Se connecter / S'enregistrer
Votre question

Heur trojan win 32 generic

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Février 2010 12:00:16

Bonjour,

Kapersky internet security 2010 me dit que mon mon ordi est infecté par 4 virus heur trojan win 32 generic, je vous poste mon rapport hijackthis afin de voir si quelqu'un peut m'aider a supprimer ses 3 virus sachant qu'ils viennent de MSN.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:52:31, on 10/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\WindowsMobile\wmdSync.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Orange\Media Player\Media Player.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.ke.voila.fr/S/voila?kw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'Default user')
O4 - Startup: setup_9.0.0.722_07.02.2010_23-24.lnk = C:\Users\sonia\Desktop\Virus Removal Tool\setup_9.0.0.722_07.02.2010_23-24\startup.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Ruby Fortune Casino - 8172D63A-9868-4364-A868-F9E223526BFC - C:\Microgaming\Casino\RubyFortune\Casinogame.exe (HKCU)
O9 - Extra button: Royal Vegas Online Casino - FD6334AD-96C8-4201-954C-C3EE9BD2CC2E - C:\Microgaming\Casino\RoyalVegas\Casinogame.exe (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/nordnet/orange/so-4...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
O23 - Service: Service Google Update (gupdate1ca41b0aa8c3a7c) (gupdate1ca41b0aa8c3a7c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14569 bytes

Autres pages sur : heur trojan win generic

a c 296 8 Sécurité
10 Février 2010 12:37:59

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\Rsit.
    10 Février 2010 12:51:31

    Rebonjour,

    Voici le 1er rapport qui est apparu a la fin de RSIT

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by sonia at 2010-02-10 12:41:07
    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2
    System drive C: has 33 GB (31%) free of 106 GB
    Total RAM: 1790 MB (47% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:41:38, on 10/02/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18882)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\WINDOWS\WindowsMobile\wmdSync.exe
    C:\Program Files\Microsoft Security Essentials\msseces.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Orange\Media Player\Media Player.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\sonia\Documents\Downloads\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\sonia.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.ke.voila.fr/S/voila?kw=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
    O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'Default user')
    O4 - Startup: setup_9.0.0.722_07.02.2010_23-24.lnk = C:\Users\sonia\Desktop\Virus Removal Tool\setup_9.0.0.722_07.02.2010_23-24\startup.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: McAfee Security Scan.lnk = ?
    O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Ruby Fortune Casino - 8172D63A-9868-4364-A868-F9E223526BFC - C:\Microgaming\Casino\RubyFortune\Casinogame.exe (HKCU)
    O9 - Extra button: Royal Vegas Online Casino - FD6334AD-96C8-4201-954C-C3EE9BD2CC2E - C:\Microgaming\Casino\RoyalVegas\Casinogame.exe (HKCU)
    O13 - Gopher Prefix:
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
    O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/nordnet/orange/so-4...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx...
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
    O23 - Service: Service Google Update (gupdate1ca41b0aa8c3a7c) (gupdate1ca41b0aa8c3a7c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 14556 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\HPCeeScheduleForsonia.job
    C:\Windows\tasks\Registry_Doktor.job
    C:\Windows\tasks\User_Feed_Synchronization-{3089D79E-E8F9-4F5A-9171-ACF5C262E3C3}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
    IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-06 279664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-06 812528]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
    FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
    SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-06 279664]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
    "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
    "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-01 468264]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
    "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
    "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
    "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
    "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
    "MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
    "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
    "OrangePlayer"=C:\Program Files\Orange\Media Player\Media Player.exe [2009-02-16 319488]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-19 39408]
    "ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2010-01-26 1724728]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

    C:\Users\sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    setup_9.0.0.722_07.02.2010_23-24.lnk - C:\Users\sonia\Desktop\Virus Removal Tool\setup_9.0.0.722_07.02.2010_23-24\startup.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\Windows\system32\klogon.dll [2009-10-20 219664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2009-11-25 49152]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableLockWorkstation"=0
    "DisableTaskMgr"=0
    "DisableChangePassword"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0
    "HideFastUserSwitching"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoLogoff"=0
    "NoClose"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16490f1f-a493-11de-aaff-806e6f6e6963}]
    shell\AutoRun\command - E:\Vfk.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cedb6574-c890-11de-9804-001d72636362}]
    shell\AutoRun\command - F:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cedb6575-c890-11de-9804-001d72636362}]
    shell\AutoRun\command - F:\VMC_PBStarter.exe


    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2010-02-10 12:41:07 ----D---- C:\rsit
    2010-02-10 11:51:41 ----D---- C:\Program Files\Trend Micro
    2010-02-10 08:27:33 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2010-02-10 08:27:29 ----A---- C:\Windows\system32\ntoskrnl.exe
    2010-02-10 08:25:30 ----A---- C:\Windows\system32\quartz.dll
    2010-02-10 08:25:27 ----A---- C:\Windows\system32\msvidc32.dll
    2010-02-10 08:25:26 ----A---- C:\Windows\system32\tsbyuv.dll
    2010-02-10 08:25:26 ----A---- C:\Windows\system32\msyuv.dll
    2010-02-10 08:25:26 ----A---- C:\Windows\system32\msrle32.dll
    2010-02-10 08:25:25 ----A---- C:\Windows\system32\iyuv_32.dll
    2010-02-10 08:25:24 ----A---- C:\Windows\system32\msvfw32.dll
    2010-02-10 08:25:24 ----A---- C:\Windows\system32\mciavi32.dll
    2010-02-10 08:25:24 ----A---- C:\Windows\system32\avifil32.dll
    2010-02-08 14:07:47 ----D---- C:\Program Files\iPod
    2010-02-08 14:06:41 ----D---- C:\Program Files\iTunes
    2010-02-07 21:37:20 ----D---- C:\Program Files\Microsoft Security Essentials
    2010-02-07 19:05:54 ----D---- C:\Users\sonia\AppData\Roaming\4Media
    2010-02-07 18:56:13 ----D---- C:\Program Files\Xilisoft
    2010-02-07 17:36:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-02-06 22:02:08 ----D---- C:\Program Files\T3Desk
    2010-02-06 21:51:21 ----D---- C:\Program Files\AxBx
    2010-02-06 18:13:40 ----D---- C:\ProgramData\LightScribe
    2010-02-05 19:36:00 ----A---- C:\Users\sonia\AppData\Roaming\QuickZip45.ini
    2010-02-05 19:35:35 ----D---- C:\Program Files\QuickZip4
    2010-02-05 15:57:12 ----D---- C:\Program Files\Yahoo!
    2010-02-05 15:56:32 ----D---- C:\Program Files\CCleaner
    2010-02-04 11:45:56 ----D---- C:\Users\sonia\AppData\Roaming\Malwarebytes
    2010-02-04 11:44:01 ----D---- C:\ProgramData\Malwarebytes
    2010-01-24 21:10:37 ----D---- C:\Program Files\adslTV
    2010-01-23 16:17:48 ----D---- C:\Users\sonia\AppData\Roaming\HP
    2010-01-22 17:30:03 ----A---- C:\Windows\system32\mshtml.dll
    2010-01-22 17:30:02 ----A---- C:\Windows\system32\ieframe.dll
    2010-01-22 17:30:00 ----A---- C:\Windows\system32\iertutil.dll
    2010-01-22 17:29:59 ----A---- C:\Windows\system32\urlmon.dll
    2010-01-22 17:29:58 ----A---- C:\Windows\system32\wininet.dll
    2010-01-22 17:29:58 ----A---- C:\Windows\system32\occache.dll
    2010-01-22 17:29:58 ----A---- C:\Windows\system32\msfeeds.dll
    2010-01-22 17:29:57 ----A---- C:\Windows\system32\iedkcs32.dll
    2010-01-22 17:29:55 ----A---- C:\Windows\system32\ieui.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\msfeedssync.exe
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\msfeedsbs.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\jsproxy.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\ieUnatt.exe
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\iesysprep.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\iepeers.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\ie4uinit.exe
    2010-01-22 17:29:53 ----A---- C:\Windows\system32\iesetup.dll
    2010-01-22 17:29:53 ----A---- C:\Windows\system32\iernonce.dll
    2010-01-18 20:31:48 ----D---- C:\Program Files\Zylom Games
    2010-01-18 12:56:03 ----D---- C:\Program Files\HP Games
    2010-01-18 11:37:49 ----D---- C:\Program Files\WildGames
    2010-01-16 19:10:17 ----D---- C:\Windows\system32\Adobe
    2010-01-15 17:30:14 ----D---- C:\ProgramData\SUPERAntiSpyware.com
    2010-01-15 17:29:44 ----D---- C:\Users\sonia\AppData\Roaming\SUPERAntiSpyware.com
    2010-01-12 19:10:59 ----A---- C:\Windows\system32\t2embed.dll
    2010-01-12 19:10:59 ----A---- C:\Windows\system32\fontsub.dll

    ======List of files/folders modified in the last 1 months======

    2010-02-10 12:40:57 ----D---- C:\Windows\Temp
    2010-02-10 11:51:41 ----D---- C:\Program Files
    2010-02-10 09:44:49 ----D---- C:\Windows\winsxs
    2010-02-10 09:33:51 ----D---- C:\ProgramData\Kaspersky Lab
    2010-02-10 09:32:23 ----D---- C:\Users\sonia\AppData\Roaming\Media Player
    2010-02-10 09:32:17 ----D---- C:\Windows\Debug
    2010-02-10 09:32:17 ----D---- C:\WINDOWS
    2010-02-10 09:22:05 ----D---- C:\Windows\system32\catroot
    2010-02-10 09:20:57 ----D---- C:\Windows\system32\catroot2
    2010-02-10 09:18:14 ----D---- C:\Windows\system32\drivers
    2010-02-10 09:18:13 ----D---- C:\Windows\System32
    2010-02-10 09:18:13 ----D---- C:\Program Files\Windows Mail
    2010-02-10 09:03:44 ----SHD---- C:\System Volume Information
    2010-02-10 08:27:43 ----A---- C:\Windows\win.ini
    2010-02-10 08:27:40 ----SHD---- C:\Windows\Installer
    2010-02-08 14:07:43 ----D---- C:\Program Files\Common Files\Apple
    2010-02-08 09:50:30 ----D---- C:\Windows\Prefetch
    2010-02-07 21:38:29 ----SD---- C:\ProgramData\Microsoft
    2010-02-06 18:13:40 ----HD---- C:\ProgramData
    2010-02-05 19:45:00 ----D---- C:\Program Files\Common Files
    2010-02-05 19:40:09 ----D---- C:\ProgramData\WinZip
    2010-02-05 19:31:58 ----AD---- C:\ProgramData\TEMP
    2010-02-05 19:23:20 ----D---- C:\Users\sonia\AppData\Roaming\vlc
    2010-02-05 15:57:36 ----D---- C:\ProgramData\Yahoo! Companion
    2010-02-05 07:16:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-02-05 07:16:56 ----D---- C:\Windows\inf
    2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
    2010-01-29 22:15:36 ----D---- C:\Windows\WindowsMobile
    2010-01-28 09:51:43 ----D---- C:\Program Files\Internet Explorer
    2010-01-22 19:00:20 ----D---- C:\Windows\system32\migration
    2010-01-22 18:17:41 ----SD---- C:\Windows\Downloaded Program Files
    2010-01-22 16:01:42 ----D---- C:\Windows\system32\Msdtc
    2010-01-22 16:01:38 ----D---- C:\Windows\system32\wbem
    2010-01-22 16:00:51 ----D---- C:\Windows\system32\config
    2010-01-22 16:00:40 ----D---- C:\Windows\Tasks
    2010-01-22 16:00:40 ----D---- C:\Windows\system32\spool
    2010-01-22 16:00:39 ----D---- C:\Windows\system32\CodeIntegrity
    2010-01-22 16:00:37 ----D---- C:\Windows\registration
    2010-01-21 09:07:16 ----D---- C:\Program Files\Microsoft Silverlight
    2010-01-19 19:13:20 ----D---- C:\Users\sonia\AppData\Roaming\dvdcss
    2010-01-19 08:16:07 ----D---- C:\Windows\system32\WDI
    2010-01-18 13:14:14 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
    2010-01-18 12:40:46 ----D---- C:\Users\sonia\AppData\Roaming\WildTangent
    2010-01-18 11:55:28 ----D---- C:\Program Files\DivX
    2010-01-18 11:38:05 ----D---- C:\ProgramData\WildTangent
    2010-01-18 11:16:14 ----D---- C:\Program Files\Super Clone DVD
    2010-01-16 15:17:07 ----D---- C:\ProgramData\NOS
    2010-01-16 10:31:37 ----D---- C:\Program Files\Jeux.fr
    2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 69131341;69131341; C:\Windows\system32\DRIVERS\69131341.sys [2009-09-25 128016]
    R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
    R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-11-11 311312]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-11-03 21520]
    R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
    R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
    R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
    R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-09-18 1207288]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-10-03 222208]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
    R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
    R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
    R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
    R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-03 42528]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
    R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]
    R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-03-26 64000]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
    R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
    S1 setup_9.0.0.722_07.02.2010_23-24drv;setup_9.0.0.722_07.02.2010_23-24drv; C:\Windows\system32\DRIVERS\6913134.sys [2009-10-09 311312]
    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-09-18 1207288]
    S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
    S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
    S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
    S3 utmzntcx;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utmzntcx.sys [2010-02-10 7168]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
    R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
    R2 MsMpSvc;@c:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-25 361808]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
    R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
    R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
    S2 gupdate1ca41b0aa8c3a7c;Service Google Update (gupdate1ca41b0aa8c3a7c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-30 133104]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe []
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-19 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

    -----------------EOF-----------------

    Et voici le 2éme

    info.txt logfile of random's system information tool 1.06 2010-02-10 12:41:49

    ======Uninstall list======

    -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    -->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
    AIM 6-->C:\Program Files\AIM6\uninst.exe
    AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
    Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
    Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
    BlackJack-->"C:\Program Files\Hobby Concept\BlackJack\unins000.exe"
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Carte réseau local sans fil 802.11 Broadcom-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
    Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWAHerza.INF
    CyberLink DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
    CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Dofus 1.28.0-->C:\Program Files\Dofus\uninstall.exe
    Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
    Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.78\Installer\setup.exe" --uninstall --system-level
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP Active Support Library-->"C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe" -runfromtemp -l0x0409 -removeonly
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly
    HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
    HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
    HP DVD Play 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly
    HP Game Console-->"C:\Program Files\HP Games\HP Game Console\Uninstall.exe"
    HP Help and Support-->MsiExec.exe /X{31216452-5540-4C96-B754-94890A63D5AB}
    HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
    HP Quick Launch Buttons 6.40 D3-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
    HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Total Care Advisor-->MsiExec.exe /X{F31E534B-4199-4552-8154-5C130710D68E}
    HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f}
    HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
    HP User Guides 0110-->MsiExec.exe /I{B640E7CC-7091-4A24-AE76-2140065D2054}
    HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379}
    HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
    iTunes-->MsiExec.exe /I{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
    Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
    K-Lite Codec Pack 5.4.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
    LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
    Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    McDonald's Fairies-->C:\Program Files\McDonaldsFairies\uninstall.exe
    Media Player-->"C:\Program Files\Orange\Media Player\uninstall.exe"
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
    Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
    Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
    Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}\muveesetup.exe -removeonly -runfromtemp
    NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
    NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
    Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
    PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
    PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
    Quick Zip 4.60.019-->"C:\Program Files\QuickZip4\unins000.exe"
    QuickPlay SlingPlayer 0.4.6-->"C:\Program Files\HP\QuickPlay\unins000.exe"
    QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
    Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
    Royal Vegas Online Casino-->C:\Microgaming\Casino\RoyalVegas\install.exe -uninstall
    Ruby Fortune Casino-->C:\Microgaming\Casino\RubyFortune\install.exe -uninstall
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    T3Desk 2010 Build Version 10.01-->"C:\Program Files\T3Desk\unins000.exe"
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
    Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
    VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WildTangent ORB Game Console-->"C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
    Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    Zylom Games Player Plugin-->"C:\Program Files\Zylom Games\UninstallPlugin.exe" --uninstall

    ======Security center information======

    AS: Windows Defender

    ======System event log======

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29172
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29170
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29168
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29165
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29164
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    =====Application event log=====

    Computer Name: PC-de-sonia
    Event Code: 492
    Message: Catalog Database (1276) Catalog Database: La séquence du fichier journal dans "C:\Windows\system32\CatRoot2\" a été interrompue à cause d'une erreur irrécupérable. Aucune autre mise à jour n'est possible pour les bases de données utilisant cette séquence de fichier journal. Corrigez le problème et redémarrez ou effectuez une restauration à partir d'une version de sauvegarde.
    Record Number: 222
    Source Name: ESENT
    Time Written: 20090918235601.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-sonia
    Event Code: 413
    Message: Catalog Database (1276) Catalog Database: Impossible de créer un nouveau journal car la base de données ne peut pas écrire sur le lecteur de journalisation. Le lecteur est probablement en lecture seule, mal configuré ou endommagé. Erreur -1032.
    Record Number: 221
    Source Name: ESENT
    Time Written: 20090918235601.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-sonia
    Event Code: 490
    Message: Catalog Database (1276) Catalog Database: Une tentative d'ouverture du fichier "C:\Windows\system32\CatRoot2\edbtmp.log" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8).
    Record Number: 220
    Source Name: ESENT
    Time Written: 20090918235601.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-sonia
    Event Code: 10
    Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
    Record Number: 161
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090918212814.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-sonia
    Event Code: 10
    Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
    Record Number: 135
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090918210806.000000-000
    Event Type: Erreur
    User:

    =====Security event log=====

    Computer Name: PC-de-sonia
    Event Code: 4624
    Message: L’ouverture de session d’un compte s’est correctement déroulée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : WIN-PURN4W3ZXJC$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Type d’ouverture de session : 5

    Nouvelle ouverture de session :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Informations sur le processus :
    ID du processus : 0x210
    Nom du processus : C:\WINDOWS\System32\services.exe

    Informations sur le réseau :
    Nom de la station de travail :
    Adresse du réseau source : -
    Port source : -

    Informations détaillées sur l’authentification :
    Processus d’ouverture de session : Advapi
    Package d’authentification : Negotiate
    Services en transit : -
    Nom du package (NTLM uniquement) : -
    Longueur de la clé : 0

    Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

    Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

    Le champ Type d’ouverture de session indique le type d’o
    Contenus similaires
    10 Février 2010 13:01:10

    Destrio5 a dit :
    Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\Rsit.


  • Rebonjour,

    Voici le 1er rapport qui est apparu a la fin de RSIT

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by sonia at 2010-02-10 12:41:07
    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2
    System drive C: has 33 GB (31%) free of 106 GB
    Total RAM: 1790 MB (47% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:41:38, on 10/02/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18882)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\WINDOWS\WindowsMobile\wmdSync.exe
    C:\Program Files\Microsoft Security Essentials\msseces.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Orange\Media Player\Media Player.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\sonia\Documents\Downloads\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\sonia.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] io&pf=cnnb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.ke.voila.fr/S/voila?kw=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] io&pf=cnnb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
    O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [OrangePlayer] C:\Program Files\Orange\Media Player\Media Player.exe /systray (User 'Default user')
    O4 - Startup: setup_9.0.0.722_07.02.2010_23-24.lnk = C:\Users\sonia\Desktop\Virus Removal Tool\setup_9.0.0.722_07.02.2010_23-24\startup.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: McAfee Security Scan.lnk = ?
    O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Ruby Fortune Casino - 8172D63A-9868-4364-A868-F9E223526BFC - C:\Microgaming\Casino\RubyFortune\Casinogame.exe (HKCU)
    O9 - Extra button: Royal Vegas Online Casino - FD6334AD-96C8-4201-954C-C3EE9BD2CC2E - C:\Microgaming\Casino\RoyalVegas\Casinogame.exe (HKCU)
    O13 - Gopher Prefix:
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Mess [...] E_UNO1.cab
    O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ol [...] uncher.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.co [...] crlocx.ocx
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
    O23 - Service: Service Google Update (gupdate1ca41b0aa8c3a7c) (gupdate1ca41b0aa8c3a7c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 14556 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\HPCeeScheduleForsonia.job
    C:\Windows\tasks\Registry_Doktor.job
    C:\Windows\tasks\User_Feed_Synchronization-{3089D79E-E8F9-4F5A-9171-ACF5C262E3C3}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
    IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-06 279664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-06 812528]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
    FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
    SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-06 279664]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
    "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
    "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-01 468264]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
    "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
    "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
    "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
    "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
    "MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
    "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
    "OrangePlayer"=C:\Program Files\Orange\Media Player\Media Player.exe [2009-02-16 319488]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-19 39408]
    "ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2010-01-26 1724728]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

    C:\Users\sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    setup_9.0.0.722_07.02.2010_23-24.lnk - C:\Users\sonia\Desktop\Virus Removal Tool\setup_9.0.0.722_07.02.2010_23-24\startup.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\Windows\system32\klogon.dll [2009-10-20 219664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2009-11-25 49152]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableLockWorkstation"=0
    "DisableTaskMgr"=0
    "DisableChangePassword"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0
    "HideFastUserSwitching"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoLogoff"=0
    "NoClose"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16490f1f-a493-11de-aaff-806e6f6e6963}]
    shell\AutoRun\command - E:\Vfk.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cedb6574-c890-11de-9804-001d72636362}]
    shell\AutoRun\command - F:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cedb6575-c890-11de-9804-001d72636362}]
    shell\AutoRun\command - F:\VMC_PBStarter.exe


    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2010-02-10 12:41:07 ----D---- C:\rsit
    2010-02-10 11:51:41 ----D---- C:\Program Files\Trend Micro
    2010-02-10 08:27:33 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2010-02-10 08:27:29 ----A---- C:\Windows\system32\ntoskrnl.exe
    2010-02-10 08:25:30 ----A---- C:\Windows\system32\quartz.dll
    2010-02-10 08:25:27 ----A---- C:\Windows\system32\msvidc32.dll
    2010-02-10 08:25:26 ----A---- C:\Windows\system32\tsbyuv.dll
    2010-02-10 08:25:26 ----A---- C:\Windows\system32\msyuv.dll
    2010-02-10 08:25:26 ----A---- C:\Windows\system32\msrle32.dll
    2010-02-10 08:25:25 ----A---- C:\Windows\system32\iyuv_32.dll
    2010-02-10 08:25:24 ----A---- C:\Windows\system32\msvfw32.dll
    2010-02-10 08:25:24 ----A---- C:\Windows\system32\mciavi32.dll
    2010-02-10 08:25:24 ----A---- C:\Windows\system32\avifil32.dll
    2010-02-08 14:07:47 ----D---- C:\Program Files\iPod
    2010-02-08 14:06:41 ----D---- C:\Program Files\iTunes
    2010-02-07 21:37:20 ----D---- C:\Program Files\Microsoft Security Essentials
    2010-02-07 19:05:54 ----D---- C:\Users\sonia\AppData\Roaming\4Media
    2010-02-07 18:56:13 ----D---- C:\Program Files\Xilisoft
    2010-02-07 17:36:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-02-06 22:02:08 ----D---- C:\Program Files\T3Desk
    2010-02-06 21:51:21 ----D---- C:\Program Files\AxBx
    2010-02-06 18:13:40 ----D---- C:\ProgramData\LightScribe
    2010-02-05 19:36:00 ----A---- C:\Users\sonia\AppData\Roaming\QuickZip45.ini
    2010-02-05 19:35:35 ----D---- C:\Program Files\QuickZip4
    2010-02-05 15:57:12 ----D---- C:\Program Files\Yahoo!
    2010-02-05 15:56:32 ----D---- C:\Program Files\CCleaner
    2010-02-04 11:45:56 ----D---- C:\Users\sonia\AppData\Roaming\Malwarebytes
    2010-02-04 11:44:01 ----D---- C:\ProgramData\Malwarebytes
    2010-01-24 21:10:37 ----D---- C:\Program Files\adslTV
    2010-01-23 16:17:48 ----D---- C:\Users\sonia\AppData\Roaming\HP
    2010-01-22 17:30:03 ----A---- C:\Windows\system32\mshtml.dll
    2010-01-22 17:30:02 ----A---- C:\Windows\system32\ieframe.dll
    2010-01-22 17:30:00 ----A---- C:\Windows\system32\iertutil.dll
    2010-01-22 17:29:59 ----A---- C:\Windows\system32\urlmon.dll
    2010-01-22 17:29:58 ----A---- C:\Windows\system32\wininet.dll
    2010-01-22 17:29:58 ----A---- C:\Windows\system32\occache.dll
    2010-01-22 17:29:58 ----A---- C:\Windows\system32\msfeeds.dll
    2010-01-22 17:29:57 ----A---- C:\Windows\system32\iedkcs32.dll
    2010-01-22 17:29:55 ----A---- C:\Windows\system32\ieui.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\msfeedssync.exe
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\msfeedsbs.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\jsproxy.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\ieUnatt.exe
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\iesysprep.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\iepeers.dll
    2010-01-22 17:29:54 ----A---- C:\Windows\system32\ie4uinit.exe
    2010-01-22 17:29:53 ----A---- C:\Windows\system32\iesetup.dll
    2010-01-22 17:29:53 ----A---- C:\Windows\system32\iernonce.dll
    2010-01-18 20:31:48 ----D---- C:\Program Files\Zylom Games
    2010-01-18 12:56:03 ----D---- C:\Program Files\HP Games
    2010-01-18 11:37:49 ----D---- C:\Program Files\WildGames
    2010-01-16 19:10:17 ----D---- C:\Windows\system32\Adobe
    2010-01-15 17:30:14 ----D---- C:\ProgramData\SUPERAntiSpyware.com
    2010-01-15 17:29:44 ----D---- C:\Users\sonia\AppData\Roaming\SUPERAntiSpyware.com
    2010-01-12 19:10:59 ----A---- C:\Windows\system32\t2embed.dll
    2010-01-12 19:10:59 ----A---- C:\Windows\system32\fontsub.dll

    ======List of files/folders modified in the last 1 months======

    2010-02-10 12:40:57 ----D---- C:\Windows\Temp
    2010-02-10 11:51:41 ----D---- C:\Program Files
    2010-02-10 09:44:49 ----D---- C:\Windows\winsxs
    2010-02-10 09:33:51 ----D---- C:\ProgramData\Kaspersky Lab
    2010-02-10 09:32:23 ----D---- C:\Users\sonia\AppData\Roaming\Media Player
    2010-02-10 09:32:17 ----D---- C:\Windows\Debug
    2010-02-10 09:32:17 ----D---- C:\WINDOWS
    2010-02-10 09:22:05 ----D---- C:\Windows\system32\catroot
    2010-02-10 09:20:57 ----D---- C:\Windows\system32\catroot2
    2010-02-10 09:18:14 ----D---- C:\Windows\system32\drivers
    2010-02-10 09:18:13 ----D---- C:\Windows\System32
    2010-02-10 09:18:13 ----D---- C:\Program Files\Windows Mail
    2010-02-10 09:03:44 ----SHD---- C:\System Volume Information
    2010-02-10 08:27:43 ----A---- C:\Windows\win.ini
    2010-02-10 08:27:40 ----SHD---- C:\Windows\Installer
    2010-02-08 14:07:43 ----D---- C:\Program Files\Common Files\Apple
    2010-02-08 09:50:30 ----D---- C:\Windows\Prefetch
    2010-02-07 21:38:29 ----SD---- C:\ProgramData\Microsoft
    2010-02-06 18:13:40 ----HD---- C:\ProgramData
    2010-02-05 19:45:00 ----D---- C:\Program Files\Common Files
    2010-02-05 19:40:09 ----D---- C:\ProgramData\WinZip
    2010-02-05 19:31:58 ----AD---- C:\ProgramData\TEMP
    2010-02-05 19:23:20 ----D---- C:\Users\sonia\AppData\Roaming\vlc
    2010-02-05 15:57:36 ----D---- C:\ProgramData\Yahoo! Companion
    2010-02-05 07:16:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-02-05 07:16:56 ----D---- C:\Windows\inf
    2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
    2010-01-29 22:15:36 ----D---- C:\Windows\WindowsMobile
    2010-01-28 09:51:43 ----D---- C:\Program Files\Internet Explorer
    2010-01-22 19:00:20 ----D---- C:\Windows\system32\migration
    2010-01-22 18:17:41 ----SD---- C:\Windows\Downloaded Program Files
    2010-01-22 16:01:42 ----D---- C:\Windows\system32\Msdtc
    2010-01-22 16:01:38 ----D---- C:\Windows\system32\wbem
    2010-01-22 16:00:51 ----D---- C:\Windows\system32\config
    2010-01-22 16:00:40 ----D---- C:\Windows\Tasks
    2010-01-22 16:00:40 ----D---- C:\Windows\system32\spool
    2010-01-22 16:00:39 ----D---- C:\Windows\system32\CodeIntegrity
    2010-01-22 16:00:37 ----D---- C:\Windows\registration
    2010-01-21 09:07:16 ----D---- C:\Program Files\Microsoft Silverlight
    2010-01-19 19:13:20 ----D---- C:\Users\sonia\AppData\Roaming\dvdcss
    2010-01-19 08:16:07 ----D---- C:\Windows\system32\WDI
    2010-01-18 13:14:14 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
    2010-01-18 12:40:46 ----D---- C:\Users\sonia\AppData\Roaming\WildTangent
    2010-01-18 11:55:28 ----D---- C:\Program Files\DivX
    2010-01-18 11:38:05 ----D---- C:\ProgramData\WildTangent
    2010-01-18 11:16:14 ----D---- C:\Program Files\Super Clone DVD
    2010-01-16 15:17:07 ----D---- C:\ProgramData\NOS
    2010-01-16 10:31:37 ----D---- C:\Program Files\Jeux.fr
    2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 69131341;69131341; C:\Windows\system32\DRIVERS\69131341.sys [2009-09-25 128016]
    R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
    R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-11-11 311312]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-11-03 21520]
    R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
    R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
    R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
    R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-09-18 1207288]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-10-03 222208]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
    R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
    R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
    R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
    R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-03 42528]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
    R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]
    R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-03-26 64000]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
    R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
    S1 setup_9.0.0.722_07.02.2010_23-24drv;setup_9.0.0.722_07.02.2010_23-24drv; C:\Windows\system32\DRIVERS\6913134.sys [2009-10-09 311312]
    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-09-18 1207288]
    S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
    S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
    S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
    S3 utmzntcx;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utmzntcx.sys [2010-02-10 7168]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
    R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
    R2 MsMpSvc;@c:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-25 361808]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
    R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
    R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
    S2 gupdate1ca41b0aa8c3a7c;Service Google Update (gupdate1ca41b0aa8c3a7c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-30 133104]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe []
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-19 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

    -----------------EOF-----------------

    Et voici le 2éme

    info.txt logfile of random's system information tool 1.06 2010-02-10 12:41:49

    ======Uninstall list======

    -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    -->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
    AIM 6-->C:\Program Files\AIM6\uninst.exe
    AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
    Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
    Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
    BlackJack-->"C:\Program Files\Hobby Concept\BlackJack\unins000.exe"
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Carte réseau local sans fil 802.11 Broadcom-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
    Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWAHerza.INF
    CyberLink DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
    CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Dofus 1.28.0-->C:\Program Files\Dofus\uninstall.exe
    Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
    Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.78\Installer\setup.exe" --uninstall --system-level
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP Active Support Library-->"C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe" -runfromtemp -l0x0409 -removeonly
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly
    HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
    HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
    HP DVD Play 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly
    HP Game Console-->"C:\Program Files\HP Games\HP Game Console\Uninstall.exe"
    HP Help and Support-->MsiExec.exe /X{31216452-5540-4C96-B754-94890A63D5AB}
    HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
    HP Quick Launch Buttons 6.40 D3-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
    HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Total Care Advisor-->MsiExec.exe /X{F31E534B-4199-4552-8154-5C130710D68E}
    HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f}
    HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
    HP User Guides 0110-->MsiExec.exe /I{B640E7CC-7091-4A24-AE76-2140065D2054}
    HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379}
    HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
    iTunes-->MsiExec.exe /I{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
    Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
    K-Lite Codec Pack 5.4.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
    LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
    Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    McDonald's Fairies-->C:\Program Files\McDonaldsFairies\uninstall.exe
    Media Player-->"C:\Program Files\Orange\Media Player\uninstall.exe"
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
    Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
    Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
    Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}\muveesetup.exe -removeonly -runfromtemp
    NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
    NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
    Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
    PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
    PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
    Quick Zip 4.60.019-->"C:\Program Files\QuickZip4\unins000.exe"
    QuickPlay SlingPlayer 0.4.6-->"C:\Program Files\HP\QuickPlay\unins000.exe"
    QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
    Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
    Royal Vegas Online Casino-->C:\Microgaming\Casino\RoyalVegas\install.exe -uninstall
    Ruby Fortune Casino-->C:\Microgaming\Casino\RubyFortune\install.exe -uninstall
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    T3Desk 2010 Build Version 10.01-->"C:\Program Files\T3Desk\unins000.exe"
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
    Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
    VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WildTangent ORB Game Console-->"C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
    Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    Zylom Games Player Plugin-->"C:\Program Files\Zylom Games\UninstallPlugin.exe" --uninstall

    ======Security center information======

    AS: Windows Defender

    ======System event log======

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29172
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29170
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29168
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29165
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    Computer Name: PC-de-sonia
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB948465(Service Pack) à l’état Installation demandée(Install Requested)
    Record Number: 29164
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090921161431.000000-000
    Event Type: Avertissement
    User: PC-de-sonia\sonia

    =====Application event log=====

    Computer Name: PC-de-sonia
    Event Code: 492
    Message: Catalog Database (1276) Catalog Database: La séquence du fichier journal dans "C:\Windows\system32\CatRoot2\" a été interrompue à cause d'une erreur irrécupérable. Aucune autre mise à jour n'est possible pour les bases de données utilisant cette séquence de fichier journal. Corrigez le problème et redémarrez ou effectuez une restauration à partir d'une version de sauvegarde.
    Record Number: 222
    Source Name: ESENT
    Time Written: 20090918235601.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-sonia
    Event Code: 413
    Message: Catalog Database (1276) Catalog Database: Impossible de créer un nouveau journal car la base de données ne peut pas écrire sur le lecteur de journalisation. Le lecteur est probablement en lecture seule, mal configuré ou endommagé. Erreur -1032.
    Record Number: 221
    Source Name: ESENT
    Time Written: 20090918235601.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-sonia
    Event Code: 490
    Message: Catalog Database (1276) Catalog Database: Une tentative d'ouverture du fichier "C:\Windows\system32\CatRoot2\edbtmp.log" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8).
    Record Number: 220
    Source Name: ESENT
    Time Written: 20090918235601.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-sonia
    Event Code: 10
    Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
    Record Number: 161
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090918212814.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-sonia
    Event Code: 10
    Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
    Record Number: 135
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090918210806.000000-000
    Event Type: Erreur
    User:

    =====Security event log=====

    Computer Name: PC-de-sonia
    Event Code: 4624
    Message: L’ouverture de session d’un compte s’est
    a c 296 8 Sécurité
    10 Février 2010 13:09:03

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    10 Février 2010 17:58:07

    Destrio5 a dit :
  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.


  • Bonsoir,

    Voici le rapport MBAM
    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3720
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18882

    10/02/2010 17:55:24
    mbam-log-2010-02-10 (17-55-24).txt

    Type de recherche: Examen rapide
    Eléments examinés: 102743
    Temps écoulé: 24 minute(s), 42 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\sonia\Documents\downloads\registry-doktor-07fr.exe (Rogue.Installer) -> Quarantined and deleted successfully.

    a c 296 8 Sécurité
    10 Février 2010 18:03:18

    Tu peux me montrer ce que Kaspersky détecte ?
    10 Février 2010 19:42:45

    Destrio5 a dit :
    Tu peux me montrer ce que Kaspersky détecte ?


    Comment faut il faire pour ne pas tout recopier manuellement ?
    a c 296 8 Sécurité
    10 Février 2010 19:46:47

    Tu peux faire une capture d'écran par exemple.
    10 Février 2010 19:51:18

    Destrio5 a dit :
    Tu peux me montrer ce que Kaspersky détecte ?


    Voici ce que détecte kapersky

    État : Infecté (événements : 4)
    03/02/2010 16:42:15 Infecté virus HEUR:Trojan.Win32.Generic http://rss-images.com/image.php?=sonia-33240@hotmail.fr... Elevées
    03/02/2010 15:52:10 Infecté virus HEUR:Trojan.Win32.Generic http://img-view.com/image.php?=sonia-33240@hotmail.fr//... Elevées
    03/02/2010 15:52:05 Infecté virus HEUR:Trojan.Win32.Generic http://img-view.com/image.php?=sonia-33240@hotmail.fr//... Elevées
    02/02/2010 19:36:35 Infecté virus HEUR:Trojan.Win32.Generic http://img-view.com/image.php?=sonia-33240@hotmail.fr//... Elevées
    État : Suspect (événements : 9)
    10/11/2009 23:55:32 Suspect lien malveillant http://outils.yes-messenger.com/banner.php?module=guest... Elevées
    10/11/2009 23:55:23 Suspect lien malveillant http://outils.yes-messenger.com/pdv2.php?w=0&e=1&tracke... Elevées
    10/11/2009 23:11:40 Suspect lien malveillant http://outils.yes-messenger.com/banner.php?module=guest... Elevées
    10/11/2009 23:05:59 Suspect lien malveillant http://outils.yes-messenger.com/favicon.ico Elevées
    10/11/2009 23:05:58 Suspect lien malveillant http://outils.yes-messenger.com/pdv15.php?id=47351&trac... Elevées
    10/11/2009 22:54:35 Suspect lien malveillant http://outils.yes-messenger.com/banner.php?module=guest...(gratuit)&txt_font=Arial%2C%20Helvetica%2C%20sans-serif&txt_color=ffffff&txt_size=22&txt_hover=fdf801&txt_dec=underline&txt_weight=normal&town_font=Arial%2C%20Helvetica%2C%20sans-serif&town_color=fdf801&town_hover=fdf801&town_size=22&town_dec=underline&town_weight=bold&target=_blank&url=site&tracker=ps&exit=1&warn=0&rnd=qahkltilqjhj Elevées
    10/11/2009 22:51:13 Suspect lien malveillant http://outils.yes-messenger.com/banner.php?module=guest... Elevées
    10/11/2009 23:02:44 Suspect lien malveillant http://download.live-player.com/favicon.ico Elevées
    03/02/2010 16:31:38 Suspect lien malveillant img-view.com/image.php?=sonia-33240@hotmail.fr [From: "veronique" verolo33@msn.com][To: ][Message]: img-view.com/image.php?=sonia-33240@hotmail.fr Elevées
    a c 296 8 Sécurité
    10 Février 2010 20:03:01

    C'est un de tes contacts qui t'envoie ces liens ?
    10 Février 2010 20:08:27

    Destrio5 a dit :
    C'est un de tes contacts qui t'envoie ces liens ?


    Oui elle est dans mes contacts mais me dit qu'elle ne m'a rien envoyée, elle a eu elle aussi le même probléme
    a c 296 8 Sécurité
    10 Février 2010 20:21:55

    C'est elle qui a le virus MSN et pas toi.
    11 Février 2010 10:49:33

    Destrio5 a dit :
    C'est elle qui a le virus MSN et pas toi.


    Je tenais a te remercier pour ton aide, bonne journée.
    a c 296 8 Sécurité
    13 Février 2010 17:46:21

    1/

  • Désinstalle HijackThis.

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Télécharge OTC sur ton Bureau.
  • Clique droit sur OTC et choisis Exécuter en tant qu'administrateur.
  • Clique sur CleanUp! puis clique sur Yes à la fenêtre Confirm.
  • Redémarre ton PC comme demandé.


    2/

  • Télécharge et installe CCleaner (N'installe pas la Yahoo! Toolbar).
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS