Votre question

Brontok A (9)

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Octobre 2009 15:00:10

bonjour je sollicite de l aide pr contrer ce virus ,etant novice j espere de tout coeur que quelqun pourra m aider mon portable marche sous vista et j ai une page noire apres le demarrage je suis dc oblige de faire ctrl +alt+suppr pr atteindre le gestionnaire et executer explorer.g telecharge et execute rsit comme indique ds une des rubriques d aide pr ce pblm.ca me donne 2 fichiers l un nomme info l autre log je vs les joints les 2


info.txt logfile of random's system information tool 1.06 2009-10-26 14:45:23

======Uninstall list======

-->E:\Mes documents\programmes\DivX\DivXConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL v2-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ASUS WiFi-AP Solo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B3F4499-32E6-470D-8586-E6C03420F889}\Setup.exe" -l0x9 REMOVE
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CoreAAC Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreAAC-uninstall.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\windows\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Cortona® VRML Client-->"C:\Program Files\ParallelGraphics\Cortona VRML Client\UNWISE32.EXE" "C:\Program Files\ParallelGraphics\Cortona VRML Client\Install.log"
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
dBpoweramp m4a Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
dBpoweramp Monkeys Audio Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
dBpowerAMP WMA V9.1 Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
DivX Codec-->E:\Mes documents\programmes\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->E:\Mes documents\programmes\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->E:\Mes documents\programmes\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->E:\Mes documents\programmes\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->E:\Mes documents\programmes\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"
eMule-->"E:\Mes documents\programmes\eMule\Uninstall.exe"
FLV Player 2.0 (build 25)-->C:\Program Files\FLV Player\uninst.exe
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.27\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{3A05B900-A3E7-11DE-A9B7-005056806466}
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 10.0 Rel .2-->C:\Program Files\HP\Digital Imaging\{20B30DC1-E423-4939-B51D-05C58B0F9BBB}\setup\hpzscr01.exe -datfile hposcr21.dat -onestop
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java 2 Runtime Environment, SE v1.4.0_03-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe" Anytext
JRAID-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\Setup.exe" -l0x40c -removeonly
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LADSPA_plugins-win-0.4.15-->"C:\Program Files\Audacity\Plug-Ins\unins000.exe"
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Live 7.0.3-->E:\MESDOC~1\ANAKIN\PROGZI~1\LIVE70~1.3\Install\UNWISE.EXE E:\MESDOC~1\ANAKIN\PROGZI~1\LIVE70~1.3\Install\INSTALL.LOG
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\windows\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\windows\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\windows\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\windows\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\windows\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\windows\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\windows\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\windows\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\windows\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\windows\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\windows\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\windows\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\windows\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\windows\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\windows\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\windows\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\windows\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\windows\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\windows\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe"
MixMeister Studio 7.2.2-->"E:\Mes documents\ANAKIN\PROG ZIC\MixMeister Studio 7.2.2\unins000.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Music 2000-->C:\WINDOWS\IsUn040c.exe -f"e:\mes documents\anakin\prog zic\Uninst.isu"
Nero 7 Lite v7.5.7.0-->"C:\Program Files\Nero\unins000.exe"
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
On2 VP7 Personal Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}\Setup.exe" -l0x9
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
PC Angel Standard Edition-->C:\WINDOWS\system32\PCA\IMAGE.EXE /u
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Reason 3.0-->"E:\Mes documents\ANAKIN\PROG ZIC\reason\Reason\Uninstall Reason\unins000.exe"
Reason MIDI Board 1.1-->C:\windows\iun6002.exe "C:\Program Files\Fractalis Software\Reason MIDI Board 1.1\irunin.ini"
ReBirth RB-338 2.01-->C:\WINDOWS\UNWISE.EXE C:\audio\rebirth2\INSTALL.LOG
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x040c -removeonly
ScanSpyware 3.9.1.9-->"E:\Mes documents\programmes\3.9.1.9\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Sony ACID Pro 6.0-->MsiExec.exe /X{AB7E8EC4-D04C-4A2B-A33B-4A3725C72285}
Sony Media Manager 2.1-->MsiExec.exe /X{C86A8B40-0702-45FA-BFEC-82B0C5932038}
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA/S3G Display Driver-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinAce Archiver 2.0-->C:\Program Files\WinAce\SXUNINST.EXE C:\Program Files\WinAce\SXUNINST.INI
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

======Security center information======

AV: avast! antivirus 4.8.1351 [VPS 091025-0]

======System event log======

Computer Name: UTI-BFABFE572DA
Event Code: 26
Message: Application popup : uTorrent.exe - L'initialisation de la DLL a échoué : L'application n'a pas pu s'initialiser car la station de travail est en train d'être arrêtée.

Record Number: 71404
Source Name: Application Popup
Time Written: 20090924113906.000000+120
Event Type: Informations
User:

Computer Name: UTI-BFABFE572DA
Event Code: 26
Message: Application popup : ctfmon.exe - L'initialisation de la DLL a échoué : L'application n'a pas pu s'initialiser car la station de travail est en train d'être arrêtée.

Record Number: 71403
Source Name: Application Popup
Time Written: 20090924113906.000000+120
Event Type: Informations
User:

Computer Name: UTI-BFABFE572DA
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 71402
Source Name: EventLog
Time Written: 20090924113755.000000+120
Event Type: Informations
User:

Computer Name: UTI-BFABFE572DA
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 71401
Source Name: EventLog
Time Written: 20090924113755.000000+120
Event Type: Informations
User:

Computer Name: UTI-BFABFE572DA
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 71400
Source Name: EventLog
Time Written: 20090924112844.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: UTI-BFABFE572DA
Event Code: 4126
Message: Nettoyage des méta-données endommagées de l'index de
contenu sur c:\system volume information\catalog.wci. L'index sera automatiquement restauré en refiltrant tous les documents.

Record Number: 6346
Source Name: Ci
Time Written: 20080606112153.000000+120
Event Type: erreur
User:

Computer Name: UTI-BFABFE572DA
Event Code: 4138
Message: Endommagement de l'index du contenu détecté dans le composant RcovStorageObj2 du catalogue c:\system volume information\catalog.wci.
La trace de la pile est 0x7DA52208
0x7DA5AB64
0x7DA5C604
0x7DA53540
0x7DA491C4
0x7DA52490
0x7DA973EB
0x7DA91ABA
0x7DA91F69
0x7DA92220
0x7DA895C2
0x7DA896DC
0x7DA7D424
0x7DAC269B
0x7DAC2706
0x7DA7C1E7
0x7DA79DAA
0x7DA82126
0x7DA843A8
0x7DA84586
0x7DA7CA80
0x7DA78BE6
0x77DBB48B
0x7C80B683
.

Record Number: 6345
Source Name: Ci
Time Written: 20080606112153.000000+120
Event Type: Informations
User:

Computer Name: UTI-BFABFE572DA
Event Code: 2002
Message:
Record Number: 6344
Source Name: EAPOL
Time Written: 20080606111553.000000+120
Event Type: Informations
User:

Computer Name: UTI-BFABFE572DA
Event Code: 2003
Message:
Record Number: 6343
Source Name: EAPOL
Time Written: 20080606111553.000000+120
Event Type: Informations
User:

Computer Name: UTI-BFABFE572DA
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 6342
Source Name: SecurityCenter
Time Written: 20080606111421.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;E:\Mes documents\programmes\QuickTime Alternative\QTSystem\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0407
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\j2re1.4.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\j2re1.4.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------



Logfile of random's system information tool 1.06 (written by random/random)
Run by uti at 2009-10-26 14:44:29
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 15 GB (50%) free of 30 GB
Total RAM: 1022 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:45:18, on 26/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\SYSTEM32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\windows\system32\VTTimer.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\windows\system32\SHVRTF.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
E:\Mes documents\ANAKIN\PROG ZIC\DAEMON Tools Lite\daemon.exe
C:\Program Files\Winsudate\gibusr.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Winsudate\gibsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\windows\SYSTEM32\cidaemon.exe
e:\Mes documents\programmes\eMule\emule.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\ScanSpyware\3.9.1.9\ScanSpyware.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\RSIT.exe
C:\Program Files\trend micro\uti.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Mes documents\programmes\Real Alternative\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Protect] SHVRTF.EXE /taskonly
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\windows\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Mes documents\ANAKIN\PROG ZIC\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C1AE5FC-0D63-484A-8717-FBD24CCEB929}: NameServer = 80.10.246.130 81.253.149.10
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.25,85.255.112.165
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Documents and Settings\All Users\Documents\Mes images\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Documents and Settings\All Users\Documents\Mes images\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

--
End of file - 9654 bytes

======Scheduled tasks folder======

C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - E:\Mes documents\programmes\Real Alternative\rpbrowserrecordplugin.dll [2009-09-30 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-15 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-27 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\windows\SYSTEM32\VTTimer.exe [2005-03-08 53248]
"VTTrayp"=C:\windows\SYSTEM32\VTtrayp.exe [2005-11-01 163840]
"High Definition Audio Property Page Shortcut"=C:\windows\SYSTEM32\HDAShCut.exe [2004-10-27 61952]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-09-07 716800]
"Protect"=SHVRTF.EXE /taskonly []
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-04-25 385024]
"nwiz"=nwiz.exe /install []
"hpfsched"=C:\WINDOWS\hpfsched.exe [1998-07-30 35328]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-11 7630848]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-06-28 68592]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-09-30 198160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"=C:\windows\system32\sti_ci.dll [2008-04-14 138240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-10-13 289072]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-28 39408]
"DAEMON Tools Lite"=E:\Mes documents\ANAKIN\PROG ZIC\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2009-10-20 88304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitTorrent_DNA\dna.exe"="C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:D NA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Mes documents\programmes\BitDownload\BitDownload.exe"="E:\Mes documents\programmes\BitDownload\BitDownload.exe:*:D isabled:BitDownload"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:D isabled:Mozilla Firefox"
"E:\Mes documents\programmes\DVDFab Platinum 3\DVDFabPlatinum.exe"="E:\Mes documents\programmes\DVDFab Platinum 3\DVDFabPlatinum.exe:*:Enabled:D VDFab Platinum"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Mes documents\programmes\Play8x8\GameDirector.exe"="E:\Mes documents\programmes\Play8x8\GameDirector.exe:*:Enabled:8BallClub Game"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"E:\Mes documents\programmes\eMule\emule.exe"="E:\Mes documents\programmes\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4163662e-df5d-11dd-992a-001731e6eb78}]
shell\AutoRun\command - K:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe
shell\open\command - K:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59bb3cf2-2147-11de-9968-001731e6eb78}]
shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe
shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5ef542ac-8500-11db-8051-0015af003390}]
shell\AutoRun\command - I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe
shell\open\command - I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d10c094-abf6-11de-a43d-806d6172696f}]
shell\AutoRun\command - D:\EmDesk.exe
shell\EmDesk\command - D:\EmDesk.exe


======List of files/folders created in the last 1 months======

2009-10-26 14:44:31 ----D---- C:\Program Files\trend micro
2009-10-26 14:44:29 ----D---- C:\rsit
2009-10-26 11:12:02 ----A---- C:\windows\ScanSpyware.INI
2009-10-26 11:03:41 ----D---- C:\Documents and Settings\uti\Application Data\ScanSpyware
2009-10-26 11:03:40 ----A---- C:\windows\system32\ssbtsr.exe
2009-10-26 11:03:38 ----D---- C:\Program Files\ScanSpyware
2009-10-20 16:23:25 ----D---- C:\Program Files\Winsudate
2009-10-20 16:23:25 ----D---- C:\Documents and Settings\uti\Application Data\Icones
2009-10-15 19:50:31 ----D---- C:\Program Files\MSXML 4.0
2009-10-15 17:25:19 ----D---- C:\Program Files\Fichiers communs\Apple
2009-10-15 17:24:30 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-10-15 17:22:57 ----D---- C:\Program Files\Apple Software Update
2009-10-15 17:22:56 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-10-15 09:41:36 ----HDC---- C:\windows\$NtUninstallKB958869$
2009-10-15 09:35:34 ----HDC---- C:\windows\$NtUninstallKB969059$
2009-10-15 09:35:20 ----HDC---- C:\windows\$NtUninstallKB954155_WM9$
2009-10-15 09:35:05 ----HDC---- C:\windows\$NtUninstallKB974112$
2009-10-15 09:34:46 ----HDC---- C:\windows\$NtUninstallKB975025$
2009-10-15 09:34:25 ----HDC---- C:\windows\$NtUninstallKB974571$
2009-10-15 09:30:30 ----HDC---- C:\windows\$NtUninstallKB971486$
2009-10-15 09:29:57 ----HDC---- C:\windows\$NtUninstallKB973525$
2009-10-15 09:29:34 ----HDC---- C:\windows\$NtUninstallKB975467$
2009-10-14 11:57:05 ----D---- C:\Documents and Settings\uti\Application Data\HP
2009-10-14 11:56:28 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2009-10-14 11:33:37 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-10-14 11:32:45 ----A---- C:\windows\system32\hpz3l5ha.dll
2009-10-14 10:59:05 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2009-10-14 10:59:05 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2009-10-14 10:58:09 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard
2009-10-14 10:58:06 ----D---- C:\Program Files\Hewlett-Packard
2009-10-14 10:57:15 ----D---- C:\Program Files\Fichiers communs\HP
2009-10-14 10:56:06 ----A---- C:\windows\system32\hpzids01.dll
2009-10-14 10:55:18 ----A---- C:\windows\system32\hppldcoi.dll
2009-10-14 10:55:18 ----A---- C:\windows\system32\hpowiax5.dll
2009-10-14 10:55:18 ----A---- C:\windows\system32\hpovst12.dll
2009-10-14 10:55:18 ----A---- C:\windows\system32\hpotiop5.dll
2009-10-14 10:55:18 ----A---- C:\windows\system32\difxapi.dll
2009-10-14 10:54:56 ----D---- C:\Program Files\HP
2009-10-14 10:53:33 ----HD---- C:\Config.Msi
2009-10-02 13:13:25 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-09-30 12:29:39 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-09-30 12:28:19 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-09-28 19:20:06 ----D---- C:\Program Files\Fichiers communs\DivX Shared

======List of files/folders modified in the last 1 months======

2009-10-26 14:44:35 ----D---- C:\windows\Prefetch
2009-10-26 14:44:31 ----RD---- C:\Program Files
2009-10-26 14:42:06 ----D---- C:\windows\system32\CatRoot2
2009-10-26 11:20:53 ----D---- C:\windows\Temp
2009-10-26 11:12:02 ----D---- C:\WINDOWS
2009-10-26 11:03:40 ----D---- C:\windows\system32
2009-10-26 10:51:20 ----A---- C:\windows\system.ini
2009-10-26 10:32:54 ----D---- C:\Documents and Settings\uti\Application Data\uTorrent
2009-10-25 21:37:07 ----A---- C:\windows\SchedLgU.Txt
2009-10-25 13:32:19 ----A---- C:\windows\NeroDigital.ini
2009-10-25 12:47:31 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-10-22 16:45:52 ----D---- C:\Documents and Settings\uti\Application Data\dvdcss
2009-10-20 16:26:07 ----SHD---- C:\windows\Installer
2009-10-20 16:26:01 ----A---- C:\windows\OEWABLog.txt
2009-10-20 16:25:59 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-20 16:23:25 ----D---- C:\Program Files\Internet Explorer
2009-10-20 09:45:22 ----D---- C:\Documents and Settings\uti\Application Data\Google
2009-10-20 09:43:50 ----D---- C:\Program Files\Google
2009-10-20 09:37:30 ----SD---- C:\windows\Tasks
2009-10-19 19:51:11 ----HD---- C:\windows\inf
2009-10-19 19:49:54 ----D---- C:\windows\network diagnostic
2009-10-15 19:50:32 ----D---- C:\windows\WinSxS
2009-10-15 17:25:55 ----D---- C:\Program Files\QuickTime
2009-10-15 17:25:19 ----D---- C:\Program Files\Fichiers communs
2009-10-15 12:28:23 ----D---- C:\windows\Microsoft.NET
2009-10-15 12:28:17 ----RSD---- C:\windows\assembly
2009-10-15 09:50:39 ----D---- C:\Documents and Settings
2009-10-15 09:43:12 ----RSHDC---- C:\windows\system32\dllcache
2009-10-15 09:42:22 ----D---- C:\windows\ie8updates
2009-10-15 09:41:48 ----HD---- C:\windows\$hf_mig$
2009-10-15 09:41:44 ----A---- C:\windows\imsins.BAK
2009-10-14 11:38:01 ----A---- C:\windows\win.ini
2009-10-14 11:34:02 ----D---- C:\windows\system32\drivers
2009-10-14 11:22:28 ----D---- C:\windows\twain_32
2009-10-14 10:56:12 ----DC---- C:\windows\system32\DRVSTORE
2009-10-14 08:27:44 ----SD---- C:\windows\Downloaded Program Files
2009-10-13 20:07:01 ----AC---- C:\windows\WORDPAD.INI
2009-10-13 10:12:48 ----D---- C:\unzipped
2009-10-13 10:10:36 ----SD---- C:\Documents and Settings\uti\Application Data\Microsoft
2009-10-04 16:39:56 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-02 19:01:57 ----A---- C:\windows\system32\MRT.exe
2009-10-02 06:32:08 ----D---- C:\windows\Help
2009-09-30 12:32:44 ----D---- C:\Documents and Settings\uti\Application Data\Real
2009-09-30 12:28:49 ----D---- C:\Program Files\Fichiers communs\Real
2009-09-30 12:28:42 ----A---- C:\windows\system32\rmoc3260.dll
2009-09-30 12:28:26 ----A---- C:\windows\system32\pndx5032.dll
2009-09-30 12:28:26 ----A---- C:\windows\system32\pndx5016.dll
2009-09-30 12:27:32 ----A---- C:\windows\system32\msvcr71.dll
2009-09-30 12:27:31 ----A---- C:\windows\system32\pncrt.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 intelppm;Pilote de processeur Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\windows\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\windows\system32\DRIVERS\AegisP.sys [2008-12-03 21035]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 enodpl;enodpl; C:\windows\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 irda;Protocole IrDA; C:\windows\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 tandpl;tandpl; C:\windows\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\windows\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 e4usbaw;USB ADSL2 WAN Adapter; C:\windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\windows\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 irsir;Pilote série infrarouge Microsoft; C:\windows\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2006-08-11 3958496]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\windows\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\windows\system32\DRIVERS\RTL8187.sys [2006-05-22 175872]
R3 SenFiltService;SenFilt Service; C:\windows\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 ASPI32;ASPI32; C:\windows\system32\drivers\ASPI32.sys []
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\windows\System32\Drivers\e4ldr.sys [2007-01-04 69656]
S2 ONSIO;ONSIO; \??\C:\WINDOWS\SYSTEM32\DRIVERS\ONSIO.SYS []
S3 a87q462k;a87q462k; C:\windows\system32\drivers\a87q462k.sys []
S3 AvFlt;Antivirus Filter Driver; C:\windows\system32\drivers\av5flt.sys []
S3 ComFiltr;Panda Anti-Dialer; \??\C:\WINDOWS\system32\DRIVERS\COMFiltr.sys []
S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\windows\system32\DRIVERS\fetnd5bv.sys [2005-10-17 42496]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\system32\DRIVERS\HPZid412.sys [2007-11-02 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\system32\DRIVERS\HPZipr12.sys [2007-11-02 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\system32\DRIVERS\HPZius12.sys [2007-11-02 21568]
S3 moufiltr;Chic Tech Mouse Filter Driver; C:\windows\system32\DRIVERS\moufiltr.sys [2007-02-27 62592]
S3 MPUSens;MPUSens; C:\windows\system32\drivers\MPUSens.sys []
S3 NPF;Netgroup Packet Filter; C:\windows\system32\drivers\npf.sys [2007-12-31 42512]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2007-06-04 47360]
S3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgusbbus.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 viagfx;viagfx; C:\windows\system32\DRIVERS\vtmini.sys [2006-02-08 244352]
S3 vsc32;Virtual Sound Canvas 3.2; C:\windows\system32\DRIVERS\vsc.sys []
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 Irmon;Moniteur infrarouge; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2006-08-11 155715]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2009-10-20 70896]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-20 133104]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Serveur d'impression TCP/IP; C:\windows\system32\tcpsvcs.exe [2006-03-02 19456]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Documents and Settings\All Users\Documents\Mes images\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR []
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Documents and Settings\All Users\Documents\Mes images\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -i SONY_MEDIAMGR []
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------



