\IEDFix.C.exe
  C:\Windows\system32\dumphive.exe
  C:\Windows\system32\Agent.OMZ.Fix.exe
  C:\Windows\system32\404Fix.exe
  C:\rapport.txt
  C:\Rooter.txt
  

 

Supprime les répertoire suivants si présents :

• C:\_OTMoveIt
  C:\RSIT
  C:\Rooter$
  

Vide ta corbeille.

 

Je t'ai fait télécharger MBAM ; je te suggère de le conserver. Dans sa version gratuite, il ne possède pas de modules résidents, mais tu peux toujours le mettre à jour et effectuer des analyses ponctuelles à des fins de contrôle. Sinon, tu pourras le désinstaller via ton Panneau de configuration. Je te suggère de conserver également HijackThis, en prenant soin de ne pas faire de bêtises. Sinon, tu peux le désinstaller de la même façon.

 

Télécharge JavaRa.zip de Paul McLain et Fred de Vries.

• Décompresse le fichier sur ton bureau (clic droit > Extraire tout)
  
• Double-clique sur le répertoire JavaRa obtenu
  
• Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher)
  
• Sélectionne français pour la langue
  
• Clique sur Rechercher des mises à jour
  
• Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher
  
• Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
  
• Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Effacer les anciennes versions
  
• Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
  
• Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
  Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log (c:\JavaRa.log)
  
• Ferme l'application
  

 

Puisque ton pc ne présente aucun disfonctionnement, je te fais désactiver et réactiver ta restauration système de sorte d'effacer tous tes anciens points de restauration. Histoire de repartir sur des bases saines. Suis la manipulation indiquée :

 

Ne t'inquiète pas, en la réactivant, Windows recréera automatiquement un point de restauration qui sera, lui, propre. Procède comme ceci :

-clic droit sur Poste de travail / Propriétés / onglet Système de restauration

- coche la case "Désactiver le système de restauration..."

- clique sur "Appliquer" puis "oui"

- - redémarre, reviens sur ce panneau

- décoche la case "Désactiver le système de restauration..." pour remettre les choses en place.

- clique sur "Appliquer" puis "Ok"

 

Quand tout sera fait, reviens m'indiquer que cela s'est bien passé.

[Missty]

JavaRa 1.13 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Sun Mar 22 20:59:11 2009

 

Found and removed: C:\Program Files\Java\jre1.6.0

 

Found and removed: C:\Program Files\Java\jre1.6.0_07

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610000

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160000}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\JavaPlugin.160

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

 

------------------------------------

 

Finished reporting.