Autres pages sur : brontok

26 Octobre 2009 15:16:30

desole mais j ai fait une erreur les deux fichiers joints ci dessus ne sont pas issus du bon pc je rectifie en vs envoyant les bons . merci d avance


info.txt logfile of random's system information tool 1.06 2009-10-26 14:48:59

======Uninstall list======

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Bricks of Egypt\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Digby's Donuts\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Treasure Island\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
Absolute MP3 Splitter version 2.8.1-->"C:\Program Files\Absolute MP3 Splitter\unins000.exe"
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Audacity 1.3.4 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
BitDefender Total Security 2009-->MsiExec.exe /X{8ACF317C-CA66-4363-AEBF-A073B124AA1A}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CoreAAC Audio Decoder (remove only)-->"C:\Windows\system32\CoreAAC-uninstall.exe"
CyberLink DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
dBpoweramp FLAC Codec-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
Direct Show Ogg Vorbis Filter (remove only)-->"C:\Windows\system32\OggDSuninst.exe"
DivX Codec 3.1alpha release-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\Windows\INF\DivX.inf
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /X{31216452-5540-4C96-B754-94890A63D5AB}
HP Quick Launch Buttons 6.40 D1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
HP QuickPlay 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP QuickTouch 1.00 D2-->MsiExec.exe /I{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}
HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0102-->MsiExec.exe /I{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}
HP Wireless Assistant-->MsiExec.exe /I{A5CE7175-080D-49AC-B5A3-E7E3502428F5}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x40c -remove -removeonly
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
JMicron JMB38X Flash Media Controller-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" -l0x40c -removeonly
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
K-Lite Codec Pack 4.7.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
Lame ACM MP3 Codec-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\Windows\INF\LameACM.inf
LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}\muveesetup.exe -removeonly -runfromtemp
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Native Instruments Absynth 4-->C:\PROGRA~1\NATIVE~1\ABSYNT~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\ABSYNT~1\INSTALL.LOG
Nero BackItUp 2 Essentials-->MsiExec.exe /X{DF9F9A90-CEFD-4808-815F-E16932271036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
OLYMPUS Master 2-->MsiExec.exe /X{0815D55A-5EFF-4E1B-8C04-7035E914D90D}
OLYMPUS muvee theaterPack-->MsiExec.exe /X{EC047FA6-E83D-4326-9195-E7D306C5B9A2}
On2 VP7 Personal Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}\Setup.exe" -l0x9
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PlayLinc-->MsiExec.exe /I{2158685C-E2B3-4026-B0A1-0FFE31837AFD}
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
ProtectSmart Hard Drive Protection-->MsiExec.exe /X{9D615069-AA8F-4E89-AE9D-77AAE90F529F}
QuickPlay SlingPlayer 0.4.6-->"C:\Program Files\HP\QuickPlay\unins000.exe"
QuickTime Alternative 1.78-->"C:\Program Files\QuickTime Alternative\unins000.exe"
Real Alternative 1.51 Lite-->"C:\Program Files\Real Alternative\unins000.exe"
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly
Reason 4.0-->"C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe"
Ri4m v5.0.1d-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ripp-It Codec Pack v 4.2.6-->C:\Program Files\Ripp-It Codec Pack\uninst.exe
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
SoftwareUpdate 1.0-->"C:\Users\Marl\AppData\Roaming\eoRezo\SoftwareUpdate\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Tracks Eraser Pro v7.5 build 1050-->"C:\Program Files\Acesoft\Tracks Eraser Pro\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VobSub v2.18 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Movie Maker Bêta-->MsiExec.exe /X{F874DF52-A31F-44C1-A606-EF40F1549261}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
x264 Revision 573 x264.nl (remove only)-->"C:\Program Files\x264\x264-uninstall.exe"
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
XviD MPEG-4 Codec-->"C:\Program Files\XviD\UninstXviD.exe"

======Hosts File======

<HTML><HEAD><TITLE>Yahoo!</TITLE>
</HEAD><BODY BGCOLOR=white vlink=blue>
<!-- following code added by server. PLEASE REMOVE -->
<!-- preceding code added by server. PLEASE REMOVE --><center>
<table width=675 cellpadding=0 cellspacing=2 border=0>
<tr>
<td width=1% valign=top><a href="http://www.yahoo.com"><img src=http://us.i1.yimg.com/us.yimg.com/i/yahoo.gif width=147 height=31 border=0 alt="Yahoo"></a></td>
<td align=right><font face=arial size=-1><a href="/404/*http://www.yahoo.com">Yahoo!</a> - <a href="http://help.yahoo.com">Help</a></font><hr size=1 noshade></td>
</tr>
</table>
<br>
<table border=0 width=675 cellspacing=0 cellpadding=3>
<tr>
<td bgcolor=003399 colspan=2>
<font face=Arial size=+1 color=white><b>Sorry, the page you requested was not found.</b></font>
</td>
</tr></table>
<br>
<table border=0 width=675 cellspacing=0 cellpadding=1>
<tr>
<td valign=top width=229 bgcolor=ffffff>

<table width="100%" cellpadding=1 cellspacing=0 border=0 bgcolor=dcdcdc><tr>
<td valign=top align=center><table width="100%" cellpadding=3 cellspacing=0 border=0 bgcolor=ffffff>
<tr bgcolor=dcdcdc><td><font face=arial><b>Search Yahoo!</b></font></td></tr>
<tr bgcolor=white><td valign=top align=center>
<form action="http://search.yahoo.com/search">
<input size="14" name="p" value=""> 
<input type="SUBMIT" value="Search">
<font face=arial size=-2>• <a href="http://search.yahoo.com/search/options?p=">advanced search</a> • <a href="http://buzz.yahoo.com">most popular</a></font>
</form></td></tr></table>
<table width=100% border=0 cellspacing=0 cellpadding=3 bgcolor=ffffff>
<tr bgcolor=ccccff><td>
<FONT face=arial size=+1>Yahoo! Web Hosting</font>
</td></tr>
<tr><td>
<a href=http://webhosting.yahoo.com/ps/wh/prod/&gt;<img align=left src=http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/j_advan48.... width=48 height=48 border=0 alt="Yahoo! Web Hosting"></a>
<font face=arial size=-1>Yahoo! Web Hosting has <a href="http://webhosting.yahoo.com/ps/wh/prod/">three affordable plans</a> to meet your needs - starting at just $11.95.
</td></tr>
<tr><td align=right>
<b><font face=arial size=-1><a href=http://webhosting.yahoo.com/ps/wh/prod/&gt;Learn more...</a></font></b>
</td></tr>
</table>
</td></tr></table>
</td>
<td width=1> </td>
<td valign=top align=center width=445>
<script language="JavaScript" type="text/javascript"
src="http://adserver.yahoo.com/a?f=76001284&p=geocities&l=MO...">
</script>
<noscript>
<iframe
src="http://adserver.yahoo.com/a?f=76001284&p=geocities&l=MO..."
width=470 height=580 marginwidth=0 marginheight=0 hspace=0
vspace=0 frameborder=0 scrolling=no>
</iframe>
</noscript>
</td>
</tr>
</table>
<br>
<table cellpadding=0 cellspacing=0 border=0 width=675><tr><td bgcolor=a0b8c8>
<table cellpadding=1 cellspacing=1 border=0 width="100%">
<tr valign=top bgcolor=ffffff><td align=center>
<font face=arial size=-2><A
href="http://rd.yahoo.com/footer/?http://address.yahoo.com/">Address Book</A> · <A
href="http://rd.yahoo.com/footer/?http://alerts.yahoo.com/">Alerts</A> · <A
href="http://rd.yahoo.com/footer/?http://auctions.yahoo.com/">Auctions</A> · <A
href="http://rd.yahoo.com/footer/?http://billpay.yahoo.com/">Bill Pay</A> · <A
href="http://rd.yahoo.com/footer/?http://bookmarks.yahoo.com/">Bookmarks</A> · <A
href="http://rd.yahoo.com/footer/?http://briefcase.yahoo.com/">Briefcase</A> · <A
href="http://rd.yahoo.com/footer/?http://broadcast.yahoo.com/">Broadcast</A> · <A
href="http://rd.yahoo.com/footer/?http://calendar.yahoo.com/">Calendar</A> · <A
href="http://rd.yahoo.com/footer/?http://chat.yahoo.com/">Chat</A> · <A
href="http://rd.yahoo.com/footer/?http://classifieds.yahoo.co...">Classifieds</A> · <A
href="http://rd.yahoo.com/footer/?http://clubs.yahoo.com/">Clubs</A> · <A
href="http://rd.yahoo.com/footer/?http://companion.yahoo.com/">Companion</A> · <A
href="http://rd.yahoo.com/footer/?http://experts.yahoo.com/">Experts</A> · <A
href="http://rd.yahoo.com/footer/?http://games.yahoo.com/">Games</A> · <A
href="http://rd.yahoo.com/footer/?http://greetings.yahoo.com/">Greetings</A> · <A
href="http://rd.yahoo.com/footer/?http://geocities.yahoo.com/">Home Pages</A> · <A
href="http://rd.yahoo.com/footer/?http://invites.yahoo.com/">Invites</A> · <A
href="http://rd.yahoo.com/footer/?http://mail.yahoo.com/">Mail</A> · <A
href="http://rd.yahoo.com/footer/?http://maps.yahoo.com/">Maps</A> · <A
href="http://rd.yahoo.com/footer/?http://members.yahoo.com/">Member Directory</A> · <A





Logfile of random's system information tool 1.06 (written by random/random)
Run by Marl at 2009-10-26 14:48:52
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 87 GB (29%) free of 296 GB
Total RAM: 3068 MB (64% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Marl.job
C:\Windows\tasks\User_Feed_Synchronization-{5BF43280-7CFA-438F-82CB-2B51ECAA83CB}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2009-04-13 95536]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-23 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-23 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-23 92704]
"Bron-Spizaetus"=C:\Windows\ShellNew\bronstab.exe [2007-02-28 41385]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2005-01-11 856064]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Microsoft Software32"=c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"flec003.exe"=C:\Users\Marl\AppData\Roaming\hidires\flec003.exe [2009-08-28 2522628]
"Tok-Cirrhatus"=C:\Users\Marl\AppData\Local\smss.exe [2007-02-28 41385]

C:\Users\Marl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Empty.pif
Notification de cadeaux MSN.lnk.disabled - C:\Users\Marl\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2008-12-03 49152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0
"DisableRegistryTools"=1
"DisableCMD"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoClose"=0
"NoDriveTypeAutoRun"=0
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2993e909-4a0b-11de-9541-000000000000}]
shell\AutoRun\command - F:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53dfbc65-1b5f-11de-9438-00238b14f701}]
shell\AutoRun\command - F:\wdsync.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{717f39ec-a931-11de-9324-00238b14f701}]
shell\AutoRun\command - H:\Toshiba\more4you.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e20d223f-4a00-11de-85c4-00238b14f701}]
shell\AutoRun\command - F:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ecda73c2-b511-11de-b912-00238b14f701}]
shell\AutoRun\command - H:\EmDesk.exe
shell\EmDesk\command - H:\EmDesk.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-10-26 14:48:53 ----D---- C:\Program Files\trend micro
2009-10-26 14:48:52 ----D---- C:\rsit
2009-10-26 14:12:03 ----HD---- C:\Windows\PIF
2009-10-26 12:14:14 ----D---- C:\Program Files\Common Files\PC Tools
2009-10-26 12:14:13 ----D---- C:\Users\Marl\AppData\Roaming\PC Tools
2009-10-26 12:14:13 ----D---- C:\ProgramData\PC Tools
2009-10-26 12:14:13 ----D---- C:\Program Files\Spyware Doctor
2009-10-26 11:04:51 ----D---- C:\Users\Marl\AppData\Roaming\Malwarebytes
2009-10-26 11:04:37 ----D---- C:\ProgramData\Malwarebytes
2009-10-26 11:04:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-26 10:57:57 ----D---- C:\SOPHTEMP

======List of files/folders modified in the last 1 months======

2009-10-26 14:48:53 ----RD---- C:\Program Files
2009-10-26 14:26:30 ----D---- C:\Windows\Temp
2009-10-26 14:24:05 ----SH---- C:\autoexec.bat
2009-10-26 14:23:44 ----D---- C:\Windows\Minidump
2009-10-26 14:23:34 ----D---- C:\Windows
2009-10-26 12:32:39 ----D---- C:\Windows\system32\config
2009-10-26 12:32:29 ----SHD---- C:\Windows\Installer
2009-10-26 12:32:29 ----HD---- C:\Windows\system32\drivers
2009-10-26 12:32:29 ----D---- C:\Windows\Tasks
2009-10-26 12:32:29 ----D---- C:\Windows\system32\Tasks
2009-10-26 12:32:29 ----D---- C:\Windows\system32\spool
2009-10-26 12:32:29 ----D---- C:\Windows\system32\Msdtc
2009-10-26 12:32:29 ----D---- C:\Windows\system32\catroot2
2009-10-26 12:32:29 ----D---- C:\Windows\System32
2009-10-26 12:32:29 ----D---- C:\Windows\ShellNew
2009-10-26 12:32:29 ----D---- C:\Windows\inf
2009-10-26 12:32:23 ----HD---- C:\Users\Marl\AppData\Roaming\drivers
2009-10-26 12:32:23 ----D---- C:\Program Files\Trojan Remover
2009-10-26 12:32:23 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-26 12:32:21 ----D---- C:\Binaries
2009-10-26 12:32:04 ----D---- C:\Windows\system32\wbem
2009-10-26 12:32:04 ----D---- C:\Windows\registration
2009-10-26 12:30:53 ----D---- C:\Users\Marl\AppData\Roaming\BitDefender
2009-10-26 12:30:51 ----D---- C:\ProgramData\BitDefender
2009-10-26 12:29:13 ----SHD---- C:\System Volume Information
2009-10-26 12:15:21 ----D---- C:\Windows\winsxs
2009-10-26 12:15:16 ----AD---- C:\ProgramData\TEMP
2009-10-26 12:14:14 ----D---- C:\Program Files\Common Files
2009-10-26 12:14:13 ----HD---- C:\ProgramData
2009-10-26 11:51:35 ----D---- C:\Program Files\Common Files\BitDefender
2009-10-26 11:51:23 ----D---- C:\Program Files\BitDefender
2009-10-26 10:56:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-18 17:08:32 ----D---- C:\Program Files\Internet Explorer
2009-10-13 14:38:11 ----D---- C:\Windows\Prefetch
2009-10-13 09:24:49 ----D---- C:\Users\Marl\AppData\Roaming\uTorrent
2009-09-30 00:36:24 ----A---- C:\Windows\ntbtlog.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 111111s1ro1s1a;111111s1ro1s1a; \??\C:\Users\Marl\AppData\Roaming\drivers\111wfs1intwq.sys [2009-10-26 125461]
R1 sK9Ou0s;sK9Ou0s; \??\C:\Users\Marl\AppData\Roaming\drivers\11s11ro1s1a2.sys [2009-10-26 7168]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2009-01-19 82696]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-08-07 34608]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-06-26 66080]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-23 7494976]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\Windows\System32\Drivers\e4ldr.sys [2007-01-04 69656]
S3 anui2fw2;anui2fw2; C:\Windows\system32\drivers\anui2fw2.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-12-06 111112]
S3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys []
S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2009-04-13 8832]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e4usbaw;USB ADSL2 WAN Adapter; C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 hamachi_oem;PlayLinc Adapter; C:\Windows\system32\DRIVERS\gan_adapter.sys [2006-08-28 10664]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2009-09-10 38224]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2008-12-06 13056]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2009-04-14 39808]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-09-10 32000]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S4 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys []
S4 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-08-07 24880]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-23 196608]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-04-23 292232]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R2 StarWindServiceAE;StarWind AE Service; C:\Users\Marl\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-10-26 415024]
S2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-04-23 112008]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-02-21 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-10-26 1626112]

-----------------EOF-----------------

href="http://rd.yahoo.com/footer/?http://messenger.yahoo.com/">Messenger</A> · <A
href="http://rd.y
a c 295 8 Sécurité
26 Octobre 2009 17:33:33

Bonjour,

Les deux PC sont infectés.

On s'occupe duquel dans ce topic ?
Contenus similaires
Pas de réponse à votre question ? Demandez !
26 Octobre 2009 20:21:36

du deuxieme celui qui est sous vista car l autre fonctionne encore pour l instant.merci
a c 295 8 Sécurité
26 Octobre 2009 20:25:31

Ok, il est infecté par Brontok et Bagle.

  • Télécharge FindyKill (de Chiquitine29 & C_XX) sur ton Bureau.
  • Double-clique sur FindyKill présent sur ton Bureau.
  • Tape F puis Entrée pour Français.
  • Au menu principal, choisis l'option 1 (Recherche).
  • Poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    27 Octobre 2009 09:13:03

    bonjour je vs remercie de m aider a resoudre ces pblms j ai effectue findy kill comme vs me l avez demande mais mon pc s eteind et redemarre tout seul pendant cette operation je n ai donc pas pu effectuer findy kill jusqu au bout. que dois je faire?


    27 Octobre 2009 12:36:46

    g enfin reussi a executer findy kill mais j ai du choisir la deuxieme option (supprimer) mon ordi a redemarre et g obtenu le rapport suivant:


    ############################## | FindyKill V5.016 |

    # User : Marl (Administrateurs) # PC-DE-MARL
    # Update on 26/10/2009 by Chiquitine29
    # Start at: 12:00:58 | 27/10/2009
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
    # Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    # Internet Explorer 8.0.6001.18813
    # Windows Firewall Status : Enabled
    # AV : BitDefender Antivirus 12.0 [ Enabled | Updated ]
    # FW : BitDefender Firewall[ (!) Disabled ]12.0

    # C:\ # Disque fixe local # 288,82 Go (84,51 Go free) # NTFS
    # D:\ # Disque fixe local # 9,27 Go (1,31 Go free) [HP_RECOVERY] # NTFS
    # E:\ # Disque CD-ROM # 7,26 Go (0 Mo free) [SIMPSONS_SEASON6_D4] # UDF
    # F:\ # Disque CD-ROM
    # G:\ # Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\Hpservice.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    C:\Windows\SMINST\BLService.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Users\Marl\Alcohol 52\StarWind\StarWindServiceAE.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Users\Marl\AppData\Local\winlogon.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Users\Marl\AppData\Local\services.exe
    C:\Users\Marl\AppData\Local\lsass.exe
    C:\Windows\system32\PresentationSettings.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\runonce.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ################## | C: |


    ################## | C:\Windows |

    Supprimé ! C:\Windows\Prefetch\H20_ABYNTH3_KEYGEN.EXE-7EDB4DC2.pf
    Supprimé ! C:\Windows\Prefetch\WINUPGRO.EXE-574A6F9E.pf

    ################## | C:\Windows\system32 |

    Supprimé ! C:\Windows\system32\mdelk.exe
    Supprimé ! C:\Windows\system32\wintems.exe

    ################## | C:\Windows\system32\drivers |

    Supprimé ! C:\Windows\system32\drivers\down\557797.exe
    Supprimé ! C:\Windows\system32\drivers\down\947284.exe
    Supprimé ! C:\Windows\system32\drivers\down\953244.exe
    Supprimé ! C:\Windows\system32\drivers\down\978999.exe
    Supprimé ! C:\Windows\system32\drivers\down

    ################## | C:\Users\Marl\AppData\Roaming |

    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\111wfs1intwq.sys
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\11s11ro1s1a2.sys
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1012680.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1015566.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1015644.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1016112.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1017142.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1021946.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1023600.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1023616.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1027422.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1029403.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1029949.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1039185.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1041010.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1041525.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1042461.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1063318.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1074659.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1085142.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1096328.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1107045.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1113472.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1114065.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1115251.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1115656.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1135250.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1138994.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1143752.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1146201.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1147153.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1167480.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1168899.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1169321.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1185779.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1188228.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1192549.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1201504.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1212954.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1213516.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1214405.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1239739.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1240894.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1241565.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1245636.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1247571.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1249006.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1249037.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1258366.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1259380.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1259552.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1259973.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1261314.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1261658.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1272375.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1293341.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1297772.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1299082.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1309253.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1310267.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1310954.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1311999.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1314792.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1315899.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1323325.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1324339.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1324635.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1331281.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1336023.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1342653.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1343449.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1343636.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1364259.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1399562.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1399937.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1399999.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1413790.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1415007.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1415100.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1444974.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1446706.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1447252.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1490230.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1495269.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1496143.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1496267.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1497079.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1498857.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1499154.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1550088.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1554612.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1555080.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1556000.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1576280.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1625764.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1626076.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1626170.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1712719.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1719131.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1719895.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1719957.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1720394.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1725308.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\1725620.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\213939.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\225062.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\233377.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\240927.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\242487.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\244656.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\246107.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\247791.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\248571.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\248618.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\250116.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\250927.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\255389.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\256060.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\279818.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\285809.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\287073.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\290193.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\292392.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\295684.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\296401.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\300504.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\300847.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\307633.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\307852.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\312017.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\317150.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\317820.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\323015.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\327071.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\327570.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\327804.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\333140.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\342671.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\348256.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\352921.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\357023.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\357632.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\361438.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\362561.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\363248.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\363544.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\368349.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\369956.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\371173.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\375556.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\375946.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\376274.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\376336.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\377085.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\377241.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\377288.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\377538.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\377865.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\378021.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\379628.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\380252.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\386180.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\386804.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\391156.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\392514.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\393106.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\393387.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\393918.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\394729.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\395493.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\397053.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\400204.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\402232.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\404838.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\405072.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\405852.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\406148.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\413652.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\415165.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\415961.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\416054.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\416553.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\418035.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\418301.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\422341.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\422466.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\423059.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\423823.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\424541.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\425149.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\425945.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\428628.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\431077.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\435242.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\438846.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\442621.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\443214.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\443386.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\446256.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\447738.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\448456.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\451186.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\452356.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\458299.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\460093.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\460405.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\463088.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\467410.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\468080.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\468798.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\470374.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\472636.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\474367.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\476286.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\476629.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\490981.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\496847.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\508282.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\508766.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\509000.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\522322.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\522369.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\526284.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\526955.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\534069.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\539030.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\540184.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\540574.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\540871.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\541682.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\546923.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\547282.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\547298.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\547313.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\548374.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\548655.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\549217.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\549653.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\549731.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\550059.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\557859.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\561665.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\562648.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\563647.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\574114.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\574848.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\576922.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\577234.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\577952.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\577968.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\578358.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\578420.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\582304.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\584598.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\586126.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\587094.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\588669.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\588763.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\589855.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\589933.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\590167.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\591025.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\594753.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\596033.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\599839.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\600541.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\600853.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\601430.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\601477.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\601820.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\602179.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\602273.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\603209.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\603536.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\603770.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\603926.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\604113.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\604535.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\605642.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\606999.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\607358.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\607733.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\608747.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\609698.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\611399.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\612584.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\613005.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\614066.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\614893.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\615439.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\616188.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\616999.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\618060.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\618387.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\618497.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\619511.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\622241.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\623177.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\623489.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\624050.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\626624.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\627997.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\629822.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\630524.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\632521.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\632833.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\636016.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\636265.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\636406.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\638028.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\638137.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\638574.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\638964.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\639167.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\639182.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\640742.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\649572.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\651319.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\655001.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\656748.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\656826.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\657138.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\657856.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\657903.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\658277.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\658589.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\670445.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\673846.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\674501.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\684828.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\692332.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\693658.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\694984.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\695078.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\695343.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\695374.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\695624.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\696528.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\696544.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\705296.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\706575.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\708306.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\727619.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\729866.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\731145.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\731441.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\731457.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\732892.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\735232.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\736012.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\736137.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\736465.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\737479.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\737806.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\738555.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\739553.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\745279.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\749896.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\754592.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\754686.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\758461.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\760286.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\761284.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\763453.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\771674.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\774903.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\775356.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\775371.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\779256.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\782672.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\783390.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\788444.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\790207.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\793935.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\798678.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\809988.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\815932.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\817242.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\818880.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\834605.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\835135.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\835229.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\835634.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\836648.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\836976.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\837397.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\843045.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\843934.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\845463.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\846055.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\848957.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\849643.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\849706.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\850111.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\851094.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\851406.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\857022.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\858083.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\861687.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\865087.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\865197.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\868956.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\873636.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\876538.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\877692.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\879502.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\881124.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\883496.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\883745.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\884182.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\885290.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\885945.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\888285.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\889080.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\893339.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\897239.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\908924.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\910312.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\911077.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\912356.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\917722.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\919438.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\921404.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\921825.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\922012.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\923089.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\923182.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\923884.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\923962.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\924305.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\925725.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\926053.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\932027.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\934570.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\935194.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\935428.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\936489.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\936505.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\948408.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\949780.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\949796.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\960342.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\961231.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\984522.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld\997142.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\downld
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers\winupgro.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\drivers
    Supprimé ! C:\Users\Marl\AppData\Roaming\hidires\flec003.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\hidires\lang
    Supprimé ! C:\Users\Marl\AppData\Roaming\hidires\names.txt
    Supprimé ! C:\Users\Marl\AppData\Roaming\hidires\WDIR
    Supprimé ! C:\Users\Marl\AppData\Roaming\hidires\webserver
    Supprimé ! C:\Users\Marl\AppData\Roaming\hidires
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\data.oct
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\flec006.exe
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\list.oct
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Acronis_Privacy_Expert_Corporate_9.0.1298_(Patch).zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Active_Virtual_Desktop_2.01.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Battle_Sudoku_0.61.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\CCNA 640-801 Practice Exam 4.1.0.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\CommView Remote Agent 2.2 Build 82.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Creation 1.0.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Dupehunter Professional 8.0.3402.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\ExercEyes_3.5_[Serial].czip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\ExercEyes_3.5_[Serial].zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Extract Email Addresses From Multiple Web Sites Software 7.0.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\FG Ping 0.1.4.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Free_Image_Editor_2.1.D.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Hollywood North Acting and Modeling Toolbar 2.0.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\ID Folder Protector 1.2 (Serial).zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\PhotoshopRecovery_1.0.0712.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Ping Terminal 2.5.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Prince_for_windows_6.0_Rev_2_[Key+Serial].zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\ProjectForum 6.4.0.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\pType 1.1a.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Thunderstorm 3D 1.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Travel_Icon_Set_1.0_[Patch].zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\Video to Xvid Converter 2.9.0.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared\WinSounds 2.2.zip
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\shared
    Supprimé ! C:\Users\Marl\AppData\Roaming\m\srvlist.oct
    Supprimé ! C:\Users\Marl\AppData\Roaming\m

    ################## | Références de comparaison Bagle MD5 : |

    File : C:\Users\Marl\AppData\Roaming\drivers\winupgro.exe
    -> Crc32 : 483d0c1e | Md5 : 2bd8e3e18c53b45b5ef25d201cf45d15

    ################## | Autres suppressions ... |

    Supprimé ! "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    -> Size : 856064 | Crc32 : 483d0c1e | Md5 : 2bd8e3e18c53b45b5ef25d201cf45d15

    Supprimé ! "C:\Users\Public\Downloads\eMule\Incoming\Absynth 3.0.1.zip"
    -> Contain install.exe | Size : 856064 | with Bagle Crc32 : 483d0c1e

    ################## | Temporary Internet Files |

    Supprimé ! C:\Users\Marl\AppData\Roaming\Microsoft\Windows\Cookies\Low\marl@crackedwarez[1].txt
    Supprimé ! C:\Users\Marl\AppData\Roaming\Microsoft\Windows\Cookies\Low\marl@crackfound[2].txt
    Supprimé ! C:\Users\Marl\AppData\Roaming\Microsoft\Windows\Cookies\Low\marl@crackserialkeygen[2].txt
    Supprimé ! C:\Users\Marl\AppData\Roaming\Microsoft\Windows\Cookies\Low\marl@keygens[1].txt
    Supprimé ! C:\Users\Marl\AppData\Roaming\Microsoft\Windows\Cookies\Low\marl@www.serialshack[1].txt
    Supprimé ! C:\Users\Marl\Local Settings\Temporary Internet Files\Content.IE5\8630Q7A3\b64_1[1].jpg
    Supprimé ! C:\Users\Marl\Local Settings\Temporary Internet Files\Content.IE5\8630Q7A3\mxd[1].jpg
    Supprimé ! C:\Users\Marl\Local Settings\Temporary Internet Files\Content.IE5\MNKIHCP1\file[1].txt
    Supprimé ! C:\Users\Marl\Local Settings\Temporary Internet Files\Content.IE5\MNKIHCP1\mxd2CAKD1WJP.jpg
    Supprimé ! C:\Users\Marl\Local Settings\Temporary Internet Files\Content.IE5\MNKIHCP1\mxd[1].jpg

    ################## | Registre / Clés infectieuses |

    Supprimé ! [HKLM\SYSTEM\ControlSet003\Services\111111s1ro1s1a]
    Supprimé ! [HKLM\SYSTEM\ControlSet003\Services\sK9Ou0s]
    Supprimé ! [HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_111111s1ro1s1a]
    Supprimé ! [HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S]
    Supprimé ! [HKCU\Software\bisoft]
    Supprimé ! [HKCU\Software\DateTime4]
    Supprimé ! [HKCU\Software\MuleAppData]
    Supprimé ! [HKCU\Software\Microsoft\Windows\UI] "KEY540534"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "flec003.exe"
    Supprimé ! [HKU\S-1-5-21-3125660262-3768605899-3569200244-1000\Software\FFC]
    Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
    Supprimé ! [HKLM\software\microsoft\security center] "UacDisableNotify"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"

    ################## | Etat / Services / Informations |

    # Mode sans echec : OK


    # Affichage des fichiers cachés : OK

    # Uac : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
    # Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # windefend -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | PEH ... |

    Corrompu : C:\HP\HPQWare\aim_icq\triton_en_us\Uninstaller.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\Program Files\BitDefender\BitDefender 2009\About.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\BitDefender\BitDefender 2009\BDSurvey.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\Program Files\BitDefender\BitDefender 2009\bdwizreg.exe
    [Offset = 000000E4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
    [Offset = 000000FC - Valeur = 0x0001]

    Corrompu : C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    [Offset = 000000FC - Valeur = 0x0001]

    Corrompu : C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Common Files\BitDefender\BitDefender Update Service\upgrepl.exe
    [Offset = 000000FC - Valeur = 0x0001]

    Corrompu : C:\Program Files\Native Instruments\Absynth 4\Service Center Setup.exe
    [Offset = 000000CC - Valeur = 0x0001]

    Corrompu : C:\Program Files\Spybot - Search & Destroy\blindman.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Spybot - Search & Destroy\Update.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Trojan Remover\Trjscan.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\NAV\External\NORTON\APP\NavShcom.exe
    [Offset = 000000E4 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\NAV\External\NORTON\APP\Navw32.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\NAV\External\NORTON\APP\Navwnt.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Setup\Setup\App\nisoptui.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Setup\Setup\App\osCheck.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Setup\Setup\PIF_96E2\PIFSvc.exe
    [Offset = 000000FC - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\ccCommon\ccCommon\ccApp.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\ccCommon\ccCommon\ccEvtMgr.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\ccCommon\ccCommon\ccSetMgr.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\ccCommon\ccCommon\ccSvcHst.exe
    [Offset = 000000FC - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\AUPDATE.EXE
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LUALL.EXE
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LUCheck.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\LuConfig.EXE
    [Offset = 0000010C - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\LUpdate\WLUEX\NotifyHA.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\Remover\Remover.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\SwSetup\Inetsec\Support\uiNPC\uiNPC\NPC\isUAC.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\Users\Marl\AppData\Local\Temp\{45d707e9-f3c4-11d9-a373-0050bae317e1}\TaskScheduler.exe
    [Offset = 000000E4 - Valeur = 0x0001]


    ################## | Cracks / Keygens / Serials |

    "C:\Users\Marl\Documents\Agno\Propellerheads.Reason.v4.0.HYBRID.DVDR-AiRISO.KEYGEN.EXE"
    02/10/2007 19:59 |Size 164352 |Crc32 dae7a014 |Md5 ac271f7c2907076984144dda7db30c4a

    "C:\Users\Marl\Documents\Agno\absynth keygen\h20_abynth3_keygen.exe"
    27/12/2004 10:55 |Size 132272 |Crc32 b9684f10 |Md5 f61899870310a26ff3c913cc170e5997

    "C:\Users\Marl\Documents\Nouveau dossier\Native Instruments Traktor Scratch Pro v1.1.2-AiR (Cracked) [RH]\Native Instruments Traktor Scratch Pro v1.1.2\TraktorPro.1.1.2_Setup.exe"
    25/03/2009 14:26 |Size 97464654 |Crc32 209baa27 |Md5 abb8cd193fad2e63a0c3fd9c26234bd0

    "C:\Users\Marl\Downloads\eMule\Incoming\Propellerhead.Reason.4.Keygen(Full Version)\Propellerhead.Reason.4.Keygen.exe"
    26/05/2009 17:22 |Size 32768 |Crc32 5345c9d8 |Md5 a9a7b5142f6ba692990a70f76cdcb080

    "C:\Users\Marl\Downloads\Propellerhead.Reason.4.Keygen(Full Version)\Propellerhead.Reason.4.Keygen.exe"
    26/05/2009 17:22 |Size 32768 |Crc32 5345c9d8 |Md5 a9a7b5142f6ba692990a70f76cdcb080

    "C:\Users\Marl\Downloads\TROJAN.REMOVER.6.7.6.with.Keygen.and.patch\Keygen\Keygen.exe"
    11/11/2008 12:50 |Size 55808 |Crc32 50dedf25 |Md5 6e7332e534a23fb9324ca346f5e2f83f

    "C:\Users\Marl\Downloads\TROJAN.REMOVER.6.7.6.with.Keygen.and.patch\Setup\trjsetup676.exe"
    18/02/2009 18:13 |Size 8337248 |Crc32 a25b862b |Md5 e5d3daca7d1c2a9cef57c4a81480835b


    ################## | ! Fin du rapport # FindyKill V5.016 ! |

    merci
    a c 295 8 Sécurité
    27 Octobre 2009 15:29:48

    Bien, relance FindyKill et choisis l'option 4 pour le désinstaller.

  • Désactive l'UAC le temps de la désinfection.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    11 Novembre 2009 16:34:11

    bonjour destrio5 je ne pouvait plus me connecter a internet et dc terminer de regler ces problemes .
    1- je n arrive pas a desinstaller findy kill
    2-j ai desactive l uac ca a marche mais spybot reste tjour actif meme si je le desactive
    3- je ne peut pas executer combofix en tant qu administrateur et celui ci me previent que son execution avec spybot actif risquerait d entrainer des dommages
    irreversibles pr mon ordinateur
    j espere que vous avez une solution a mon probleme merci d avance
    11 Novembre 2009 18:13:55

    j ai pu executer rsit qui m as donne le raport suivant


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Marl at 2009-11-11 18:06:58
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 92 GB (31%) free of 296 GB
    Total RAM: 3068 MB (58% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:07:16, on 11/11/2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18813)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    H:\RSIT.exe
    C:\Program Files\trend micro\Marl.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?

    TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?

    TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: <HTML><HEAD><TITLE>Yahoo!</TITLE>
    O1 - Hosts: </HEAD><BODY BGCOLOR=white vlink=blue>
    O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
    O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE --><center>
    O1 - Hosts: <table width=675 cellpadding=0 cellspacing=2 border=0>
    O1 - Hosts: <tr>
    O1 - Hosts: <td width=1% valign=top><a href="http://www.yahoo.com"><img src=http://us.i1.yimg.com/us.yimg.com/i/yahoo.gif width=147 height=31 border=0

    alt="Yahoo"></a></td>
    O1 - Hosts: <td align=right><font face=arial size=-1><a href="/404/*http://www.yahoo.com">Yahoo!</a> - <a href="http://help.yahoo.com">Help</a></font><hr

    size=1 noshade></td>
    O1 - Hosts: </tr>
    O1 - Hosts: </table>
    O1 - Hosts: <br>
    O1 - Hosts: <table border=0 width=675 cellspacing=0 cellpadding=3>
    O1 - Hosts: <tr>
    O1 - Hosts: <td bgcolor=003399 colspan=2>
    O1 - Hosts: <font face=Arial size=+1 color=white><b>Sorry, the page you requested was not found.</b></font>
    O1 - Hosts: </td>
    O1 - Hosts: </tr></table>
    O1 - Hosts: <br>
    O1 - Hosts: <table border=0 width=675 cellspacing=0 cellpadding=1>
    O1 - Hosts: <tr>
    O1 - Hosts: <td valign=top width=229 bgcolor=ffffff>
    O1 - Hosts: <table width="100%" cellpadding=1 cellspacing=0 border=0 bgcolor=dcdcdc><tr>
    O1 - Hosts: <td valign=top align=center><table width="100%" cellpadding=3 cellspacing=0 border=0 bgcolor=ffffff>
    O1 - Hosts: <tr bgcolor=dcdcdc><td><font face=arial><b>Search Yahoo!</b></font></td></tr>
    O1 - Hosts: <tr bgcolor=white><td valign=top align=center>
    O1 - Hosts: <form action="http://search.yahoo.com/search">
    O1 - Hosts: <input size="14" name="p" value=""> 
    O1 - Hosts: <input type="SUBMIT" value="Search">
    O1 - Hosts: <font face=arial size=-2>• <a href="http://search.yahoo.com/search/options?p=">advanced search</a> • <a

    href="http://buzz.yahoo.com">most popular</a></font>
    O1 - Hosts: </form></td></tr></table>
    O1 - Hosts: <table width=100% border=0 cellspacing=0 cellpadding=3 bgcolor=ffffff>
    O1 - Hosts: <tr bgcolor=ccccff><td>
    O1 - Hosts: <FONT face=arial size=+1>Yahoo! Web Hosting</font>
    O1 - Hosts: </td></tr>
    O1 - Hosts: <tr><td>
    O1 - Hosts: <a href=http://webhosting.yahoo.com/ps/wh/prod/&gt;<img align=left src=http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/j_advan48.... width=48 height=48

    border=0 alt="Yahoo! Web Hosting"></a>
    O1 - Hosts: <font face=arial size=-1>Yahoo! Web Hosting has <a href="http://webhosting.yahoo.com/ps/wh/prod/">three affordable plans</a> to meet your needs -

    starting at just $11.95.
    O1 - Hosts: </td></tr>
    O1 - Hosts: <tr><td align=right>
    O1 - Hosts: <b><font face=arial size=-1><a href=http://webhosting.yahoo.com/ps/wh/prod/&gt;Learn more...</a></font></b>
    O1 - Hosts: </td></tr>
    O1 - Hosts: </table>
    O1 - Hosts: </td></tr></table>
    O1 - Hosts: </td>
    O1 - Hosts: <td width=1> </td>
    O1 - Hosts: <td valign=top align=center width=445>
    O1 - Hosts: <script language="JavaScript" type="text/javascript"
    O1 - Hosts: src="http://adserver.yahoo.com/a?f=76001284&p=geocities&l=MO...">
    O1 - Hosts: </script>
    O1 - Hosts: <noscript>
    O1 - Hosts: <iframe
    O1 - Hosts: src="http://adserver.yahoo.com/a?f=76001284&p=geocities&l=MO..."
    O1 - Hosts: width=470 height=580 marginwidth=0 marginheight=0 hspace=0
    O1 - Hosts: vspace=0 frameborder=0 scrolling=no>
    O1 - Hosts: </iframe>
    O1 - Hosts: </noscript>
    O1 - Hosts: </td>
    O1 - Hosts: </tr>
    O1 - Hosts: </table>
    O1 - Hosts: <br>
    O1 - Hosts: <table cellpadding=0 cellspacing=0 border=0 width=675><tr><td bgcolor=a0b8c8>
    O1 - Hosts: <table cellpadding=1 cellspacing=1 border=0 width="100%">
    O1 - Hosts: <tr valign=top bgcolor=ffffff><td align=center>
    O1 - Hosts: <font face=arial size=-2><A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://address.yahoo.com/">Address Book</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://alerts.yahoo.com/">Alerts</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://auctions.yahoo.com/">Auctions</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://billpay.yahoo.com/">Bill Pay</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://bookmarks.yahoo.com/">Bookmarks</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://briefcase.yahoo.com/">Briefcase</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://broadcast.yahoo.com/">Broadcast</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://calendar.yahoo.com/">Calendar</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://chat.yahoo.com/">Chat</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://classifieds.yahoo.co...">Classifieds</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://clubs.yahoo.com/">Clubs</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://companion.yahoo.com/">Companion</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://experts.yahoo.com/">Experts</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://games.yahoo.com/">Games</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://greetings.yahoo.com/">Greetings</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://geocities.yahoo.com/">Home Pages</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://invites.yahoo.com/">Invites</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://mail.yahoo.com/">Mail</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://maps.yahoo.com/">Maps</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://members.yahoo.com/">Member Directory</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://messenger.yahoo.com/">Messenger</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://my.yahoo.com/">My Yahoo!</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://news.yahoo.com/">News</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://paydirect.yahoo.com/">PayDirect</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://people.yahoo.com/">People Search</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://personals.yahoo.com/">Personals</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://photos.yahoo.com/">Photos</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://shopping.yahoo.com/">Shopping</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://sports.yahoo.com/">Sports</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://finance.yahoo.com/">Stock Quotes</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://tv.yahoo.com/">TV</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://travel.yahoo.com/">Travel</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://weather.yahoo.com/">Weather</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://www.yahooligans.com/">Yahooligans</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://yp.yahoo.com/">Yellow Pages</A> · <A
    O1 - Hosts: href="http://rd.yahoo.com/footer/?http://docs.yahoo.com/docs/...">more...</A>
    O1 - Hosts: </font></td></tr></table></td></tr></table>
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common

    Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft

    Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
    O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update

    "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Microsoft Software32] c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe
    O4 - Startup: Notification de cadeaux MSN.lnk.disabled
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows

    Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7C9EDD43-1B8A-4616-A452-9794AEAB97B5}: NameServer = 81.253.149.9 80.10.246.132
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D3E8404D-9A63-46D3-BBF5-660379FCEF20}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F51B00EA-55E8-4693-B6C9-A5DA57D81264}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32

    \DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32

    \IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common

    Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Users\Marl\Alcohol 52\StarWind\StarWindServiceAE.exe

    --
    End of file - 17722 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Marl.job
    C:\Windows\tasks\User_Feed_Synchronization-{5BF43280-7CFA-438F-82CB-2B51ECAA83CB}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30

    403824]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {DE9C389F-3316-41A7-809B-AA305ED9D922}
    {ecdee021-0d17-467f-a1ff-c7a115230949}
    {381FFDE8-2394-4f90-B10D-FC6124A40F8C}

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
    "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
    "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-23 468264]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
    "OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
    "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
    "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-23 13539872]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-23 92704]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    ""= []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
    "Microsoft Software32"=c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1113\crss.exe []

    C:\Users\Marl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Notification de cadeaux MSN.lnk.disabled - C:\Users\Marl\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2008-12-03 49152]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableLockWorkstation"=0
    "DisableChangePassword"=0
    "DisableCMD"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0
    "HideFastUserSwitching"=0
    "UacDisableNotify"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoLogoff"=0
    "NoClose"=0
    "NoDriveTypeAutoRun"=0
    "NoFolderOptions"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2993e909-4a0b-11de-9541-000000000000}]
    shell\AutoRun\command - F:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53dfbc65-1b5f-11de-9438-00238b14f701}]
    shell\AutoRun\command - F:\wdsync.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{717f39ec-a931-11de-9324-00238b14f701}]
    shell\AutoRun\command - H:\Toshiba\more4you.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e20d223f-4a00-11de-85c4-00238b14f701}]
    shell\AutoRun\command - F:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ecda73c2-b511-11de-b912-00238b14f701}]
    shell\AutoRun\command - H:\EmDesk.exe
    shell\EmDesk\command - H:\EmDesk.exe


    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 3 months======

    2009-11-11 16:51:28 ----N---- C:\Windows\system32\MpSigStub.exe
    2009-11-11 15:26:08 ----D---- C:\Program Files\Alwil Software
    2009-11-11 15:07:49 ----D---- C:\Program Files\Common Files\Real
    2009-11-11 15:07:48 ----D---- C:\Program Files\Real
    2009-10-31 12:56:27 ----SD---- C:\ComboFix
    2009-10-31 09:03:29 ----A---- C:\Windows\zip.exe
    2009-10-31 09:03:29 ----A---- C:\Windows\SWXCACLS.exe
    2009-10-31 09:03:29 ----A---- C:\Windows\SWSC.exe
    2009-10-31 09:03:29 ----A---- C:\Windows\SWREG.exe
    2009-10-31 09:03:29 ----A---- C:\Windows\sed.exe
    2009-10-31 09:03:29 ----A---- C:\Windows\PEV.exe
    2009-10-31 09:03:29 ----A---- C:\Windows\NIRCMD.exe
    2009-10-31 09:03:29 ----A---- C:\Windows\MBR.exe
    2009-10-31 09:03:29 ----A---- C:\Windows\grep.exe
    2009-10-31 09:03:12 ----D---- C:\Windows\ERDNT
    2009-10-31 08:49:59 ----D---- C:\Qoobox
    2009-10-26 14:48:53 ----D---- C:\Program Files\trend micro
    2009-10-26 14:48:52 ----D---- C:\rsit
    2009-10-26 14:12:03 ----HD---- C:\Windows\PIF
    2009-10-26 12:14:14 ----D---- C:\Program Files\Common Files\PC Tools
    2009-10-26 12:14:13 ----D---- C:\Users\Marl\AppData\Roaming\PC Tools
    2009-10-26 12:14:13 ----D---- C:\ProgramData\PC Tools
    2009-10-26 12:14:13 ----D---- C:\Program Files\Spyware Doctor
    2009-10-26 11:04:51 ----D---- C:\Users\Marl\AppData\Roaming\Malwarebytes
    2009-10-26 11:04:37 ----D---- C:\ProgramData\Malwarebytes
    2009-10-26 11:04:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-26 10:57:57 ----D---- C:\SOPHTEMP
    2009-09-06 15:47:34 ----A---- C:\Windows\system32\tzres.dll
    2009-09-06 15:29:30 ----A---- C:\Windows\system32\atl.dll
    2009-09-06 15:29:26 ----A---- C:\Windows\system32\wkssvc.dll
    2009-09-06 15:29:23 ----A---- C:\Windows\system32\mstscax.dll
    2009-09-06 15:29:20 ----A---- C:\Windows\system32\avifil32.dll
    2009-09-06 15:29:12 ----A---- C:\Windows\system32\wmp.dll
    2009-09-06 15:29:10 ----A---- C:\Windows\system32\wmpdxm.dll
    2009-09-06 15:29:08 ----A---- C:\Windows\system32\spwmp.dll
    2009-09-06 15:29:08 ----A---- C:\Windows\system32\dxmasf.dll
    2009-09-06 15:29:07 ----A---- C:\Windows\system32\wmploc.DLL
    2009-09-06 15:28:58 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2009-09-06 15:28:58 ----A---- C:\Windows\system32\Apphlpdm.dll
    2009-08-17 23:33:52 ----A---- C:\Windows\system32\FM20.DLL

    ======List of files/folders modified in the last 3 months======

    2009-11-11 18:07:00 ----D---- C:\Windows\Temp
    2009-11-11 18:02:29 ----D---- C:\Windows\system32\catroot2
    2009-11-11 18:02:29 ----D---- C:\Windows\system32\catroot
    2009-11-11 18:02:25 ----D---- C:\Windows\winsxs
    2009-11-11 16:57:28 ----SH---- C:\autoexec.bat
    2009-11-11 16:51:28 ----D---- C:\Windows\System32
    2009-11-11 16:51:21 ----SHD---- C:\System Volume Information
    2009-11-11 16:28:30 ----D---- C:\Windows\system32\config
    2009-11-11 16:28:12 ----D---- C:\Windows\Tasks
    2009-11-11 16:28:12 ----D---- C:\Windows\system32\Tasks
    2009-11-11 16:28:12 ----D---- C:\Windows\system32\spool
    2009-11-11 16:28:12 ----D---- C:\Windows\system32\Msdtc
    2009-11-11 16:28:12 ----D---- C:\Windows\system32\CodeIntegrity
    2009-11-11 16:28:12 ----D---- C:\Windows\ShellNew
    2009-11-11 16:28:12 ----D---- C:\Windows\inf
    2009-11-11 16:28:12 ----D---- C:\Windows
    2009-11-11 16:28:05 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2009-11-11 16:28:02 ----D---- C:\Windows\system32\wbem
    2009-11-11 16:28:02 ----D---- C:\Windows\registration
    2009-11-11 15:26:47 ----HD---- C:\Windows\system32\drivers
    2009-11-11 15:26:08 ----RD---- C:\Program Files
    2009-11-11 15:11:33 ----D---- C:\ProgramData\Real
    2009-11-11 15:08:51 ----D---- C:\Users\Marl\AppData\Roaming\Real
    2009-11-11 15:08:14 ----D---- C:\Program Files\Common Files
    2009-11-03 11:18:36 ----D---- C:\Windows\Prefetch
    2009-10-31 10:01:59 ----SHD---- C:\Windows\Installer
    2009-10-31 10:01:52 ----D---- C:\ProgramData\Microsoft Help
    2009-10-31 08:54:05 ----HD---- C:\ProgramData
    2009-10-31 08:36:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-10-27 11:30:34 ----D---- C:\Windows\Minidump
    2009-10-26 12:32:23 ----D---- C:\Program Files\Trojan Remover
    2009-10-26 12:32:23 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-10-26 12:15:16 ----AD---- C:\ProgramData\TEMP
    2009-10-18 17:08:32 ----D---- C:\Program Files\Internet Explorer
    2009-10-13 09:24:49 ----D---- C:\Users\Marl\AppData\Roaming\uTorrent
    2009-09-30 00:36:24 ----A---- C:\Windows\ntbtlog.txt
    2009-09-06 18:05:31 ----D---- C:\Windows\rescache
    2009-09-06 17:52:25 ----D---- C:\ProgramData\NVIDIA
    2009-09-06 17:48:33 ----D---- C:\Windows\system32\fr-FR
    2009-09-06 17:48:32 ----D---- C:\Program Files\Windows Media Player
    2009-09-06 15:47:00 ----D---- C:\Windows\AppPatch
    2009-09-06 15:46:33 ----D---- C:\Program Files\Windows Mail
    2009-09-06 15:38:19 ----D---- C:\Program Files\XviD
    2009-09-06 15:30:55 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-09-06 15:30:53 ----D---- C:\Program Files\Steam
    2009-09-06 15:28:55 ----SD---- C:\Windows\Downloaded Program Files
    2009-09-06 15:23:36 ----D---- C:\Program Files\Common Files\microsoft shared
    2009-09-01 16:08:37 ----D---- C:\Users\Marl\AppData\Roaming\Audacity

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-08-07 34608]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 e4usbaw;USB ADSL2 WAN Adapter; C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
    R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
    R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
    R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-06-26 66080]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-23 7494976]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
    R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\Windows\System32\Drivers\e4ldr.sys [2007-01-04 69656]
    S3 aeh8xsmu;aeh8xsmu; C:\Windows\system32\drivers\aeh8xsmu.sys []
    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S3 hamachi_oem;PlayLinc Adapter; C:\Windows\system32\DRIVERS\gan_adapter.sys [2006-08-28 10664]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
    S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
    S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2009-09-10 38224]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
    S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-09-10 32000]
    S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
    R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-08-07 24880]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-23 196608]
    R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-04-23 292232]
    R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-04-23 112008]
    R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
    R2 StarWindServiceAE;StarWind AE Service; C:\Users\Marl\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
    R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
    R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
    S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
    S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-02-21 800040]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 14518


    merci d avance
    a c 295 8 Sécurité
    11 Novembre 2009 19:01:44

  • Démarre Spybot, clique sur Mode, coche Mode avancé.
  • A gauche, clique sur Outils, puis sur Résident.
  • Décoche la case devant Résident "TeaTimer" :

  • Quitte Spybot.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS